urlscan.io logo urlscan.io
SecurityTrails logo

onthitopik.com Open in urlscan Pro
184.168.101.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://onthitopik.com/
Effective URL: https://onthitopik.com/
Submission: On January 30 via manual from VN — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 7 countries across 46 domains to perform 338 HTTP transactions. The main IP is 184.168.101.75, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is onthitopik.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 13th 2023. Valid for: a year.
This is the only time onthitopik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 78 184.168.101.75 26496 (AS-26496-...)
6 172.253.118.95 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
16 157.240.15.13 32934 (FACEBOOK)
31 172.217.194.157 15169 (GOOGLE)
1 104.21.86.49 13335 (CLOUDFLAR...)
10 74.125.68.113 15169 (GOOGLE)
2 173.201.249.4 26496 (AS-26496-...)
1 49.213.95.229 38244 (VINAGAME-...)
1 80.66.79.252 60602 (INOVARE-A...)
1 6 87.250.251.119 13238 (YANDEX)
2 104.21.16.219 13335 (CLOUDFLAR...)
21 142.251.12.94 15169 (GOOGLE)
12 49.213.95.222 38244 (VINAGAME-...)
2 49.213.95.43 38244 (VINAGAME-...)
11 74.125.200.93 15169 (GOOGLE)
5 172.217.194.139 15169 (GOOGLE)
3 14 74.125.24.155 15169 (GOOGLE)
1 49.213.95.44 38244 (VINAGAME-...)
3 49.213.95.240 38244 (VINAGAME-...)
2 49.213.95.247 38244 (VINAGAME-...)
2 45.140.146.101 44477 (STARK-IND...)
25 172.253.118.132 15169 (GOOGLE)
5 64.233.170.156 15169 (GOOGLE)
10 74.125.68.94 15169 (GOOGLE)
1 142.251.175.149 15169 (GOOGLE)
4 142.251.175.95 15169 (GOOGLE)
3 74.125.68.106 15169 (GOOGLE)
1 172.217.194.119 15169 (GOOGLE)
1 142.251.10.132 15169 (GOOGLE)
11 172.253.118.139 15169 (GOOGLE)
4 74.125.68.155 15169 (GOOGLE)
1 2 13.213.97.214 16509 (AMAZON-02)
2 64.233.170.148 15169 (GOOGLE)
1 74.125.130.149 15169 (GOOGLE)
5 19 172.253.118.157 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 3 103.43.90.179 29990 (ASN-APPNEX)
2 2 89.207.22.108 399104 (CNVR-APAC)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 108.156.133.113 16509 (AMAZON-02)
1 1 124.146.153.165 2514 (INFOSPHER...)
1 202.241.208.2 4694 (IDCF IDC ...)
4 4 35.213.12.39 15169 (GOOGLE)
4 4 70.42.32.255 13789 (INTERNAP-...)
1 1 23.209.116.9 20940 (AKAMAI-ASN1)
1 104.21.91.165 13335 (CLOUDFLAR...)
1 23.44.1.119 16625 (AKAMAI-AS)
1 199.232.46.132 54113 (FASTLY)
2 23.108.101.161 59253 (LEASEWEB-...)
2 18.164.52.40 16509 (AMAZON-02)
9 52.22.29.151 14618 (AMAZON-AES)
1 2 50.116.239.135 6336 (TURN-US-ASN)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
2 2 35.71.131.137 16509 (AMAZON-02)
2 2 35.76.19.218 16509 (AMAZON-02)
1 1 18.140.209.19 16509 (AMAZON-02)
1 1 52.72.60.253 14618 (AMAZON-AES)
2 157.240.15.35 32934 (FACEBOOK)
4 43.245.104.145 4773 (MOBILEONE...)
338 50
78    184.168.101.75 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 75.101.168.184.host.secureserver.net
onthitopik.com
6    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
16    157.240.15.13 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
31    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
pagead2.googlesyndication.com
1    104.21.86.49 (None, )

ASN13335 (CLOUDFLARENET, US)
static.rapidglobalorbit.com
10    74.125.68.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f113.1e100.net
img.youtube.com
2    173.201.249.4 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-173-201-249-4.ip.secureserver.net
seal.godaddy.com
1    49.213.95.229 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
sp.zalo.me
1    80.66.79.252 (Chisinau, Moldova)

ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD)
service.specialcraftbox.com
6    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
2    104.21.16.219 (None, )

ASN13335 (CLOUDFLARENET, US)
www.yametric.com
21    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
12    49.213.95.222 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
page.widget.zalo.me
api.widget.zalo.me
2    49.213.95.43 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
za.zdn.vn
11    74.125.200.93 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f93.1e100.net
www.youtube.com
5    172.217.194.139 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f139.1e100.net
www.google-analytics.com
14    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
googleads.g.doubleclick.net
1    49.213.95.44 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
sp-zp.zdn.vn
3    49.213.95.240 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
px.dmp.zaloapp.com
2    49.213.95.247 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
za.zalo.me
2    45.140.146.101 (Chisinau, Moldova)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: vm2027790.stark-industries.solutions
cdn.specialtaskevents.com
gate.getmygateway.com
25    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
tpc.googlesyndication.com
5    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
www.googletagservices.com
10    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.gstatic.com
1    142.251.175.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f149.1e100.net
static.doubleclick.net
4    142.251.175.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f95.1e100.net
jnn-pa.googleapis.com
3    74.125.68.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f106.1e100.net
www.google.com
1    172.217.194.119 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f119.1e100.net
i.ytimg.com
1    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
yt3.ggpht.com
11    172.253.118.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f139.1e100.net
fundingchoicesmessages.google.com
4    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
www.googleadservices.com
2    13.213.97.214 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-97-214.ap-southeast-1.compute.amazonaws.com
fw.adsafeprotected.com
2    64.233.170.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f148.1e100.net
ad.doubleclick.net
1    74.125.130.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f149.1e100.net
s0.2mdn.net
19    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    103.43.90.179 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
2    89.207.22.108 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin02-nessy-float2.dotomi.com
dclk-match.dotomi.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    108.156.133.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-113.sin2.r.cloudfront.net
cr-p1.ladsp.com
1    124.146.153.165 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    202.241.208.2 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
gdn.socdm.com
4    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    23.209.116.9 (Seattle, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-116-9.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    104.21.91.165 (None, )

ASN13335 (CLOUDFLARENET, US)
post.plastformspecial.com
1    23.44.1.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-119.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    199.232.46.132 (Singapore, Singapore)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
2    23.108.101.161 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1t-sindc1.zemanta.com
b1-sindc1.zemanta.com
2    18.164.52.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-40.cdg50.r.cloudfront.net
static.adsafeprotected.com
9    52.22.29.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-29-151.compute-1.amazonaws.com
dt.adsafeprotected.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.76.19.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-19-218.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    18.140.209.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-209-19.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.72.60.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-60-253.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    157.240.15.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-sin6.facebook.com
www.facebook.com
4    43.245.104.145 (Singapore)

ASN4773 (MOBILEONELTD-AS-AP MobileOne Ltd. MobileInternet Service Provider Singapore, SG)
scontent.fsin3-1.fna.fbcdn.net
Apex Domain
Subdomains		 Transfer
78 onthitopik.com
onthitopik.com
3 MB
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
644 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 263
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
231 KB
31 gstatic.com
fonts.gstatic.com
www.gstatic.com
515 KB
21 youtube.com
img.youtube.com — Cisco Umbrella Rank: 3575
www.youtube.com — Cisco Umbrella Rank: 75
1 MB
18 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 955
scontent.fsin3-1.fna.fbcdn.net — Cisco Umbrella Rank: 205198
393 KB
15 zalo.me
sp.zalo.me — Cisco Umbrella Rank: 33625
page.widget.zalo.me — Cisco Umbrella Rank: 87686
za.zalo.me — Cisco Umbrella Rank: 33795
api.widget.zalo.me — Cisco Umbrella Rank: 76815
414 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
95 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
105 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
49 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 28039
b1-sindc1.zemanta.com — Cisco Umbrella Rank: 40158
3 KB
6 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3982
78 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
325 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
3 KB
3 zaloapp.com
px.dmp.zaloapp.com — Cisco Umbrella Rank: 71757
5 KB
3 zdn.vn
za.zdn.vn — Cisco Umbrella Rank: 37100
sp-zp.zdn.vn — Cisco Umbrella Rank: 74333
20 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
29 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5392
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
922 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
r.turn.com — Cisco Umbrella Rank: 4167
869 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
gdn.socdm.com — Cisco Umbrella Rank: 108572
2 KB
2 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 98022
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
976 B
2 yametric.com
www.yametric.com — Cisco Umbrella Rank: 411545
23 KB
2 godaddy.com
seal.godaddy.com — Cisco Umbrella Rank: 21762
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
149 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
758 B
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3835
20 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1933
2 KB
1 plastformspecial.com
post.plastformspecial.com
510 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2898
1 KB
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
656 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
80 KB
1 getmygateway.com
gate.getmygateway.com
17 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
114 KB
1 specialtaskevents.com
cdn.specialtaskevents.com
5 KB
1 specialcraftbox.com
service.specialcraftbox.com — Cisco Umbrella Rank: 153247
4 KB
1 rapidglobalorbit.com
static.rapidglobalorbit.com — Cisco Umbrella Rank: 387695
1 KB
338 46
Domain Requested by
78 onthitopik.com 1 redirects onthitopik.com
31 pagead2.googlesyndication.com onthitopik.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
www.gstatic.com
25 tpc.googlesyndication.com googleads.g.doubleclick.net
onthitopik.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
21 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
19 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
onthitopik.com
14 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
14 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 www.youtube.com onthitopik.com
www.youtube.com
10 www.gstatic.com googleads.g.doubleclick.net
www.youtube.com
www.gstatic.com
10 img.youtube.com onthitopik.com
9 dt.adsafeprotected.com googleads.g.doubleclick.net
8 page.widget.zalo.me sp.zalo.me
page.widget.zalo.me
6 mc.yandex.ru 1 redirects static.rapidglobalorbit.com
onthitopik.com
mc.yandex.ru
6 fonts.googleapis.com onthitopik.com
page.widget.zalo.me
googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 scontent.fsin3-1.fna.fbcdn.net www.facebook.com
4 b1sync.zemanta.com 4 redirects
4 x.bidswitch.net 4 redirects
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.googleadservices.com onthitopik.com
4 jnn-pa.googleapis.com www.youtube.com
4 api.widget.zalo.me page.widget.zalo.me
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com www.youtube.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
3 px.dmp.zaloapp.com page.widget.zalo.me
px.dmp.zaloapp.com
onthitopik.com
2 www.facebook.com connect.facebook.net
static.xx.fbcdn.net
2 pool.admedo.com 2 redirects
2 match.adsrvr.org 2 redirects
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 cr-p1.ladsp.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 ad.doubleclick.net onthitopik.com
2 fw.adsafeprotected.com 1 redirects onthitopik.com
2 za.zalo.me za.zdn.vn
2 za.zdn.vn sp.zalo.me
page.widget.zalo.me
2 www.yametric.com static.rapidglobalorbit.com
www.yametric.com
2 seal.godaddy.com onthitopik.com
2 connect.facebook.net onthitopik.com
connect.facebook.net
2 www.googletagmanager.com onthitopik.com
www.googletagmanager.com
1 sync.srv.stackadapt.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com onthitopik.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 b1-sindc1.zemanta.com googleads.g.doubleclick.net
1 b1t-sindc1.zemanta.com googleads.g.doubleclick.net
1 zem.outbrainimg.com googleads.g.doubleclick.net
1 widgets.outbrain.com googleads.g.doubleclick.net
1 post.plastformspecial.com onthitopik.com
1 analytics.pangle-ads.com 1 redirects
1 gdn.socdm.com onthitopik.com
1 tg.socdm.com 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 gate.getmygateway.com cdn.specialtaskevents.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 cdn.specialtaskevents.com service.specialcraftbox.com
1 sp-zp.zdn.vn page.widget.zalo.me
1 service.specialcraftbox.com onthitopik.com
1 sp.zalo.me onthitopik.com
1 static.rapidglobalorbit.com onthitopik.com
338 66

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
shope.ee
Subject Issuer Validity Valid
onthitopik.com
Go Daddy Secure Certificate Authority - G2		 2023-02-13 -
2024-03-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
rapidglobalorbit.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
mastercert.ext.pki.godaddy.com
Go Daddy Secure Certificate Authority - G2		 2023-09-22 -
2024-10-23		 a year crt.sh
*.zalo.me
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-10		 a year crt.sh
call.colorschemeas.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
yametric.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.widget.zalo.me
RapidSSL TLS RSA CA G1		 2023-08-02 -
2024-08-11		 a year crt.sh
*.zdn.vn
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-17 -
2024-07-17		 a year crt.sh
*.dmp.zaloapp.com
RapidSSL TLS RSA CA G1		 2023-03-10 -
2024-03-23		 a year crt.sh
cdn.specialtaskevents.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
gate.getmygateway.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
plastformspecial.com
GTS CA 1P5		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.outbrainimg.com
R3		 2024-01-27 -
2024-04-26		 3 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.fsin3-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2023-12-16 -
2024-03-15		 3 months crt.sh

This page contains 26 frames:

Primary Page: https://onthitopik.com/
Frame ID: 5F877B0901D08DB9FEBC854FFCA2473B
Requests: 148 HTTP requests in this frame

Frame: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Frame ID: CBC4B404031690107D0508875EDEED25
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 3F49CE8C04D6B7C9098CC1AFA599BE29
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Frame ID: BBA1C5CA3035842B1123AF481DB8E781
Requests: 23 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 99C530CF70D431F1C1C1947D344CB8EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&adk=1812271804&adf=3025194257&lmt=1706610646&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fonthitopik.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643811&bpp=17&bdt=3224&idt=2506&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6159089195683&frm=20&pv=2&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2583
Frame ID: 2894896F14A733656BF77E20D933552A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Frame ID: 86361451DAA03F5B289AB7F6270FF715
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 8F1E5980B5DE3FB6216425829A6D4650
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=1920556500&pi=t.aa~a.2217755125~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=7&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280&nras=3&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1258
Frame ID: 89DB4B0238952DF9E3BFC01C8C597D45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Frame ID: C563C2143F0CC704AB9F4AF9A5E09D1F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 38BF716D787D7B1E36A6CCDE3A9B88CB
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 17B4AD70961FE1E6AC75DB5991A2D84B
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXgI7RwlgXRfBiHIEzSrG6t64J0nn0Sj6QydO56sdwIKJkhTbiKaLsJRO2efABH7RoFGQ_jOY2WBZyrKlzGnuEtKnAacw
Frame ID: 75BB5A3FB1D72863F6D9F5B6E78EF8DC
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: B0824D57520974972374453DAEA819CC
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E0BCABFB00FC3A70E360A7AC5E7722BC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Frame ID: 2C95B92D4C9C1CB124D5E7CA5194872D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 753C19F94E7A9837C74240190007C13D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: A5D4D76D3DEAAE4EE55EE9732102A754
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Frame ID: 11B76A928B1390B1AAF329619C82F10F
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BEB5CD46CA977E265DCFC6CBFD4B9BB7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 2BFBEFB149EFCE39286504C265289BBC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B778BC54FC60A1B91B41CBD21D3D06A9
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Frame ID: B6278C355F6453FDA0E3E382A7F95F49
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37744038A4736A924E039D562DD2348E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F14AAAE7950A5F4276D84DAC95976E5
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Frame ID: 9C0740BCB7D8D2910B16A67A830889C8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - huongiu

Page URL History Show full URLs

  1. http://onthitopik.com/ HTTP 301
    https://onthitopik.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

338
Requests

92 %
HTTPS

0 %
IPv6

46
Domains

66
Subdomains

50
IPs

7
Countries

8101 kB
Transfer

19102 kB
Size

60
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onthitopik.com/ HTTP 301
    https://onthitopik.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://mc.yandex.ru/watch/95781862 HTTP 302
  • https://mc.yandex.ru/watch/95781862/1?redirnss=1
Request Chain 164
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 187
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cprw11s-4ZeSGH-ubjMwPzbOJkAmYy4nOdbn-yfPJEP3MltFCEAEgoIqweGC_BaAB_9uKyAPIAQmoAwHIA8sEqgTGAU_QrijSo323-fQ07QS8O1FTeoGqcZdra0v6sDbPYS3PdU7SxiV63gXl35LzEfEJs5jRVg9df12JicKw9uKG6vzGGWs_tqKFywj4DjCRW3ldM-ROoVCbCprWtANM63cR1xnkl18HeY6k8m1pPYzMuSi6YrOEg0EvH68gnkf-zu2D4_jT4KeFROgQL-1N8Pdd_81agBlxtdt983tdZUlBljAQel4SVQenpqDw8sJ-ZTOH_Xaicfty6DNsecRbxA-2Qt2JedRx_MAEo8Xf6cYDiAWdn_-ALZIFBAgEGAGSBQQIBRgEoAYugAeWhq2iAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENbFLdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYj6jrivSEhAOaCYwBaHR0cHM6Ly93d3cuZ3JhbW1hcmx5LmNvbS9hP3V0bV9tZWRpdW09Y3BjJnV0bV9zb3VyY2U9Z2RuJnV0bV9jYW1wYWlnbj0xMjA4MTY4MDI4NSZ1dG1fY29udGVudD02MjYwOTY0MTY0ODImdXRtX3Rlcm09b250aGl0b3Bpay5jb20mZGV2aWNlPWOACgHICwGiDAgqBgoErLqxAtoMEAoKEJD9m8z3x5ePMRICAQPYEwuIFAHQFQGAFwGyFxwKGggAEhRwdWItNDkxODc5OTU3MTA2MDM2MhgA&sigh=rm7C1URIGkk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_JISke4zq0psRdX8YxTyJYr-dhmm0EMZQJGoG_6_a33AQlnOm4WB5UnB-8Eb6rODeD4lkpi4vxEJcaQ0SorjkoHzwj-PSdkXgbBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f626792a59523c30000000000000000%22,%222%22:%220xef3461b705d8348b0000000000000000%22,%223%22:%220x41db3f01aad4380c0000000000000000%22,%224%22:%220xcd3d84616f54260f0000000000000000%22,%225%22:%220xce20f85699cf011a0000000000000000%22},%22debug_key%22:%223252467502464707894%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226178940556991747217%22}&andc=true
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
Request Chain 237
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbjP3feZhafAsWce19QwiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELW4nmTjs1diHMq47XyXc08&google_cver=1
Request Chain 239
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNTQ2MzY3MDM5NTUxMDk5MQ%3D%3D
Request Chain 257
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_cver=1&google_push=AXcoOmShO_M-ubeajUo6bu0nqDEKypmFHM3YRIW7Xq8O1ig4yqEOemg6fiH_OwiU6KtH-1XXCq1iWDve3amo6gL1kHv8cI5hFaJnWqBaSsXiy9KiA3stbdcGLCstQZjTRytVhvNSvsOufoci9Oz3dH3pe8IeuA HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=548f6a85d28b205f&is_secure=true&networkId=14000&version=1&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_cver=1&google_push=AXcoOmShO_M-ubeajUo6bu0nqDEKypmFHM3YRIW7Xq8O1ig4yqEOemg6fiH_OwiU6KtH-1XXCq1iWDve3amo6gL1kHv8cI5hFaJnWqBaSsXiy9KiA3stbdcGLCstQZjTRytVhvNSvsOufoci9Oz3dH3pe8IeuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0P_JB6uCwM6xfgUAAAAAAA&expiration=1706697054&google_cver=1&is_secure=true&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_push=AXcoOmShO_M-ubeajUo6bu0nqDEKypmFHM3YRIW7Xq8O1ig4yqEOemg6fiH_OwiU6KtH-1XXCq1iWDve3amo6gL1kHv8cI5hFaJnWqBaSsXiy9KiA3stbdcGLCstQZjTRytVhvNSvsOufoci9Oz3dH3pe8IeuA
Request Chain 258
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEEcPYkkc3u65GkQeXabydOU&google_cver=1&google_push=AXcoOmR3DGowTZTylUW37O2fQSIPEKcxTIo2XLMu7yjq49caubXdbDXh0iVjiY0Z8OBUBMtmhLjeAl6Aa_FKJRk50YI8TyP8kdCWrUI0Pbu5iadCfJHtRV_YbQbnNT8UqjgpsllFiiiGqMZIQ412QIKxQL8e-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmR3DGowTZTylUW37O2fQSIPEKcxTIo2XLMu7yjq49caubXdbDXh0iVjiY0Z8OBUBMtmhLjeAl6Aa_FKJRk50YI8TyP8kdCWrUI0Pbu5iadCfJHtRV_YbQbnNT8UqjgpsllFiiiGqMZIQ412QIKxQL8e-w&google_hm=VhLTjdgcTtWN-0N7A77iLC0
Request Chain 259
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOvHBXqhXuqZ22i3xTThw&google_gid=CAESECcy00z_m49Yzp1k8_90JNo&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOvHBXqhXuqZ22i3xTThw&google_gid=CAESECcy00z_m49Yzp1k8_90JNo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOvHBXqhXuqZ22i3xTThw&google_hm=AToMHc7W3W_Lks8AED412IQ0X8A
Request Chain 260
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1&google_push=AXcoOmQf3N0vnNAJRwG7TtjZwNccgTYHct0cA7xrYzz0aNwUYWbDJvp30WKb1IvBDse0_uhDCfLCmYq4rmtBiHthC0bXLRj8rHZskIATMMYk-RaSHEX0KMhbYdw7wk_M-93EeJ0n_ywPk5teZQaX0E-MO1Bf1Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmJqUDNjQ284WUlBQUVJaUo5b0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDkFDcUHMn8e_cN8p6eYz0k&google_cver=1&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8CYfI9qvswbQ2vXrmkl_yn9NNXk1ysxBrvqjtlCVtP4b79HNUvBJwZ2c0ApJoUORIo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDkFDcUHMn8e_cN8p6eYz0k&google_cver=1&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8CYfI9qvswbQ2vXrmkl_yn9NNXk1ysxBrvqjtlCVtP4b79HNUvBJwZ2c0ApJoUORIo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8CYfI9qvswbQ2vXrmkl_yn9NNXk1ysxBrvqjtlCVtP4b79HNUvBJwZ2c0ApJoUORIo&google_hm=syChP06gROq059LZoVx1JQ==
Request Chain 262
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_cver=1&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhvq40DAWBNOEqEioQZI4C6AAKYX0AK2_Kw_0SSTrQ4VJ-6BljJudKfBEdnKWVm-g836k_dVJFcw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhvq40DAWBNOEqEioQZI4C6AAKYX0AK2_Kw_0SSTrQ4VJ-6BljJudKfBEdnKWVm-g836k_dVJFcw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhvq40DAWBNOEqEioQZI4C6AAKYX0AK2_Kw_0SSTrQ4VJ-6BljJudKfBEdnKWVm-g836k_dVJFcw&google_hm=eXhJSFk4YzEzTG9rUEVIX0pRVlQ=
Request Chain 263
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEEtEnmNkyxNJVwczXWrVIyU&google_cver=1&google_push=AXcoOmQTTJSBuLlLemhzzQCuqTTud1VXiNdoStCyopv7EAbfinjpZ7NCei7CqgBplTujWowymU_2g6DP9OkubLPqGMjqIlbRcERHmof_R71KqUSY80IslJPOW__867CYPTUpKMDcJQCP8XYCBgBd6oon-qYZfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQTTJSBuLlLemhzzQCuqTTud1VXiNdoStCyopv7EAbfinjpZ7NCei7CqgBplTujWowymU_2g6DP9OkubLPqGMjqIlbRcERHmof_R71KqUSY80IslJPOW__867CYPTUpKMDcJQCP8XYCBgBd6oon-qYZfg
Request Chain 277
  • https://fw.adsafeprotected.com/rfw/st/1924505/77817687/4.js?adContainerId=gcc_1s-4ZbTgHeXEjMwPzuaRqAQ&cbFunctionName=goog_wrapCb_1s-4ZbTgHeXEjMwPzuaRqAQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fonthitopik.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fonthitopik.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-4918799571060362%26fa%3D1%26ifi%3D11%26uci%3Da!b%26btvi%3D3&adsafe_type=d&adsafe_jsinfo=,id:2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51,c:2O4UD5,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bfb858c85-8mgs2,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.qs.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:a4f86d1d-bf5a-11ee-bd12-eaae805d662b,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_1s-4ZbTgHeXEjMwPzuaRqAQ&cbFunctionName=goog_wrapCb_1s-4ZbTgHeXEjMwPzuaRqAQ&true_pb=
Request Chain 291
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvYEN3M-4ZeeSFZe8jMwPkt2G4A7O3oy3df_e6fzuEdvZHhABIKCKsHhgvwWgAbm02ZICyAEJqQItp9UFAgipPqgDAcgDywSqBMcBT9APpjF31vktYyjUdb3PIO884HfRaSAhWKH96vwQ3CXpqrSHAQrRB6rCLmZEx2Zo03c2hxXreGCjKdPBr49wan6yEmw4CcboHswCANgIWV4wNXngPFrXh1K4W0HXfmVABN9B9W1giXmiDpOff4EK6kS3Gs7gKeHd6ztmmges9R4SscYosgBKHwgP2RxUiSGQ3CG3qCpgN5NzeLtRtEmbZn6QgxOTJF0Z6VcLzGL6YVIqEI5g4hJ4v6GFkXtMHemgA1GCUMCj_MAE8-3PtcwEiAWpvJaTTZIFBAgEGAGSBQQIBRgEoAYugAevy6btAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMegBNIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYnc_PjfSEhAOaCaABaHR0cHM6Ly93d3cuY29jaGxlYXIuY29tL3NnL2VuL2NhbXBhaWduL2NsZWFyP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1taW5kX3NoYXJwX3NnJnV0bV9jb250ZW50PWdkbmN1c3RvbWludGVudHJlbWFya2V0aW5nLWVuZ3NlYXJjaGludGVudIAKAcgLAaIMCCoGCgSsurEC2gwRCgsQgL3M1qGkoO6eARICAQPYEw2IFATQFQGYFgGAFwGyFxwKGggAEhRwdWItNDkxODc5OTU3MTA2MDM2MhgA&sigh=SywMUETpLk8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_Nzjbi4TuCy0VDNTr-3q2CjpXbh_Wr7f0hYFMYzc3OUcEoqzykR_kEoL187hGnh0bOAGoz56zGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x67822e1dc80201c80000000000000000%22,%222%22:%220xe73196e49ad038140000000000000000%22,%223%22:%220x375f99ca4739f90c0000000000000000%22,%224%22:%220x54c316a3c5cc09ed0000000000000000%22,%225%22:%220xd9f7cb5db593e9100000000000000000%22},%22debug_key%22:%2211078163531090149947%22,%22debug_reporting%22:true,%22destination%22:%22https://cochlear.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22576084537%22],%2222%22:[%22true%22],%224%22:[%2201-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215214217115118098737%22}&andc=true
Request Chain 298
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM2QFsfb-0-FeI5LguB2-dk&google_cver=1&google_push=AXcoOmT8TYmyrjNJqx0Mf7wVwa2gVOjWhjp5R3KHzSzxZNm_kJm9oSOyjAyXqQFUIn14NG1JqfVelz8c2nMicvTbQ-PClff2KD1f0yAjNAuHZvmSb3OhqtXxAcWJo-b6Gvv1jMqLQp1xBqUWUqHYprSpPDInpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYzMjE0MDk1NTMwMTU1NTE4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM2QFsfb-0-FeI5LguB2-dk&google_cver=1
Request Chain 299
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAmtv8-gRwQM0E1C5KBw_yk&google_cver=1&google_push=AXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmtv8-gRwQM0E1C5KBw_yk&google_cver=1&google_push=AXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 300
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBKUCLIU7sM9RlUxBfniRsk&google_cver=1&google_push=AXcoOmRNxObIvJs4PQ26JE_mrWeVDMW5Vu5fXaaVig8CgpYwPZbvbuRkWhlNQw3JeO2DTQNLpeDrxgvWkPrnC7wsm8jZ2GNDqJ9rOiS9IBd0WvqcIzetKvkKUxEdcmTFim4bs7_L0IZIimGUUQGZGuwJAEOQ HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBKUCLIU7sM9RlUxBfniRsk&google_cver=1&google_push=AXcoOmRNxObIvJs4PQ26JE_mrWeVDMW5Vu5fXaaVig8CgpYwPZbvbuRkWhlNQw3JeO2DTQNLpeDrxgvWkPrnC7wsm8jZ2GNDqJ9rOiS9IBd0WvqcIzetKvkKUxEdcmTFim4bs7_L0IZIimGUUQGZGuwJAEOQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTQ2NGQzNTItYTNmNC00ZTMxLWFiZjgtZmI4ZTU2NTdiYWNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1464d352-a3f4-4e31-abf8-fb8e5657bacc
Request Chain 301
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDkFDcUHMn8e_cN8p6eYz0k&google_cver=1&google_push=AXcoOmT_rojUvEEemxoUJeayY_mvJGEfkYbM3_M2ijUm447RHohYg4mq80UnEq2BAZFPQW5TE4cZV03B46ls6c_kqUfw3ix-wbCNz98KQA1aYeOY6abv78F7A3sGh8MnFcrbBB1pmSpoDRctkCuaYZeWmu4_6w HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b320a13f-4ea0-44ea-b4e7-d2d9a15c7525 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b320a13f-4ea0-44ea-b4e7-d2d9a15c7525 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=102218b3-cc58-4c90-8005-f51a9a6e83eb&user_group=1&ssp=google&bsw_param=b320a13f-4ea0-44ea-b4e7-d2d9a15c7525 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT_rojUvEEemxoUJeayY_mvJGEfkYbM3_M2ijUm447RHohYg4mq80UnEq2BAZFPQW5TE4cZV03B46ls6c_kqUfw3ix-wbCNz98KQA1aYeOY6abv78F7A3sGh8MnFcrbBB1pmSpoDRctkCuaYZeWmu4_6w&google_hm=syChP06gROq059LZoVx1JQ==
Request Chain 302
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKYQusyhwjdo--tDdvBaOk8&google_cver=1&google_push=AXcoOmQXjZm-nRTwqvd7AJE9_lDmJQSfPn3FoCydu-WZy7V52XfbrT8Ch5qYEdVuTFNQOqTKM7cF20pi9pfogk9chd-FNU4YDcxMVgp90FPUTdg7OalI0xM7rn_l0exXyNeLPaKhFSYps9r696f7vroiDeAs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQXjZm-nRTwqvd7AJE9_lDmJQSfPn3FoCydu-WZy7V52XfbrT8Ch5qYEdVuTFNQOqTKM7cF20pi9pfogk9chd-FNU4YDcxMVgp90FPUTdg7OalI0xM7rn_l0exXyNeLPaKhFSYps9r696f7vroiDeAs&google_hm=eS04UzNOTFhCRTJwRzl5VTNYcEVwXy5vVkJGLmUzbXU4VX5B
Request Chain 303
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_cver=1&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC3DmmcgFGGhYfdASyf5h7Fi7ZtIyJX2owmELg3cqPoxeaXWuRmtsGi56Q95tCzgFwQsuiowUag HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC3DmmcgFGGhYfdASyf5h7Fi7ZtIyJX2owmELg3cqPoxeaXWuRmtsGi56Q95tCzgFwQsuiowUag&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC3DmmcgFGGhYfdASyf5h7Fi7ZtIyJX2owmELg3cqPoxeaXWuRmtsGi56Q95tCzgFwQsuiowUag&google_hm=YkdjLXJOdkxkTl9LT1RCYy10blo=
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKDfx-UR_hdhgF-14ZJpt9o&google_cver=1&google_push=AXcoOmQkqSmr0LRUS8PXAJRNd2Ertn1iG6677J7RgQ09yLGsT8iaBuABJ-LL5tmm1pzdZSMyXYOruLjTR9uSX-Z5sjH1aIRVMhi6vzYeZJQHZDqC3OLQlrwxV6A9XN9rz_8S2kdqUEOtXt76k9XVTuF1B7fxPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yCYkleDTQSlpc7Pw8ELf_Q&google_push=AXcoOmQkqSmr0LRUS8PXAJRNd2Ertn1iG6677J7RgQ09yLGsT8iaBuABJ-LL5tmm1pzdZSMyXYOruLjTR9uSX-Z5sjH1aIRVMhi6vzYeZJQHZDqC3OLQlrwxV6A9XN9rz_8S2kdqUEOtXt76k9XVTuF1B7fxPQ

338 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onthitopik.com/
Redirect Chain
  • http://onthitopik.com/
  • https://onthitopik.com/
764 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache / PHP/7.3.33
Resource Hash
ae26da9f07e798b00d97ce55e30822af2d64aa80d46fd5df3566a6b99b4e9378

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 10:30:38 GMT
link
<https://onthitopik.com/wp-json/>; rel="https://api.w.org/", <https://onthitopik.com/wp-json/wp/v2/pages/243>; rel="alternate"; type="application/json", <https://onthitopik.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

Connection
Upgrade, Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Jan 2024 10:30:37 GMT
Keep-Alive
timeout=5
Location
https://onthitopik.com/
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
X-Redirect-By
WordPress
style.min.css
onthitopik.com/wp-includes/css/dist/block-library/ 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.10
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Tue, 06 Apr 2021 23:50:28 GMT
server
Apache
etag
"2a00d21-e33b-5bf567a917900-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8155
vendors-style.css
onthitopik.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		3 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.7.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:11:13 GMT
server
Apache
etag
"296166c-ccc-5bfdc0a88bab7-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
909
style.css
onthitopik.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		167 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.7.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
99adbddebd04cd72a45a8736c4fae05288a3babb305e8af622c0a576b9ee9f2f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:11:10 GMT
server
Apache
etag
"2961668-29b65-5bfdc0a4ef929-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
16941
styles.css
onthitopik.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 08:48:04 GMT
server
Apache
etag
"2ae15c8-a46-5bfeace1e8496-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
824
woocommerce-layout.css
onthitopik.com/wp-content/plugins/woocommerce/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.2.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960d0b-4605-5bfdc08ca2b3b-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2374
woocommerce.css
onthitopik.com/wp-content/plugins/woocommerce/assets/css/ 		61 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.2.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960d0a-f553-5bfdc08ca2b3b-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8452
nl-zalo-official-chat-public.css
onthitopik.com/wp-content/plugins/zalo-official-live-chat/public/css/ 		101 B
160 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/zalo-official-live-chat/public/css/nl-zalo-official-chat-public.css?ver=1.0.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
b707767f779334b647291a51b682c119812818c5e95c82392c08fec4eb6fccb5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 02:56:07 GMT
server
Apache
etag
"29e13c7-65-5fbb298a862f6-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
81
style.css
onthitopik.com/wp-content/plugins/td-composer/td-multi-purpose/ 		68 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:41:19 GMT
server
Apache
etag
"2d21525-10f52-5bfeb8c82eaeb-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8678
css
fonts.googleapis.com/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
4a20c803bc0f1f8a7d73c63e18b89f38f235cad4118fb259665ed01fdc9176be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 10:30:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 10:30:41 GMT
style.css
onthitopik.com/wp-content/themes/Newspaper/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
f0300e6243307279dea081242f5c1e9039479351015378bb0b53ce1498c47c50

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 10:34:45 GMT
server
Apache
etag
"2a21998-261c5-5bfec4b9f7317-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
24577
style-woocommerce.css
onthitopik.com/wp-content/themes/Newspaper/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/themes/Newspaper/style-woocommerce.css?ver=10.3.9.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
9cac3323389af973f6ffaa20dbb0712755aa578b0072226f883509a5da5ccf82

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 10:34:45 GMT
server
Apache
etag
"2a2199f-51dd-5bfec4b9f7317-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3183
td_legacy_main.css
onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		244 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:40:50 GMT
server
Apache
etag
"2d2067f-3cfe4-5bfeb8ad128df-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
31998
td_legacy_woocommerce.css
onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		3 KB
564 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_woocommerce.css?ver=5.7.10
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
1f943d35819842e0a021170d75509daecaa3bfa35e859344ac3123dc2689a202

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:40:50 GMT
server
Apache
etag
"2d20681-cda-5bfeb8ad128df-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
483
td_standard_pack_main.css
onthitopik.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		621 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:41:49 GMT
server
Apache
etag
"2d216f7-9b323-5bfeb8e577775-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
tdb_less_front.css
onthitopik.com/wp-content/plugins/td-cloud-library/assets/css/ 		106 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:41:34 GMT
server
Apache
etag
"2d215f8-1a97b-5bfeb8d6dbdd1-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12882
jquery.min.js
onthitopik.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
Apache
etag
"2a01162-15d98-5b11746475f40-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30314
jquery-migrate.min.js
onthitopik.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
Apache
etag
"2a0115a-2bd8-5b45debe27b80-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3998
nl-zalo-official-chat-public.js
onthitopik.com/wp-content/plugins/zalo-official-live-chat/public/js/ 		870 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/zalo-official-live-chat/public/js/nl-zalo-official-chat-public.js?ver=1.0.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
1a494bad9094de648041f58491610d1bb694749987c076719de2075edd39b237

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:40 GMT
content-encoding
br
last-modified
Mon, 15 May 2023 02:56:07 GMT
server
Apache
etag
"29e13c9-366-5fbb298a862f6-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
419
js
www.googletagmanager.com/gtag/ 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-194942831-1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d28bcaf1d77ac4a113db4e17886f55ac040edadebb53c6a6cdfb2bf04ccb30be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69817
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jan 2024 10:30:43 GMT
sdk.js
connect.facebook.net/vi_VN/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
b5daf5dba62655bc5b67adc4de4f2adbe54f839d0a0147b6e6b83f20c3a274c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://onthitopik.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jan 2024 10:30:43 GMT
content-md5
f7AjP08bmpOoeg/hq/QYsA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
bWULwlsGHBfdDGpAXvEe+XnPbak5BCECPiA16MitOWncO6S+CNgHQOcBzq0ziuI1rlySF44eiG9Zz//CmsqP3w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
48cd1b50b9e3aad321374dee3c5b93ba
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"0bef8dbd948acc67c3f287d0475a5b73"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:49:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e1744a949a4255b6cee2d9abe2e4551535f281dbb8cb820abcd9b3733c19a1f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52050
x-xss-protection
0
server
cafe
etag
7720771208261457578
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 30 Jan 2024 10:30:43 GMT
/
static.rapidglobalorbit.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.rapidglobalorbit.com/
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.86.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0818c4b2a8c7f4c77fa6bbb4ac1b9d20ec79425206a1a058447035c49266d37

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3HDkJcqVqAQIS6MpQy%2BSAkTw1Pk7wBALd9Y1d30ZJYkVo4tklNMCsqOnAAfYtFbzXtL8EY3kbmF7sx8dK9%2B9woBuZOFZdqm5LOfIFDGkIdQyChUmIj77pn8dtt%2FNk0mP7XMgy82PDGCxqRvBc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cf-ray
84d90a7c7c6c3dea-SIN
alt-svc
h3=":443"; ma=86400
A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2021-04-13-lu%CC%81c-22.13.34.png
onthitopik.com/wp-content/uploads/2021/04/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2021-04-13-lu%CC%81c-22.13.34.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
eb254e425065a42cc3a0b15cc7ab8c2bb579b777627d085800d8a8928c084e21

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Tue, 23 Aug 2022 03:21:48 GMT
server
Apache
accept-ranges
bytes
etag
"29616ae-1e7c1-5e6e01091f324"
content-length
124865
content-type
image/png
wp-emoji-release.min.js
onthitopik.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.10
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
Apache
etag
"2a01213-3795-5b83cfce57d00-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4323
woocommerce-smallscreen.css
onthitopik.com/wp-content/plugins/woocommerce/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.2.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960d10-1b83-5bfdc08ca2b3b-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1061
logo-1.png
onthitopik.com/wp-content/uploads/2021/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/logo-1.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
3ec818f1698b0a9bed616e20ee5269986beff37c7018e54f4d68857fdf4a9644

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Thu, 25 Aug 2022 08:07:08 GMT
server
Apache
accept-ranges
bytes
etag
"2961bf6-205e-5e70c48ac741a"
content-length
8286
content-type
image/png
abc.png
onthitopik.com/wp-content/uploads/2021/04/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/abc.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
cec15ea3389d0fa86e7d6d473fef7bb332395ea9d6df726c0d758a5df6697920

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Tue, 23 Aug 2022 04:02:47 GMT
server
Apache
accept-ranges
bytes
etag
"2961bc7-24b66-5e6e0a31ae637"
content-length
150374
content-type
image/png
banner-web.png
onthitopik.com/wp-content/uploads/2023/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/09/banner-web.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
3ed83f7c5252d4b92fe57a7e474feb9e8923806a370ce4ab0d572bd16aa486a4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Wed, 13 Sep 2023 03:42:16 GMT
server
Apache
accept-ranges
bytes
etag
"2ea0f31-5783-60535587e29e4"
content-length
22403
content-type
image/png
default.jpg
img.youtube.com/vi/2_W8wjr8zIw/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/2_W8wjr8zIw/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
f6d606d09f529b863a2739ec21b8abc2b4523b95c822c2beb4dc9f4ad14b542e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3791
x-xss-protection
0
server
sffe
etag
"1699924494"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/tyjoiPhbCD0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/tyjoiPhbCD0/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
0b0120cc0ad521ebb841fade7e97170b169d155a1106e0e36091f0918efc38f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4027
x-xss-protection
0
server
sffe
etag
"1699424093"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/1yVVsKs97eU/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/1yVVsKs97eU/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
ed3713498bc1bc3fed06ae9c8203a00a2d08d23c2bce55efe4fb3a9e43addab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3821
x-xss-protection
0
server
sffe
etag
"1699318548"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/ux8P4EODuOU/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/ux8P4EODuOU/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
53188c46426202a71b3be2dcd3fb92d56fa6a3337c91fedbdee3aabbb0a881f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4205
x-xss-protection
0
server
sffe
etag
"1699231494"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/CAc9uQ2lSdw/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/CAc9uQ2lSdw/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
ce7ee423447975a7e5001f904a2e9db792b97bb241240ad611cef26586c4d849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3989
x-xss-protection
0
server
sffe
etag
"1699178953"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/abDfbAMH6M8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/abDfbAMH6M8/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
67a79703c2c3cbc535d121963d946122c324bdb8be5c3e72c6022fc08e4d84fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4065
x-xss-protection
0
server
sffe
etag
"1688279282"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/grnccIZh68o/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/grnccIZh68o/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
f03d1042b553fc821a6b2a329644899ae02469b01329abe241279555088391cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3813
x-xss-protection
0
server
sffe
etag
"1688047641"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/RTxYioQgVl0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/RTxYioQgVl0/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
02c32590b46dcb571c7b4ed49ff512f9d4fa5c9903a4ae14afb402077ec648fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3524
x-xss-protection
0
server
sffe
etag
"1685935456"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
default.jpg
img.youtube.com/vi/gID9lc3uGmI/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/gID9lc3uGmI/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
9e0c7ff29750e4d3b6bfc55daf1678c1ffd0e24334d725f112bf7cf3512c0914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4041
x-xss-protection
0
server
sffe
etag
"1685289122"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:44 GMT
default.jpg
img.youtube.com/vi/wJzsS724mM8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/wJzsS724mM8/default.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
64b7afdf4767b7fe1c92565c482c544ba0db14c572dc396d9d40bb9a2ba95362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3805
x-xss-protection
0
server
sffe
etag
"1685286825"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:43 GMT
2-1.png
onthitopik.com/wp-content/uploads/2021/04/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/2-1.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
1c0b4a754bfe9ce907d29f97f5212e9a04d792f544f13c6f01a780a7e5008980

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
last-modified
Thu, 25 Aug 2022 08:03:45 GMT
server
Apache
accept-ranges
bytes
etag
"2961b9c-9033-5e70c3c8e73b8"
content-length
36915
content-type
image/png
getSeal
seal.godaddy.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.godaddy.com/getSeal?sealID=s7L2jjdQF3mKKJb6fjbZdPVZhbJx1lWHT9tlsQ7TyqdpuhsN1RXrMUxs628d
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-249-4.ip.secureserver.net
Software
Apache /
Resource Hash
721979efb5d7c84a280d9491f94da614e96203f7caad07b6ad2937f5fbc63924

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 10:30:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html
Cache-Control
max-age=14400
Expires
Tue, 30 Jan 2024 14:30:45 GMT
coblocks-animation.js
onthitopik.com/wp-content/plugins/coblocks/dist/js/ 		1 KB
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.10.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6be7095fc7b4ccf33a454343009429cda6343ba3c32bb05f1c33a0f242ee2888

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:32 GMT
server
Apache
etag
"2960a91-550-5bfdc080b759a-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
590
wp-polyfill.min.js
onthitopik.com/wp-includes/js/dist/vendor/ 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Mon, 29 Jun 2020 11:50:29 GMT
server
Apache
etag
"2a0104c-183ee-5a937aa4cab40-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32644
hooks.min.js
onthitopik.com/wp-includes/js/dist/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:29:10 GMT
server
Apache
etag
"2a0107e-1b43-5c344d9092180-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2217
i18n.min.js
onthitopik.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/dist/i18n.min.js?ver=6ae7d829c963a7d8856558f3f9b32b43
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:29:10 GMT
server
Apache
etag
"2a01085-27d6-5c344d9092180-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3723
lodash.min.js
onthitopik.com/wp-includes/js/dist/vendor/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.21
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Sat, 11 Jul 2020 00:36:23 GMT
server
Apache
etag
"2a01057-11c65-5aa1fa5a02fc0-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
25108
url.min.js
onthitopik.com/wp-includes/js/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/dist/url.min.js?ver=7c99a9585caad6f2f16c19ecd17a86cd
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
f37005a1dab16d395a5a678b500f00e1c08ee293d2aa940be9b82b1504e27989

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Thu, 10 Mar 2022 20:27:21 GMT
server
Apache
etag
"2a0103f-2237-5d9e30a875c40-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2984
api-fetch.min.js
onthitopik.com/wp-includes/js/dist/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/dist/api-fetch.min.js?ver=25cbf3644d200bdc5cab50e7966b5b03
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
601be129c09bdbb9d98f8f14521bd693a0569aaa88a1b3e2b526f47210240c63

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Wed, 08 Sep 2021 21:06:23 GMT
server
Apache
etag
"2a01087-304d-5cb824129d1c0-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3318
index.js
onthitopik.com/wp-content/plugins/contact-form-7/includes/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 08:48:04 GMT
server
Apache
etag
"2ae15ca-2ac2-5bfeace1e8496-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3031
jquery.blockUI.min.js
onthitopik.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
255c7a1fa69437e6e19994bcd662189c05d12bf98f2eecdee9f31690942336e4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960db0-2503-5bfdc08ca3ec3-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3238
add-to-cart.min.js
onthitopik.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.2.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960d94-bdd-5bfdc08ca3adb-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
974
js.cookie.min.js
onthitopik.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960dc8-72a-5bfdc08ca42ab-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
900
woocommerce.min.js
onthitopik.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.2.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6a2fd8165871a31946da9b2cb6ecc55a0dcbcdbc8b34be6ec4cc9eaafd7ab783

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960dae-812-5bfdc08ca3ec3-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
673
cart-fragments.min.js
onthitopik.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.2.0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Tue, 13 Apr 2021 15:10:44 GMT
server
Apache
etag
"2960d98-b7a-5bfdc08ca3adb-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
934
sdk.js
sp.zalo.me/plugins/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.zalo.me/plugins/sdk.js?ver=5.7.10
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.229 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
79064a8766d900a98247bbc116e488552fb9a2c7d36436a823e77053aa75e7cd
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
server
za-ngx-srv
etag
cbc6013bb2eeee269197cfbcfe0d1818--gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
underscore.min.js
onthitopik.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
Apache
etag
"2a01029-3ead-5be61e48b68c0-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5575
js_posts_autoload.min.js
onthitopik.com/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:41:34 GMT
server
Apache
etag
"2d21610-13fa-5bfeb8d6dc5a1-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1796
tagdiv_theme.min.js
onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		253 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:40:54 GMT
server
Apache
etag
"2d2072b-3f512-5bfeb8b07258e-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
55911
comment-reply.min.js
onthitopik.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/comment-reply.min.js?ver=5.7.10
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 20:02:19 GMT
server
Apache
etag
"2a01032-ba8-5be61e48b68c0-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1230
js_files_for_front.min.js
onthitopik.com/wp-content/plugins/td-cloud-library/assets/js/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 09:41:34 GMT
server
Apache
etag
"2d2160d-8387-5bfeb8d6dc1b9-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7544
wp-embed.min.js
onthitopik.com/wp-includes/js/ 		1 KB
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-includes/js/wp-embed.min.js?ver=5.7.10
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:42 GMT
content-encoding
br
last-modified
Tue, 16 May 2023 15:37:10 GMT
server
Apache
etag
"2a0113e-5c6-5fbd158329580-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
703
h4bfLH
service.specialcraftbox.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.specialcraftbox.com/h4bfLH
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.66.79.252 Chisinau, Moldova, ASN60602 (INOVARE-AS str. Uzinelor 21 of. 37, MD),
Reverse DNS
Software
nginx /
Resource Hash
be94ab61751b7494ad15abe618c21824d31974ee0682c1470bf93236e01879f2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
content-encoding
gzip
server
nginx
content-length
4261
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
tag.js
mc.yandex.ru/metrika/ 		218 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: static.rapidglobalorbit.com
URL: https://static.rapidglobalorbit.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
679a31ec5b9177abc9ed7fe6ca4bee3b694534cced97b4f4c045396185a45500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65b3a10f-129ea"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
76266
expires
Tue, 30 Jan 2024 11:30:45 GMT
matomo.js
www.yametric.com/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yametric.com/matomo.js
Requested by
Host: static.rapidglobalorbit.com
URL: https://static.rapidglobalorbit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 05 Jan 2024 10:39:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6597dc5d-1042f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnV6iPhSqhTb5HBpjCq78PMmflYFXFiVtmS6uqjbMakYpYoLdQzVf7%2FvQl3MrJwzjiq6SYfbfLZiB8LNFvuEeLAP0RdNKN2E3lMVcA66q79SLVECXpRWBMmVGnZA7feRAp28"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cf-ray
84d90a916aee40b6-SIN
alt-svc
h3=":443"; ma=86400
1
mc.yandex.ru/watch/95781862/
Redirect Chain
  • https://mc.yandex.ru/watch/95781862
  • https://mc.yandex.ru/watch/95781862/1?redirnss=1
43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/95781862/1?redirnss=1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:46 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 30-Jan-2024 10:30:46 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 30-Jan-2024 10:30:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:45 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 30-Jan-2024 10:30:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/95781862/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Tue, 30-Jan-2024 10:30:45 GMT
mob.jpg
onthitopik.com/wp-content/uploads/2021/04/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/mob.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
a8f33fc5177c10c013ceaeec16fec77adf848093c30afbb64117f9626506a5d8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Mon, 22 Aug 2022 07:44:08 GMT
server
Apache
accept-ranges
bytes
etag
"296180e-16bf9-5e6cf9cea142f"
content-length
93177
content-type
image/jpeg
image-696x522.jpeg
onthitopik.com/wp-content/uploads/2023/10/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/10/image-696x522.jpeg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
03bb427e74f953317cb2614e48692842cc339df5803241c3d3c36652cd5e6984

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Wed, 18 Oct 2023 03:44:45 GMT
server
Apache
accept-ranges
bytes
etag
"2ea1010-14107-607f575db7621"
content-length
82183
content-type
image/jpeg
image-4-218x150.png
onthitopik.com/wp-content/uploads/2023/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/08/image-4-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
72911d3e5ab9645fcb8eacdd437b126de6600b075a2cc2a38b897c44787b6245

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Mon, 21 Aug 2023 05:32:31 GMT
server
Apache
accept-ranges
bytes
etag
"2ea0eb8-1ded-6036834728e6f"
content-length
7661
content-type
image/png
topik-89-218x150.png
onthitopik.com/wp-content/uploads/2023/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/05/topik-89-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
a23810e64b0dd5d37bb127b52ddebd507c8ffb60c3d3664f2843f368e7c50373

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
last-modified
Tue, 09 May 2023 09:26:14 GMT
server
Apache
accept-ranges
bytes
etag
"2ea011c-1803-5fb3f58c6b787"
content-length
6147
content-type
image/png
A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2023-03-01-lu%CC%81c-12.38.35-218x150.png
onthitopik.com/wp-content/uploads/2023/03/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/03/A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2023-03-01-lu%CC%81c-12.38.35-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
d460975ded196aa6ad7753f18c6640a589ca97ba560d55f32d58cc912d09b719

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
last-modified
Wed, 01 Mar 2023 05:41:34 GMT
server
Apache
accept-ranges
bytes
etag
"2ea0bf4-2766-5f5d02a457e00"
content-length
10086
content-type
image/png
0001-scaled.jpg
onthitopik.com/wp-content/uploads/2023/03/ 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/03/0001-scaled.jpg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
91139cd4858f9daf9232a73337c709311f1c83ebfb69b7779ffd97fdc77ddeb6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
last-modified
Thu, 02 Mar 2023 11:15:07 GMT
server
Apache
accept-ranges
bytes
etag
"2ea0c78-6786c-5f5e8f0f4be07"
content-length
424044
content-type
image/jpeg
truncated
/ 		125 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
elements.png
onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
last-modified
Wed, 14 Apr 2021 09:40:50 GMT
server
Apache
accept-ranges
bytes
etag
"2d206bb-1035-5bfeb8ad13497"
content-length
4149
content-type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:56:36 GMT
x-content-type-options
nosniff
age
74046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:56:36 GMT
newspaper.woff
onthitopik.com/wp-content/themes/Newspaper/images/icons/ 		123 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

Referer
https://onthitopik.com/wp-content/themes/Newspaper/style.css?ver=10.3.9.1
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:41 GMT
content-encoding
br
last-modified
Wed, 14 Apr 2021 10:34:45 GMT
server
Apache
etag
"2a219ac-1eab4-5bfec4b9f7ae7-br"
vary
Accept-Encoding
content-type
font/woff
accept-ranges
bytes
content-length
68596
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:34:39 GMT
x-content-type-options
nosniff
age
75363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:34:39 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:36:26 GMT
x-content-type-options
nosniff
age
75256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:36:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:38:27 GMT
x-content-type-options
nosniff
age
75135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:38:27 GMT
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:37:12 GMT
x-content-type-options
nosniff
age
75210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5604
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:37:12 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:42:09 GMT
x-content-type-options
nosniff
age
74913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:42:09 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:54:44 GMT
x-content-type-options
nosniff
age
74158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5548
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:54:44 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:57:12 GMT
x-content-type-options
nosniff
age
74010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:57:12 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:42:12 GMT
x-content-type-options
nosniff
age
74910
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:42:12 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:54:50 GMT
x-content-type-options
nosniff
age
74152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16552
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:54:50 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:42:07 GMT
x-content-type-options
nosniff
age
74915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:42:07 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:36:45 GMT
x-content-type-options
nosniff
age
3237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 09:36:45 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:39:40 GMT
x-content-type-options
nosniff
age
75062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:39:40 GMT
/
page.widget.zalo.me/ Frame CBC4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Requested by
Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js?ver=5.7.10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
626ad41df68cc332b88ca4b2c3408d4701071ab1f06ed2347a66adfbb6786e4d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-length
1732
date
Tue, 30 Jan 2024 10:30:43 GMT
server
za-ngx-srv
strict-transport-security
max-age=86400
vary
Accept-Encoding, User-Agent
za.js
za.zdn.vn/v3/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://za.zdn.vn/v3/za.js?19752
Requested by
Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js?ver=5.7.10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.43 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
ATS-5-56 /
Resource Hash
72b73d2855e0486d43b842f989c61d012343879c26da5abaccfd8d624bb363d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 08:52:59 GMT
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 09:05:47 GMT
server
ATS-5-56
age
5865
etag
W/"6595236b-5511"
content-type
application/javascript
access-control-allow-origin
*
content-length
8440
bg-1.png
onthitopik.com/wp-content/uploads/2021/04/ 		275 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/bg-1.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
d598674d4e8268f2ecad650d61aad62b027d3b24a1d93b4070f6df80d104f699

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
last-modified
Mon, 29 Aug 2022 09:27:08 GMT
server
Apache
accept-ranges
bytes
etag
"2961b76-44a40-5e75dde28e83a"
content-length
281152
content-type
image/png
/
onthitopik.com/ 		569 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onthitopik.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache / PHP/7.3.33
Resource Hash
4d3c05fa85297651fe3fa2fb569fe68f3b161a94669a21b4db5644bc5c71401d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://onthitopik.com/
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 30 Jan 2024 10:30:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://onthitopik.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
219
expires
Wed, 11 Jan 1984 05:00:00 GMT
player_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api?_=1706610641471
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
ESF /
Resource Hash
32047f50e34d3e948499d645f88d14cdfeb533b44860a8eab816e64330f4db44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=zh-CN for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 30 Jan 2024 10:30:45 GMT
sdk.js
connect.facebook.net/vi_VN/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=166e291bc1661b288bdb756c8c150183
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
ea688ae83c0dfadef80cbed051442c7ff64ab53a8d1576bafbcdb87e8662ec9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://onthitopik.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jan 2024 10:30:44 GMT
content-md5
V0R0tmS6JyNEtjeZlCteJg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88594
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug
KkSClSIfjoQe8XQ2u1aSK/LpSrPOviREv2CV5sqhoH85moC5JrABNLBuqaNAkvlXqqpCb/SDyPhAtH4na71fMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
2c65c01095f9513a3cd1c9d580bbf82d
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e4c7ddcfc2e324b425f9400c4e55e021"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 29 Jan 2025 08:52:25 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DQGG3B27WF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-194942831-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
79ba674fcdcdc11c1637897839b6ef94da8a9a1e43e3db5a1aede6104f761a72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81825
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jan 2024 10:30:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-194942831-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jan 2024 09:29:24 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3681
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jan 2024 11:29:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ff8f069d896fa99207a685cbe5fdef189f2d6586584f220baa75bb8c9f9a52b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140792
x-xss-protection
0
server
cafe
etag
8076836494161071313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 3F49 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
7052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 08:33:12 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 08:33:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame CBC4 		11 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500;700;900&display=swap
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
2fc1849983f4ee3d42dc8f4f6054fddab0301e1417082175dee6bf8d30e4b7cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 10:02:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 10:30:44 GMT
za.js
za.zdn.vn/v3/ Frame CBC4 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://za.zdn.vn/v3/za.js
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.43 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
ATS-5-56 /
Resource Hash
72b73d2855e0486d43b842f989c61d012343879c26da5abaccfd8d624bb363d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 08:52:59 GMT
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 09:05:47 GMT
server
ATS-5-56
age
5865
etag
W/"6595236b-5511"
content-type
application/javascript
access-control-allow-origin
*
content-length
8440
sdk-server-1.0.0.js
sp-zp.zdn.vn/ Frame CBC4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sp-zp.zdn.vn/sdk-server-1.0.0.js
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.44 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
ATS-5-57 /
Resource Hash
d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:04:58 GMT
last-modified
Fri, 26 Aug 2022 06:58:29 GMT
server
ATS-5-57
age
12346
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2889
cphandler.js
page.widget.zalo.me/static/js/ Frame CBC4 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/js/cphandler.js
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
5904f4c6de8f2b7a3912fa215e8486718e0cac1de1832f64b30f3f58c860dfa0
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2279
zinit.js
page.widget.zalo.me/static/js/ Frame CBC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/js/zinit.js?v4
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
f2cac43ec7d08cea5df0a0e24172fe9a63a07bf3eed2e489dc8202987f4bc691
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
908
all.min.css
page.widget.zalo.me/static/css/fa/css/ Frame CBC4 		170 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/css/fa/css/all.min.css
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
text/css
accept-ranges
bytes
main.6927ead3.chunk.css
page.widget.zalo.me/static/static/css/ Frame CBC4 		62 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/static/css/main.6927ead3.chunk.css
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
8e32aaba2e2360f7ebae2b0f418ff65ae2845ebf56735c306c22455ac0bf5b8d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
text/css
accept-ranges
bytes
2.4301bf27.chunk.js
page.widget.zalo.me/static/static/js/ Frame CBC4 		925 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/static/js/2.4301bf27.chunk.js
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
7ab7afe799e6876b7ad3fde95ca3be9af60c08bd48a16dc55e8504c4654247ca
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
application/javascript
accept-ranges
bytes
main.5269fb81.chunk.js
page.widget.zalo.me/static/static/js/ Frame CBC4 		167 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/static/js/main.5269fb81.chunk.js
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
1537decc77ac4b5fb20a12144c7c8611700afe62a25d76f55222b4230c71d684
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:44 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
application/javascript
accept-ranges
bytes
ztr.js
px.dmp.zaloapp.com/ Frame CBC4 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.dmp.zaloapp.com/ztr.js?id=7711843404775064594
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/js/zinit.js?v4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.240 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
3827d2ecbb681a3fc78fa5c25ef1aa27a8aad880245a3255285646adef4b21da
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
strict-transport-security
max-age=86400
content-encoding
gzip
server
za-ngx-srv
content-type
text/javascript;charset=UTF-8
translation.json
page.widget.zalo.me/static/locales/vi/ Frame CBC4 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://page.widget.zalo.me/static/locales/vi/translation.json
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.4301bf27.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
49d6e676ce5f79498b995ebbf1d6ef4ad3222c87a1b8d5c6495524b1a2b38305
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Fri, 12 Jan 2024 07:39:02 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
application/json
accept-ranges
bytes
content-length
1037
t
za.zalo.me/v3/w/ 		210 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://za.zalo.me/v3/w/t
Requested by
Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js?19752
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.247 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
9832a8483487b28181e03d2e86716ec446689a53165be9f5e22d690d47ecc6b1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubdomains;

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
strict-transport-security
max-age=86400; includeSubdomains;
server
za-ngx-srv
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onthitopik.com
access-control-allow-credentials
true
content-length
210
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
161 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DQGG3B27WF&gtm=45je41o0v9118391988&_p=1706610641477&gcd=11l1l1l1l1&dma=0&cid=697482153.1706610645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1706610645&sct=1&seg=0&dl=https%3A%2F%2Fonthitopik.com%2F&dt=Home%20-%20huongiu&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7716
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQGG3B27WF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onthitopik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oa
api.widget.zalo.me/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.widget.zalo.me/v1/oa?oaid=onthitopik
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,zreferrer
Access-Control-Request-Method
GET
Origin
https://page.widget.zalo.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
https://page.widget.zalo.me
access-control-max-age
1728000
allow
GET, HEAD, POST, TRACE, OPTIONS
date
Tue, 30 Jan 2024 10:30:46 GMT
server
za-ngx-srv
strict-transport-security
max-age=86400
zuser
api.widget.zalo.me/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.widget.zalo.me/v1/zuser
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
*/*
Access-Control-Request-Headers
zreferrer
Access-Control-Request-Method
GET
Origin
https://page.widget.zalo.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
access-control-allow-origin
https://page.widget.zalo.me
access-control-max-age
1728000
allow
GET, HEAD, POST, TRACE, OPTIONS
date
Tue, 30 Jan 2024 10:30:46 GMT
server
za-ngx-srv
strict-transport-security
max-age=86400
oa
api.widget.zalo.me/v1/ Frame CBC4 		57 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.widget.zalo.me/v1/oa?oaid=onthitopik
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.4301bf27.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json, text/plain, */*
Referer
https://page.widget.zalo.me/
accept-language
zh-SG,zh;q=0.9
Authorization
1981b09ef3402448c64abb13dc96900eb0bca5d204c92902562e21445d1c9830
Zreferrer
onthitopik.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
strict-transport-security
max-age=86400
server
za-ngx-srv
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
text/json;charset=utf-8
access-control-allow-origin
https://page.widget.zalo.me
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length
57
zuser
api.widget.zalo.me/v1/ Frame CBC4 		57 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.widget.zalo.me/v1/zuser
Requested by
Host: page.widget.zalo.me
URL: https://page.widget.zalo.me/static/static/js/2.4301bf27.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.222 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json, text/plain, */*
Referer
https://page.widget.zalo.me/
accept-language
zh-SG,zh;q=0.9
Zreferrer
onthitopik.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
strict-transport-security
max-age=86400
server
za-ngx-srv
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
text/json;charset=utf-8
access-control-allow-origin
https://page.widget.zalo.me
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Authorization, Zreferrer
content-length
57
www-widgetapi.js
www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1706610641471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
3051a90084894b6f43440c9501c73d59926c72f9fd05fd67c5bb9ba3771e74be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
93121
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68501
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 05:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jan 2025 08:38:44 GMT
JZFYbC
cdn.specialtaskevents.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.specialtaskevents.com/JZFYbC
Requested by
Host: service.specialcraftbox.com
URL: https://service.specialcraftbox.com/h4bfLH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.140.146.101 Chisinau, Moldova, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm2027790.stark-industries.solutions
Software
nginx / PHP/7.4.33
Resource Hash
54753bd05c9a14e23b2ecd6fb242faf57272cc3e1c12688fe1fb117b9f4d4f36

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
Tue, 30 Jan 2024 10:30:48 GMT
matomo.php
www.yametric.com/ 		0
335 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.yametric.com/matomo.php?action_name=Home%20-%20huongiu&idsite=1&rec=1&r=324651&h=18&m=30&s=45&url=https%3A%2F%2Fonthitopik.com%2F&_id=b72e383a8e1f30f7&_idn=1&send_image=0&_refts=0&pv_id=rOxlEG&pf_net=118&pf_srv=2299&pf_tfr=58&pf_dm1=2717&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: www.yametric.com
URL: https://www.yametric.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRzDWleCtuDP8NpM0qNzfM6Nqfu79rkV%2BIx6bFKadQ56yUhFLt5QsA9hEohGUin8X4IY0oBIUJO%2FxZ5UibcpbOgBAmiZkdWcXrWiv0txpEqj4sxMDsQnLC%2BSDef8%2FVOkqX%2B5"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://onthitopik.com
access-control-allow-credentials
true
cf-ray
84d90a9bae6940b6-SIN
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=568810873&t=pageview&_s=1&dl=https%3A%2F%2Fonthitopik.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20huongiu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=864714951&gjid=2131014618&cid=697482153.1706610645&tid=UA-194942831-1&_gid=2064855921.1706610646&_r=1&gtm=457e41t0h2&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=312569030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onthitopik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk
px.dmp.zaloapp.com/ Frame CBC4 		10 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.dmp.zaloapp.com/sdk
Requested by
Host: px.dmp.zaloapp.com
URL: https://px.dmp.zaloapp.com/ztr.js?id=7711843404775064594
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.240 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
1f4109e90f71f3075c49be497aa83487727cc18a6ce09b3f6bd0916062dade48
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://page.widget.zalo.me/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 30 Jan 2024 10:30:45 GMT
strict-transport-security
max-age=86400
server
za-ngx-srv
access-control-allow-methods
POST
content-type
text/json;charset=utf-8
access-control-allow-origin
https://page.widget.zalo.me
access-control-allow-credentials
true
content-length
10
advert.gif
mc.yandex.ru/metrika/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65b3a10f-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 30 Jan 2024 11:30:46 GMT
95781862
mc.yandex.ru/watch/ 		447 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/95781862?wmode=7&page-url=https%3A%2F%2Fonthitopik.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwvmr8lwt395ggz7q7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A432946977777%3Ahid%3A840375413%3Az%3A480%3Ai%3A20240130183045%3Aet%3A1706610646%3Ac%3A1%3Arn%3A289434855%3Arqn%3A1%3Au%3A1706610646127809341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C116%2C2299%2C58%2C726%2C0%2C%2C2663%2C9%2C%2C%2C%2C5864%3Aco%3A0%3Acpf%3A1%3Ans%3A1706610637440%3Agi%3AR0ExLjIuNjk3NDgyMTUzLjE3MDY2MTA2NDU%3D%3Afp%3A4416%3Arqnl%3A1%3Ast%3A1706610646%3At%3AHome%20-%20huongiu&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
0bd0b87e32439014bcf13e34fe9353bf05aed5f74b71c85cea22ad62f12c3e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 30-Jan-2024 10:30:46 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://onthitopik.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Tue, 30-Jan-2024 10:30:46 GMT
2_W8wjr8zIw
www.youtube.com/embed/ Frame BBA1 		94 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
ESF /
Resource Hash
54be81567f4ade652333ab3edad9a3022c4c8ff9c643e342460d022501a15586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=zh-CN for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
t
za.zalo.me/v3/w/ Frame CBC4 		194 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://za.zalo.me/v3/w/t
Requested by
Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.247 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
c12bd7749429ae2b53109eaa342ed38954f4af51753ea0830f8aa9f295f27212
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubdomains;

Request headers

Referer
https://page.widget.zalo.me/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
strict-transport-security
max-age=86400; includeSubdomains;
server
za-ngx-srv
content-type
application/json; charset=utf-8
access-control-allow-origin
https://page.widget.zalo.me
access-control-allow-credentials
true
content-length
194
expires
Thu, 01 Jan 1970 00:00:00 GMT
metrika_match.html
mc.yandex.ru/metrika/ Frame 99C5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
869
content-type
text/html
date
Tue, 30 Jan 2024 10:30:46 GMT
etag
"65b3a10f-365"
expires
Tue, 30 Jan 2024 11:30:46 GMT
last-modified
Fri, 26 Jan 2024 12:09:51 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
tr
px.dmp.zaloapp.com/ Frame CBC4 		43 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.dmp.zaloapp.com/tr?id=7711843404775064594&event=PageView&sessionId=021e0fc5-9834-4401-820f-1566fe1f1399&time=1706610645587&version=2.0&zscript=1&utm_uid=2000.SSZzejyD5z0_Wlkun1KNptwH_Rx8MbhIC9_b_9H8K9rydUoqs4XTa7oMwRwKG5kIDf7llfH2NvOrDm.1&vidDmp=
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.95.240 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
907be2b89def6c1267c8a7bbd7f4728d298406cdd28d4538d2e63b82e402acbe
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://page.widget.zalo.me/?position=null&oaid=onthitopik&welcomemessage=R%E1%BA%A5t%20vui%20khi%20%C4%91%C6%B0%E1%BB%A3c%20h%E1%BB%97%20tr%E1%BB%A3%20b%E1%BA%A1n!&autopopup=0&leftside=false&width=350&height=420&style=2&id=d54c62bd-836c-461e-9942-e94cbe9f4b6f&domain=onthitopik.com&android=false&ios=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 30 Jan 2024 10:30:46 GMT
cache-control
max-age=0
strict-transport-security
max-age=86400
server
za-ngx-srv
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 2894 		399 KB
102 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&adk=1812271804&adf=3025194257&lmt=1706610646&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fonthitopik.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643811&bpp=17&bdt=3224&idt=2506&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6159089195683&frm=20&pv=2&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=2583
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
f81cca0f326a409e3a47458d4b4158c0f83ddf676e331dd9cdeca3aeba630712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
103806
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:47 GMT
expires
Tue, 30 Jan 2024 10:30:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8636 		141 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
418c158f983e8c925d5b06904be61f35fb431d86ce3406de91a59353dc56496f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46464
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:47 GMT
expires
Tue, 30 Jan 2024 10:30:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4000-324x400.png
onthitopik.com/wp-content/uploads/2021/08/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/08/4000-324x400.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
c55916a78fd8ec426fa039ec731291c1914a28c96b0784cb01d9efe29b85488f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
last-modified
Tue, 24 Aug 2021 04:29:51 GMT
server
Apache
accept-ranges
bytes
etag
"34234ee-f15e-5ca4695b8aa93"
content-length
61790
content-type
image/png
td_324x400.png
onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/no-thumb/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/no-thumb/td_324x400.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
ac87416ed845ff96e8e61de3f5b75ba38d4987fc0648f48d9b43f9f4f2c1380e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:47 GMT
last-modified
Wed, 14 Apr 2021 09:40:50 GMT
server
Apache
accept-ranges
bytes
etag
"2d206d7-4029-5bfeb8ad13c67"
content-length
16425
content-type
image/png
A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2022-03-16-lu%CC%81c-15.14.16-324x400.png
onthitopik.com/wp-content/uploads/2022/03/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2022/03/A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2022-03-16-lu%CC%81c-15.14.16-324x400.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
3a9e00a6830fa6be17db8512565427e7992087ef2d24e49820291c0db44136e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:47 GMT
last-modified
Wed, 16 Mar 2022 08:15:08 GMT
server
Apache
accept-ranges
bytes
etag
"2944c32-109be-5da5182ff8edc"
content-length
68030
content-type
image/png
topik93.png
onthitopik.com/wp-content/uploads/2024/01/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2024/01/topik93.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
86b7acb9bd6df0aa5d5b5ce9a7ca5bb941c79609b0b2c8aecbb3a730bc2b8dd9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
last-modified
Thu, 18 Jan 2024 09:12:06 GMT
server
Apache
accept-ranges
bytes
etag
"29e1ef0-cd16-60f34c1f342f3"
content-length
52502
content-type
image/png
td_696x0.png
onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/no-thumb/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/no-thumb/td_696x0.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
de2074e0188c7ad53f5a8261e76b75a29ddf08b5aa1b4b3e62617e7bbb83bdca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:46 GMT
last-modified
Wed, 14 Apr 2021 09:40:50 GMT
server
Apache
accept-ranges
bytes
etag
"2d206da-40e7-5bfeb8ad13c67"
content-length
16615
content-type
image/png
62-ngu-phap-696x479.png
onthitopik.com/wp-content/uploads/2022/08/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2022/08/62-ngu-phap-696x479.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
139e7b1480adb6aaf54f8a4c39c0687cbef8b8c6bb5e3ebf239b096ffbc90ea9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:47 GMT
last-modified
Mon, 22 Aug 2022 03:30:02 GMT
server
Apache
accept-ranges
bytes
etag
"2943ee6-2d489-5e6cc102c0a1b"
content-length
185481
content-type
image/png
trac-nghiem-ngu-phap-696x583.png
onthitopik.com/wp-content/uploads/2021/05/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/05/trac-nghiem-ngu-phap-696x583.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
4529420bb6296311bf4e5f72ce161b2fb73cf8b8520170ec80d6874e65f3e0ee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:47 GMT
last-modified
Thu, 06 May 2021 10:17:29 GMT
server
Apache
accept-ranges
bytes
etag
"2943078-2a63f-5c1a69e63ec12"
content-length
173631
content-type
image/png
TA%CC%89I-DE%CC%82%CC%80-THI-THU%CC%9B%CC%89-NGHE-TOPIK-II-full-50-ca%CC%82u-1-696x696.png
onthitopik.com/wp-content/uploads/2021/09/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/09/TA%CC%89I-DE%CC%82%CC%80-THI-THU%CC%9B%CC%89-NGHE-TOPIK-II-full-50-ca%CC%82u-1-696x696.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
1f2d6b3ddd1daa78b11f8b941a5d45d37a34dbe5a7b9e89fc01d3cd1ecd799af

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
last-modified
Sun, 12 Sep 2021 14:34:15 GMT
server
Apache
accept-ranges
bytes
etag
"3601002-eb79-5cbcd3e2b87e2"
content-length
60281
content-type
image/png
TAI-DE-THI-THU-NGHE-TOPIK-II-full-50-cau-696x696.png
onthitopik.com/wp-content/uploads/2021/05/ 		425 KB
426 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/05/TAI-DE-THI-THU-NGHE-TOPIK-II-full-50-cau-696x696.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6296c96cbbfcb81f11017ec3d2271ca03808bdb141ce66b5dc376c81706f75b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
last-modified
Wed, 12 May 2021 04:09:42 GMT
server
Apache
accept-ranges
bytes
etag
"294344b-6a5d3-5c21a2e1baa68"
content-length
435667
content-type
image/png
onthitopik.com_-218x150.png
onthitopik.com/wp-content/uploads/2021/09/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/09/onthitopik.com_-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6a8de2bc7f42fff0549a3dbf0b1e0fa86cae0feeae74937d5a7a899d0576fb38

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
last-modified
Sat, 18 Sep 2021 09:05:47 GMT
server
Apache
accept-ranges
bytes
etag
"3602577-826d-5cc415a903a56"
content-length
33389
content-type
image/png
topik-78.png
onthitopik.com/wp-content/uploads/2023/10/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/10/topik-78.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
0dc5527bcc334c3d7b7df482ca11a56b6ffd5c723ce5316ef8bcf8d1550567ed

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
last-modified
Fri, 03 Nov 2023 06:46:00 GMT
server
Apache
accept-ranges
bytes
etag
"2ea1448-9b4a-60939db83bfc6"
content-length
39754
content-type
image/png
onthitopik.com-2-218x150.png
onthitopik.com/wp-content/uploads/2022/01/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2022/01/onthitopik.com-2-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
de9940f5e9174f71a14abc6097a4b7b76748ff9cda1bc143d984f20c74c3d004

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Mon, 17 Jan 2022 06:07:11 GMT
server
Apache
accept-ranges
bytes
etag
"2944827-7924-5d5c0f69d82b6"
content-length
31012
content-type
image/png
onthitopik.com-1-218x150.png
onthitopik.com/wp-content/uploads/2022/01/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2022/01/onthitopik.com-1-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
ac5a6dbdda7aab602f15db66c077df910ff1d92975aed878064210547a729bb5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Mon, 17 Jan 2022 05:55:54 GMT
server
Apache
accept-ranges
bytes
etag
"294481b-7acc-5d5c0ce40ac18"
content-length
31436
content-type
image/png
A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2022-03-08-lu%CC%81c-12.24.49-150x102.png
onthitopik.com/wp-content/uploads/2022/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2022/03/A%CC%89nh-chu%CC%A3p-Ma%CC%80n-hi%CC%80nh-2022-03-08-lu%CC%81c-12.24.49-150x102.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
580d176fbb4de052a70635e77fcacc99450365ac586936f7c5bd82441337b99e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Tue, 08 Mar 2022 05:39:11 GMT
server
Apache
accept-ranges
bytes
etag
"2940c74-4b09-5d9ae6690cd2e"
content-length
19209
content-type
image/png
tien-to-hau-to-tieng-han-150x126.png
onthitopik.com/wp-content/uploads/2021/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/10/tien-to-hau-to-tieng-han-150x126.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
6e55d7607a996a77c6dbb006d9b6be838c4a8edb7fbf2961d02d307abfd8abe1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Thu, 21 Oct 2021 08:34:09 GMT
server
Apache
accept-ranges
bytes
etag
"29831b3-6b25-5ced8c22a7485"
content-length
27429
content-type
image/png
image-17-150x262.png
onthitopik.com/wp-content/uploads/2021/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/10/image-17-150x262.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
b55f965a2946a9b9ff75a665c170ab04d24a71d758532303dc4b0d58226774ef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Thu, 14 Oct 2021 08:29:45 GMT
server
Apache
accept-ranges
bytes
etag
"29817b0-6521-5ce4be18ffe07"
content-length
25889
content-type
image/png
BA%CC%89NG-TO%CC%82%CC%89NG-HO%CC%9B%CC%A3P-A%CC%82M-HA%CC%81N-HA%CC%80N-full-ca%CC%81c-go%CC%82%CC%81c-150x126.png
onthitopik.com/wp-content/uploads/2021/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/BA%CC%89NG-TO%CC%82%CC%89NG-HO%CC%9B%CC%A3P-A%CC%82M-HA%CC%81N-HA%CC%80N-full-ca%CC%81c-go%CC%82%CC%81c-150x126.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
791793b9681b13093a6d94372c03ee86f20582ce73135f566301c15248520a54

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Thu, 25 Aug 2022 08:19:04 GMT
server
Apache
accept-ranges
bytes
etag
"29601d2-11ac-5e70c73592bec"
content-length
4524
content-type
image/png
14-150x126.png
onthitopik.com/wp-content/uploads/2021/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/04/14-150x126.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
5dc76b392af2d57412de72e9a46dc7d7d9a4d9451cb89535ccf452632dff68a1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Thu, 25 Aug 2022 08:38:20 GMT
server
Apache
accept-ranges
bytes
etag
"29603b8-18fd-5e70cb8404c5d"
content-length
6397
content-type
image/png
topik93-696x331.png
onthitopik.com/wp-content/uploads/2024/01/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2024/01/topik93-696x331.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
3d6d2c5dee8646297c989eb5ac4da288913274cf6a742d98000e1d7b625438c1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Thu, 18 Jan 2024 09:12:23 GMT
server
Apache
accept-ranges
bytes
etag
"29e1efa-bdb7-60f34c2eae329"
content-length
48567
content-type
image/png
PHAN-BIET-TU-VUNG-TIENG-HAN-1-696x696.png
onthitopik.com/wp-content/uploads/2021/05/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/05/PHAN-BIET-TU-VUNG-TIENG-HAN-1-696x696.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
9d616edf010d999feb18ad36f1f45f8a233ab24b089992191c98f40b0af8c830

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Mon, 17 May 2021 07:33:07 GMT
server
Apache
accept-ranges
bytes
etag
"2940868-19b5c-5c2819ace3685"
content-length
105308
content-type
image/png
image-3.png
onthitopik.com/wp-content/uploads/2023/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2023/08/image-3.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
de3bb36e7d3ac848a6ba8622d6b29518c6c80d4ddc2b12771ef401d1cc224b4b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Thu, 17 Aug 2023 04:08:14 GMT
server
Apache
accept-ranges
bytes
etag
"2ea0d0f-c55-603168f9fb5f2"
content-length
3157
content-type
image/png
tu-vung-thth-trung-cap-4-696x696.png
onthitopik.com/wp-content/uploads/2021/10/ 		386 KB
387 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/10/tu-vung-thth-trung-cap-4-696x696.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
7d375150f11a83ca60de317ffcfd2f40ebb3567952d11ac6c2b5a7b3d05310de

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Mon, 11 Oct 2021 09:26:04 GMT
server
Apache
accept-ranges
bytes
etag
"2980a08-6090e-5ce105173beb3"
content-length
395534
content-type
image/png
tu-vung-thth-trung-cap-4-218x150.png
onthitopik.com/wp-content/uploads/2021/10/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onthitopik.com/wp-content/uploads/2021/10/tu-vung-thth-trung-cap-4-218x150.png
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.101.75 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.101.168.184.host.secureserver.net
Software
Apache /
Resource Hash
4b87da14908d3e2553cae1aeb015f79cdaa62bfceee4f4544d5a145789332f15

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
last-modified
Mon, 11 Oct 2021 09:26:01 GMT
server
Apache
accept-ranges
bytes
etag
"2980a05-b66d-5ce10513ed373"
content-length
46701
content-type
image/png
www-player.css
www.youtube.com/s/player/6ee8f9ce/ Frame BBA1 		359 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6ee8f9ce/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
7d7dfd5386bca8b7045ad883d877772bc7cb96d90b7269021c94d95e806afcb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
93375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47503
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 05:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jan 2025 08:34:31 GMT
embed.js
www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/ Frame BBA1 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
5e3793e9152572a66463856cc8aee43975c7d33820d9b2f655ec82196c2557a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:48:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
92513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16969
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 05:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jan 2025 08:48:53 GMT
www-embed-player.js
www.youtube.com/s/player/6ee8f9ce/www-embed-player.vflset/ Frame BBA1 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6ee8f9ce/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
45061676b383d710f4c08b17e6567189e844cd706c6d9eaef30b48e60f863b15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
93374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97334
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 05:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jan 2025 08:34:32 GMT
base.js
www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/ Frame BBA1 		2 MB
773 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
4949dd2a83e12273dbfb19c5bee58e3ba8daa109b443463de508b7ad96441345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
791206
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 05:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jan 2025 08:48:30 GMT
siteseal_gd_3_h_l_m.gif
seal.godaddy.com/images/3/vi/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.godaddy.com/images/3/vi/siteseal_gd_3_h_l_m.gif
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.201.249.4 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-173-201-249-4.ip.secureserver.net
Software
Apache /
Resource Hash
f13adc7f54c5cd3ef571afd59389b1c7d2ae178268aee24b478554464e53e052

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Wed, 31 Jan 2024 10:30:50 GMT
Date
Tue, 30 Jan 2024 10:30:50 GMT
Cache-Control
max-age=86400
Server
Apache
Accept-Ranges
bytes
Content-Length
3789
Content-Type
image/gif
css
fonts.googleapis.com/ Frame 8636 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
4229b3634f357cd2cf8f7b848a36e0541d273560c2491109a8d26693cb905938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 10:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 10:09:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 10:30:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 8636 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:52:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:52:37 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2579560674582312199/ Frame 8636 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2579560674582312199/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
fce439846d0667f0316c7083f90f113763024320cc17d86d6bd062e4ba22c60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 28 Jan 2025 01:48:27 GMT
date
Mon, 29 Jan 2024 01:48:27 GMT
x-content-type-options
nosniff
age
117741
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24614
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 04:03:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 8636 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8636 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame 8636 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:18:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
47545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 21:18:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 8636 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
34469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 00:56:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 8636 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:40:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
39028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 23:40:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8636 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:48 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 8636 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 01:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 01:53:43 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BBA1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
0cf6dfa2221a8576a9832fc2b1cae64163d403fc2ae30228872770d765135b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Jan 2024 10:30:47 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BBA1 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f149.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:21:41 GMT
x-content-type-options
nosniff
age
547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 10:36:41 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 30 Jan 2024 10:30:48 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BBA1 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
ESF /
Resource Hash
76eab3c87f08190130245bb309a55547b4dd502487ae3b1cee2b049c8b386775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40699
x-xss-protection
0
remote.js
www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/ Frame BBA1 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
sffe /
Resource Hash
c4e5e13051e570e83e44fc5f5cebce3fcd2b456802d0fec9c9a20b9688c2be43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 09:28:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
90139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33902
x-xss-protection
0
last-modified
Mon, 29 Jan 2024 05:16:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jan 2025 09:28:28 GMT
wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
www.google.com/js/th/ Frame BBA1 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/wAFWjcG1j0S59k6y9gmRkscrkcYt8sjUn-04af-yL2Q.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
sffe /
Resource Hash
c001568dc1b58f44b9f64eb2f6099192c72b91c62df2c8d49fed3869ffb22f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 16:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
236836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19705
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Jan 2025 16:43:33 GMT
maxresdefault.jpg
i.ytimg.com/vi/2_W8wjr8zIw/ Frame BBA1 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/2_W8wjr8zIw/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f119.1e100.net
Software
sffe /
Resource Hash
e692b31b0a5544033250dfa52ec8f640df2ecf6e7e72c0928c9f218ad9ed6f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:48 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116382
x-xss-protection
0
server
sffe
etag
"1699924494"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 30 Jan 2024 12:30:48 GMT
truncated
/ Frame BBA1 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
Qj8txeVG4FcSawrjZS_HpAvQ45o8aRXPmOxF-wMShkmJxJ9ePaqXSjkow4o550FQA_3eXzKyfQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame BBA1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/Qj8txeVG4FcSawrjZS_HpAvQ45o8aRXPmOxF-wMShkmJxJ9ePaqXSjkow4o550FQA_3eXzKyfQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
fife /
Resource Hash
831d0dd6f20ade8b76d862df458520645d863717bb349a4bd5ece546339c6729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 08:13:43 GMT
x-content-type-options
nosniff
age
8225
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2404
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 31 Jan 2024 08:13:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBA1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:44:35 GMT
x-content-type-options
nosniff
age
74772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:44:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBA1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:36:59 GMT
x-content-type-options
nosniff
age
75229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:36:59 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBA1 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:37:52 GMT
x-content-type-options
nosniff
age
75176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:37:52 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBA1 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:50:00 GMT
x-content-type-options
nosniff
age
74448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5224
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:50:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
19a416b944a709bb614cf0abda752d79058a4b728b15ca28bd6211ac97433826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56985
x-xss-protection
0
server
cafe
etag
18305095878252703723
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:50 GMT
ca-pub-4918799571060362
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4918799571060362?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
b33967bd8f33de7f8265fed72e068b7672156623824bfdf0725089b3d3dc9df7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HFYlt9hwuhywJowt_Qilnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-HFYlt9hwuhywJowt_Qilnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTNcWf-47VsAheaHjkBAMhIWwc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BBA1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Jan 2024 10:30:49 GMT
truncated
/ Frame 8636 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
855aaf41b9bcce8fa26cda985dbaead0a24783365191a0f0ce467b662c4ea29b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
KQGrXb
gate.getmygateway.com/ 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gate.getmygateway.com/KQGrXb?c=onthitopik.com
Requested by
Host: cdn.specialtaskevents.com
URL: https://cdn.specialtaskevents.com/JZFYbC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.140.146.101 Chisinau, Moldova, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm2027790.stark-industries.solutions
Software
nginx / PHP/7.4.33
Resource Hash
85f4fe6b01478702a7c2581b25a81de3dfbfa871ee5ed0298fc44588f270720a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
Tue, 30 Jan 2024 10:30:52 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 30 Jan 2024 10:30:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BBA1 		90 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/player_ias.vflset/zh_CN/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
ESF /
Resource Hash
c5c0737e98aa0ab1d892f5fea7dcea87ba2794f927e42cc0d8448809b6c4ec1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 30 Jan 2024 10:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame BBA1 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 30 Jan 2024 21:56:32 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 8636 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:57:29 GMT
x-content-type-options
nosniff
age
74000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37964
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:43:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:57:29 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8636 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 12:48:00 GMT
x-content-type-options
nosniff
age
78169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 12:48:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 8636
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cprw11s-4ZeSGH-ubjMwPzbOJkAmYy4nOdbn-yfPJEP3MltFCEAEgoIqweGC_BaAB_9uKyAPIAQmoAwHIA8sEqgTGAU_QrijSo323-fQ07QS8O1FTeoGqcZdra0v6sDbPYS3PdU7SxiV63gX...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f626792a59523c30000000000000000%22,%222%22:%220xef3461b705d8348b0000000000000000%22,%223%22:%220x41db3f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f626792a59523c30000000000000000%22,%222%22:%220xef3461b705d8348b0000000000000000%22,%223%22:%220x41db3f01aad4380c0000000000000000%22,%224%22:%220xcd3d84616f54260f0000000000000000%22,%225%22:%220xce20f85699cf011a0000000000000000%22},%22debug_key%22:%223252467502464707894%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226178940556991747217%22}&andc=true
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x9f626792a59523c30000000000000000","2":"0xef3461b705d8348b0000000000000000","3":"0x41db3f01aad4380c0000000000000000","4":"0xcd3d84616f54260f0000000000000000","5":"0xce20f85699cf011a0000000000000000"},"debug_key":"3252467502464707894","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"22":["true"],"4":["01-30"],"6":["true"]},"priority":"500","source_event_id":"6178940556991747217"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jan 2024 10:30:51 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 Jan 2024 10:30:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f626792a59523c30000000000000000","2":"0xef3461b705d8348b0000000000000000","3":"0x41db3f01aad4380c0000000000000000","4":"0xcd3d84616f54260f0000000000000000","5":"0xce20f85699cf011a0000000000000000"},"debug_key":"3252467502464707894","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"22":["true"],"4":["01-30"],"6":["true"]},"priority":"500","source_event_id":"6178940556991747217"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 8F1E 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=3535549890&pi=t.aa~a.2217760222~rp.1&w=1164&fwrn=4&fwrnh=100&lmt=1706610646&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610643828&bpp=3&bdt=3241&idt=2577&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=473&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=2581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:44:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
35185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 00:44:24 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f626792a59523c30000000000000000%22,%222%22:%220xef3461b705d8348b0000000000000000%22,%223%22:%220x41db3f01aad4380c0000000000000000%22,%224%22:%220xcd3d84616f54260f0000000000000000%22,%225%22:%220xce20f85699cf011a0000000000000000%22},%22debug_key%22:%223252467502464707894%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226178940556991747217%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 10:30:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame BBA1 		28 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time
1706610649902
Content-Type
application/json
X-YouTube-Utc-Offset
480
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
X-YouTube-Client-Version
1.20240123.01.00
X-YouTube-Time-Zone
Asia/Singapore
X-Goog-Visitor-Id
Cgs4MWlrT29RZkVnSSjWn-OtBjIKCgJTRxIEGgAgUw%3D%3D
X-YouTube-Ad-Signals
dt=1706610646808&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C727%2C409&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
generate_204
www.youtube.com/ Frame BBA1 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?2My68A
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8636 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstenWQOTd8pi_slZ6NLFc8YNwcvOfe6En8NCnSOmZ8HeKCAflM-oGPeXjBT1axVC14_idR88CEOZiYQB1JxcNmKABAgR3--VnlhYClzw-YQEXMEscLl1QNcGFcL37mR7UQUfUuifZL8hX1duY5G8oP_tw78&sai=AMfl-YTJeTqLwE_xcgDEFJAjpKN2DOR8dnEJeQtXI0SDjzFMyB32RHv2JCNoQbHQb2RxwZw6Mx8OPX3hAndZcrvYBANvTfo_FdvYFrm9Dt6bjaYgZYBC_JS-wrwpX7nmWsyiBsiTNGlebIIDtQkgCrHw&sig=Cg0ArKJSzEoG-b4lVIIxEAE&cid=CAQSTgAvHhf_JISke4zq0psRdX8YxTyJYr-dhmm0EMZQJGoG_6_a33AQlnOm4WB5UnB-8Eb6rODeD4lkpi4vxEJcaQ0SorjkoHzwj-PSdkXgbBgB&id=lidar2&mcvt=1000&p=0,0,280,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=638066677&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170661064900&rst=1706610646410&rpt=3190&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BBA1 		28 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ee8f9ce/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.93 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f93.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time
1706610651947
Content-Type
application/json
X-YouTube-Utc-Offset
480
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/2_W8wjr8zIw?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fonthitopik.com&widgetid=1
X-YouTube-Client-Version
1.20240123.01.00
X-YouTube-Time-Zone
Asia/Singapore
X-Goog-Visitor-Id
Cgs4MWlrT29RZkVnSSjWn-OtBjIKCgJTRxIEGgAgUw%3D%3D
X-YouTube-Ad-Signals
dt=1706610646808&flash=0&frm=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C727%2C409&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 89DB 		436 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=638066677&adf=1920556500&pi=t.aa~a.2217755125~rp.4&w=1164&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1164x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=7&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280&nras=3&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=218&ady=1629&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=1258
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
406ef3b9c965445d19d8475f8fd9d0efc96cf6d6ab6ef964a6a6d4bea383d27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C563 		143 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
a6978b66270f649ce40a087dc49b0b917060e2166f7beaae24f5a7ccae3e80ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
47265
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 38BF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
7052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 08:33:20 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 08:33:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 17B4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
7052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 08:33:20 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 08:33:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUUfPbETvfee-C_IMCd01aNn1u0W_Zv4o5BW8FBX-Quy1RGYlpHVvKvDzQ1nC-yyo40DkfKSqlh9qO6Aw0N35HbKNTaC4YvfoDYDJ8bwbZz6cziszca-40xL7ze_YtiXOGEVRJ-Cg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUUfPbETvfee-C_IMCd01aNn1u0W_Zv4o5BW8FBX-Quy1RGYlpHVvKvDzQ1nC-yyo40DkfKSqlh9qO6Aw0N35HbKNTaC4YvfoDYDJ8bwbZz6cziszca-40xL7ze_YtiXOGEVRJ-Cg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjEwNjUyLDM0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vbnRoaXRvcGlrLmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
5fd27e32df435aef9451492bb2fa219ec8354a13ade10522ac5524202b5d93dd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WFbvnpA91-2OiCPCWPgurw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WFbvnpA91-2OiCPCWPgurw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDcWf-47VsAhs-rznICAAnblum"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 38BF 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 10:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 09:38:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 10:30:52 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 38BF 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:23:55 GMT
x-content-type-options
nosniff
age
198417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Jan 2025 03:23:55 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 38BF 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 00:42:00 GMT
x-content-type-options
nosniff
age
208132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 27 Jan 2025 00:42:00 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 38BF 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
34473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
14359709190881042667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 00:56:19 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 38BF 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 01:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
33611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9451
x-xss-protection
0
server
cafe
etag
11136001603933606047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 01:10:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 75BB 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXgI7RwlgXRfBiHIEzSrG6t64J0nn0Sj6QydO56sdwIKJkhTbiKaLsJRO2efABH7RoFGQ_jOY2WBZyrKlzGnuEtKnAacw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1924505/77817687/ Frame 17B4 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1924505/77817687/skeleton.js
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.97.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-97-214.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bf2d0c8ae030fdb87799b9757bc2af435636fabdde0e2b607684cda9042e1173

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame 17B4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 18:57:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
56018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 18:57:14 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 17B4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 14:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
72159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 14:28:13 GMT
view
ad.doubleclick.net/pcs/ Frame 17B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvRfsScWhDi-iLB-eeUDZANS1O2RQBUJM9MTg525O5DyS0jihv4eHu73mJVBdhYmmrrG2MDUQPRiWMEKW37C2w5WbFBQ4uEdusfMw4vehXFYd-0N0qqoEU06cjr8-FGwWreR7koc79Q_ThGjcu_FQ9sn2KUZDyLiamZIP3CW_uNrpNMvdhP2yOyxktbIX7wR_8imh94sD_VLZ9B2rs-n4jmGMYJTTY77RByST1WqGdF403kdqfl1yVwz40pemPiCv8u_v8DI24qZdZYzdyMPJ_tmF45IIQlezSyzefa86xGpz8tAfprYjLiFsu4OsDN_qY6AZ9ec79_3ZtRp0Iye7TFiprwvMcehz4TX0NJcFeWcV1pWZoD04xe1uRwzA8Fe0Z9Pjw1ZVtPoLIJEuspyuw8Nwux3RbI4cFTqWFAEox7z8oUjv03_RaS8lCf6M_NgVfJuW4j_PqUr66e4KEEC4wfIm1K7BeayxudbqQxyMhfUsMFbtJMZgyAGTgYAO7CYILMK803TTx2QYaiussE0P4vpy6qlIotPHnA29DS83ImN-ZgRPeCwNTXnR2F2h6swMAzN2KLvvFurC36K8D6ScJLlKJ2iiiMS3o25P8YHc8NifEFG8LqayD9WyFYKepg7aQ6PhO6g2NzB-y7ZP9rnEMYtcSqZfMpHpBEPIE-KgWpXBceCwNIBKUoFxea7JWNeWC2bjGJ6pQYHSO53WRMG7H1JEhyTmJ2Xv--s9GD-MsMa3nlJcymkKUcZBSA7oLQK-BmOzjPMkiUE54uRvCAWiBBumiO16LBMd-KgihBGOug83WAqcsmiTF-JpNupBUGDl9IN7CFtbiwJ5rLlOb2tmH_pn6MHABvOfJfD6SWrUPBiT5SZ--bGVyMngAUX-41UU0erUVlD-QUHRNFXj_l-7DohjE0GpVrYwfZwQr_cmUCaJs2GovD_gJ4Bb1AlwZbv8yBbORANrpuWbkiYq7bsVVQgiwnYJCoNO57iQ8oWN4q7HwdCzc9H9xhEE5qDD20-V7-W9b82OpPBRc1BVyTamHlAeCz9vpTKh8wo0hDviaFKAeEVmxM4GGRC95SuPTVpOVz4tEdwNSsoWeJTC0EslzvczA7zpWVevXdcsrHKtkrHt8OGrS1yGkx3ThHBeUgYz6egHnpODTKJK8M92Gm3dogfHsDtaorRoCBBE0TFoFvHPbN0d6Oq_5FDorBRrIxgNEcuiERGey0W6uX1G6wu0rvMUCcGOMZqdHeTAlYf9uWBXUPW627O1697WltHyOIlwdFpmSHmM0HOeW7at3WJCn9VYnNfOLYkwEy6OV1AUC9zNyC&sai=AMfl-YSnpiQxj7j1jKa-Pm30ED3QGBmFgIvVz4SkSlZUeAK6GxHqYS1GpMSvuah4YzTk5iP9K3hfn-EUY1d5jNLyQlHGfi3TPSUYJe1vZPznXQ1GoCqDRkVh4NNgRXty04wYglKTADqXbxcghhG8OzObKS6C58vjOskl-WR4Fo6-AyGTmiKO-4jvM1SDTRNlC8KJIvXYEWLAllyUM84Bqh7UlIFmh5DgtVPVX7jbTsn_ROiEsgGr1YzXQKGJKGLF49VjYixqlZDNaPvU9JJprXHHZThSDjWgeOPXjBulacojrxKIMZMSb4BwP6NArpbEA_WYfGW50RYO7t6S5BodsQ06IpWwl9da0KCOzLCvbC63LSG74qdjEkQb15gbIciLLYQnDQ-sxGBbj1pO-mEQkIuD_jlzgLzX4dQmT0canQHVvjujBoJZMDPwpoSldR1X38UZjGt4tKU_yVu1AkcZjOfhn-bUi1s-5tQJjCbTd8qpHuciQ1d0OjTuM26pjMcLyVLDgtbYfRlat5jkXA&sig=Cg0ArKJSzMmQSmPxZveUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sYXphZGEuc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240124.08453&arae=0&ftch=1&adurl=
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 Jan 2024 10:30:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:53 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 17B4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
298806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 23:30:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 17B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
34473
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 00:56:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 17B4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:40:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
39032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 23:40:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17B4 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B75sY3OVYthB1DUBYwHbGFW_y6AGUd7XaGxp2zMdYLAPOuz4gv8DCXOGjIRWmqz1BznhPt3aj9mc_8ZlF0ak90hC-UG0AG1WKwM5soUBH-1Zu8lvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 17B4 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:52 GMT
6841486161983271656
s0.2mdn.net/simgad/ Frame 17B4 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6841486161983271656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
sffe /
Resource Hash
162bf1963f866686d1e53e1eec3a67d57bde651d98706e097b23d87666c7b7c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 02:53:37 GMT
date
Sun, 28 Jan 2024 02:53:37 GMT
x-content-type-options
nosniff
age
200236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81155
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 08:57:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
AGSKWxWzWYhrnKfkxVCpTSRAo-LSN1Pf20t3aR1hjAuZSEfJ8AWUdrDjLYMwMnp_llMpJNcrEsjoGXzjpWAWDKLDcRUCavxlhRXNNcFPb-_s5hxyU0YdLUXEyTNjkzEHAX99NbeoDf2Y6Q==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWzWYhrnKfkxVCpTSRAo-LSN1Pf20t3aR1hjAuZSEfJ8AWUdrDjLYMwMnp_llMpJNcrEsjoGXzjpWAWDKLDcRUCavxlhRXNNcFPb-_s5hxyU0YdLUXEyTNjkzEHAX99NbeoDf2Y6Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjEwNjUyLDQ3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInpoLUNOIl0sImh0dHBzOi8vb250aGl0b3Bpay5jb20vIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
41e4f8b7bc4f5fb14885c606c89c2376c2f376240d8740803eb0ba4e916a41fa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AXwW5XC90OMFPIx-AfA46A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AXwW5XC90OMFPIx-AfA46A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KchxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZOL6-ZJIAYjUgfif5iukbEO_w8WB5Ez6dlS1iOuvpgumsl4GYrWI6Kx8Qx9VNZ80BYr5101k1109n3XJmOuseII55Pp01BYgXs85gXQ3EUwJnsM4B4pboGayTgNgpfQZrABB_zpzB-huIfepnsEYBcdntc6x1QCzEw3Fn_uO1bAIf1m9qZQIAeslggw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame B082 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 15:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 15:04:52 GMT
0110454cf6afe635cd63d86303d7d262.js
www.gstatic.com/mysidia/ Frame B082 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0110454cf6afe635cd63d86303d7d262.js?tag=leadgen/frosmoth_text
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
81b8bef55def091f2ecc976f4790ba7330800ae6ad39fe7e418da668fc5a56ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42747
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 21:05:04 GMT
d0c418fd7c3c9b1fa25e4b07b8f8ee33.js
www.gstatic.com/mysidia/ Frame B082 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 19:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8305
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 19:07:56 GMT
css
fonts.googleapis.com/ Frame B082 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 10:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 08:36:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 10:30:52 GMT
mdc_list_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame B082 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
12952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6467
x-xss-protection
0
server
cafe
etag
4758454654811317262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 31 Jan 2024 06:55:00 GMT
mdc_menu_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame B082 		51 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
1276
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11146
x-xss-protection
0
server
cafe
etag
2759356358486721826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 31 Jan 2024 10:09:36 GMT
mdc_menu_surface.min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame B082 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:19:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
4291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4739
x-xss-protection
0
server
cafe
etag
18373107336927916518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 31 Jan 2024 09:19:21 GMT
mdc_select_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame B082 		103 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
85472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18791
x-xss-protection
0
server
cafe
etag
10996637669125113147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:46:20 GMT
mdc_textfield_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame B082 		58 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:07:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
77018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10107
x-xss-protection
0
server
cafe
etag
7588401036457704084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Jan 2024 13:07:14 GMT
mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame B082 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:30:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
3604
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3021
x-xss-protection
0
server
cafe
etag
18113988596513574663
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 31 Jan 2024 09:30:48 GMT
mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame B082 		3 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 20:32:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
50292
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
766
x-xss-protection
0
server
cafe
etag
14497039402300002370
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Jan 2024 20:32:40 GMT
mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame B082 		2 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:44:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
35165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
611
x-xss-protection
0
server
cafe
etag
18268606943400439583
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:44:47 GMT
mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame B082 		37 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
47289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3940
x-xss-protection
0
server
cafe
etag
17986137158686949241
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Jan 2024 21:22:43 GMT
mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame B082 		51 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
46345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4595
x-xss-protection
0
server
cafe
etag
17552977722549843295
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 30 Jan 2024 21:38:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame B082 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:52:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:52:37 GMT
a9236e80b53d06124e135fbb61f51146.js
www.gstatic.com/mysidia/ Frame B082 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a9236e80b53d06124e135fbb61f51146.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
a8fcf6605dc44f9b2b7cd65ce594db86a9f7a06f3efc07a984148c8ce388ca30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 05:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9797
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 05:07:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame B082 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:18:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
47550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 21:18:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame B082 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
34474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 00:56:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame B082 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:40:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
39032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 23:40:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B082 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 75BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXgI7RwlgXRfBiHIEzSrG6t64J0nn0Sj6QydO56sdwIKJkhTbiKaLsJRO2efABH7RoFGQ_jOY2WBZyrKlzGnuEtKnAacw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDDhBlnf0zg1Dve9pX%2FJgY%2BhZiWkoiypZLo%2BLTSbyiCtlhO3ZBoVs0EQoLaYBvDQSwE9WdHVv8E70IkITSHJ2ubI3MXZFlR1Z0Dv2RDdSkq7zFtCu53tfpjsEjB4p5gd%2BgM%2BhYPMaPxpBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d90ac92be5a03c-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 75BB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbjP3feZhafAsWce19QwiAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXgI7RwlgXRfBiHIEzSrG6t64J0nn0Sj6QydO56sdwIKJkhTbiKaLsJRO2efABH7RoFGQ_jOY2WBZyrKlzGnuEtKnAacw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbxXWFtgQ2nIGvV5pMoP4waPnGxJH%2FrFAt1xkyKE2SI7NURHPntAa9AsN7K7T%2BjQQRJZeHikqj7qPAhD4z07zXQEa32UrMcyGnny8wurnOW7NGFZU69cwQFWniW%2FBN1qd9aXRSdfieRfJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84d90acb393f4d3f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENGMV5fK0sO_FberJ3SPuuc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 75BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELW4nmTjs1diHMq47XyXc08&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELW4nmTjs1diHMq47XyXc08&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXgI7RwlgXRfBiHIEzSrG6t64J0nn0Sj6QydO56sdwIKJkhTbiKaLsJRO2efABH7RoFGQ_jOY2WBZyrKlzGnuEtKnAacw
Protocol
H2
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
an-x-request-uuid
e4657b3f-457a-4579-98d1-5aca1e6bb619
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
119.56.107.45; 119.56.107.45; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELW4nmTjs1diHMq47XyXc08&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNTQ2MzY3MDM5NTUxMDk5MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNTQ2MzY3MDM5NTUxMDk5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXgI7RwlgXRfBiHIEzSrG6t64J0nn0Sj6QydO56sdwIKJkhTbiKaLsJRO2efABH7RoFGQ_jOY2WBZyrKlzGnuEtKnAacw
Protocol
H2
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
an-x-request-uuid
c4686760-4eba-4b4d-8768-9ce189d3a330
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgwNTQ2MzY3MDM5NTUxMDk5MQ%3D%3D
x-proxy-origin
119.56.107.45; 119.56.107.45; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E0BC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
284321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 03:32:11 GMT
expires
Sun, 26 Jan 2025 03:32:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DQGG3B27WF&gtm=45je41o0v9118391988&_p=1706610641477&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=697482153.1706610645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEII&_s=2&sid=1706610645&sct=1&seg=0&dl=https%3A%2F%2Fonthitopik.com%2F&dt=Home%20-%20huongiu&en=ad_impression&ep.query_id=COTJ64r0hIQDFesNgwMdzVkCkg&_et=3204&tfd=15169
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQGG3B27WF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onthitopik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 17B4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc71568e49d85f5e427b207431efe320138b2f7d8b8b93882917a299ffc44744

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame 2C95 		50 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
00687710f786ef2f429c16e3b09855a9cf805a1b0621a6bafa16983151f41d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18560
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:53 GMT
expires
Tue, 30 Jan 2024 10:30:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C563 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 10:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 10:22:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 10:30:53 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame C563 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 06:52:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 06:52:37 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10436147914283633134/ Frame C563 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10436147914283633134/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
2c40587955b6b11c12bf0e7c6884a502c937887573ea69e369c02520d328d3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 28 Jan 2025 17:10:39 GMT
date
Mon, 29 Jan 2024 17:10:39 GMT
x-content-type-options
nosniff
age
62414
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33497
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 07:59:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame C563 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C563 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame C563 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:18:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
47550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 21:18:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame C563 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
34474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 00:56:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 753C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
7050
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 08:33:23 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 08:33:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame C563 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:40:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
39033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 23:40:20 GMT
l
www.google.com/ads/measurement/ Frame C563 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjWO3plctVJNQ35LBcnNhIazMBAOsLJS18p-ye3LbsYdu912iftbyi7UkGpQYGZd4k7BGewquV3Ps6WjSHdnbspx7GCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C563 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:53 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame C563 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 01:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 01:53:43 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame E0BC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 08:34:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
7003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 08:34:10 GMT
pixel
cm.g.doubleclick.net/ Frame 753C
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_cver=1&google_push=AXcoOmShO_M-ubeajUo6bu0nqDEKypmFHM3YRIW7Xq8O1ig4yqEOemg...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=548f6a85d28b205f&is_secure=true&networkId=14000&version=1&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_cver=1&google_push=AXcoOmShO_M-...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0P_JB6uCwM6xfgUAAAAAAA&expiration=1706697054&google_cver=1&is_secure=true&google_gid=CAESEKW865oqCM7A2rIX2gj5h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0P_JB6uCwM6xfgUAAAAAAA&expiration=1706697054&google_cver=1&is_secure=true&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_push=AXcoOmShO_M-ubeajUo6bu0nqDEKypmFHM3YRIW7Xq8O1ig4yqEOemg6fiH_OwiU6KtH-1XXCq1iWDve3amo6gL1kHv8cI5hFaJnWqBaSsXiy9KiA3stbdcGLCstQZjTRytVhvNSvsOufoci9Oz3dH3pe8IeuA
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALh0P_JB6uCwM6xfgUAAAAAAA&expiration=1706697054&google_cver=1&is_secure=true&google_gid=CAESEKW865oqCM7A2rIX2gj5hFM&google_push=AXcoOmShO_M-ubeajUo6bu0nqDEKypmFHM3YRIW7Xq8O1ig4yqEOemg6fiH_OwiU6KtH-1XXCq1iWDve3amo6gL1kHv8cI5hFaJnWqBaSsXiy9KiA3stbdcGLCstQZjTRytVhvNSvsOufoci9Oz3dH3pe8IeuA
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 753C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEEcPYkkc3u65GkQeXabydOU&google_cver=1&google_push=AXcoOmR3DGowTZTylUW37O2fQSIPEKcxTIo2XLMu7yjq49caubXdbDXh0iVjiY0Z8OBUBMtmhLjeAl6...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmR3DGowTZTylUW37O2fQSIPEKcxTIo2XLMu7yjq49caubXdbDXh0iVjiY0Z8OBUBMtmhLjeAl6Aa_FKJRk50YI8TyP8kdCWrUI0Pbu5iadCfJHtRV_YbQbnNT8U...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmR3DGowTZTylUW37O2fQSIPEKcxTIo2XLMu7yjq49caubXdbDXh0iVjiY0Z8OBUBMtmhLjeAl6Aa_FKJRk50YI8TyP8kdCWrUI0Pbu5iadCfJHtRV_YbQbnNT8UqjgpsllFiiiGqMZIQ412QIKxQL8e-w&google_hm=VhLTjdgcTtWN-0N7A77iLC0
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmR3DGowTZTylUW37O2fQSIPEKcxTIo2XLMu7yjq49caubXdbDXh0iVjiY0Z8OBUBMtmhLjeAl6Aa_FKJRk50YI8TyP8kdCWrUI0Pbu5iadCfJHtRV_YbQbnNT8UqjgpsllFiiiGqMZIQ412QIKxQL8e-w&google_hm=VhLTjdgcTtWN-0N7A77iLC0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 753C
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOvHBXqhXuq...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOv...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOvHBXqhXuqZ22i3xTThw&google_hm=AToMHc7W3W_Lks8AED412IQ0X8A
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
via
1.1 96284f61084e7118716cb8c5c34dd7a0.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS9eBGS3SCffljk--ARxe5P1TShXueRLkSlZU3iHHvMREo7V3RqM5PaGXZMZhV2c7JjpBenfydiAkp1TCKTQNBOJw-KD-0shuPybtqU9WAg2IZq9OQBf7eBwDEmicaOfdfLOvHBXqhXuqZ22i3xTThw&google_hm=AToMHc7W3W_Lks8AED412IQ0X8A
cache-control
no-cache
content-length
0
x-amz-cf-id
EmZ-RVIrTV0iTZg4mxTBrqtq6oJl1ZEJ6gHAlT_pRLwYOckSzIi7pw==
expires
-1
sync
gdn.socdm.com/rtb/ Frame 753C
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1&google_push=AXcoOmQf3N0vnNAJRwG7TtjZwNccgTYHct0cA7xrYzz0aNwUYWbDJvp30WKb1IvBDse0_...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmJqUDNjQ284WUlBQUVJaUo5b0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1
43 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
HTTP/1.1
Server
202.241.208.2 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 10:30:55 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"119.56.107.45","key":"ZbjP3cCo8YIAAEIiJ9oAAAAA","privacy_sensitive":false,"uid":"ZbjP3cCo8YIAAEIiJ9oAAAAA","upstream_id":"a-ad40289"}
X-SO-Key
ZbjP3cCo8YIAAEIiJ9oAAAAA
X-SO-Upstream-ID
a-ad40289
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40289.dc2p.scaleout.jp
X-SO-UID
ZbjP3cCo8YIAAEIiJ9oAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
119.56.107.45
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
180
X-SO-LB-Hostname
a-ng40009.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEJ_OW2zU45lXUFUb3XTdGz0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 753C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDkFDcUHMn8e_cN8p6eYz0k&google_cver=1&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8C...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDkFDcUHMn8e_cN8p6eYz0k&google_cver=1&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PH...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8CYfI9qvswbQ2vXrmkl_yn9NNXk1ysxBrvqjtlCVtP4b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8CYfI9qvswbQ2vXrmkl_yn9NNXk1ysxBrvqjtlCVtP4b79HNUvBJwZ2c0ApJoUORIo&google_hm=syChP06gROq059LZoVx1JQ==
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQOcYtkJkf0FhEZZD8iCeHRM1-eSAOz2TQvGmzO9zAgYstXJ3i5LB6KaPCO4Vb8yO6lE4b9qggwzY73PHUpiv8CYfI9qvswbQ2vXrmkl_yn9NNXk1ysxBrvqjtlCVtP4b79HNUvBJwZ2c0ApJoUORIo&google_hm=syChP06gROq059LZoVx1JQ==
Date
Tue, 30 Jan 2024 10:30:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 753C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_cver=1&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhv...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhv...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhvq40DAWBNOEqEioQZI4C6AAKYX0AK2_Kw_0SSTrQ4VJ-6Bl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhvq40DAWBNOEqEioQZI4C6AAKYX0AK2_Kw_0SSTrQ4VJ-6BljJudKfBEdnKWVm-g836k_dVJFcw&google_hm=eXhJSFk4YzEzTG9rUEVIX0pRVlQ=
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Jan 2024 10:30:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTuDpkI0XnApwZZw-OheFGsHHT1YDk2cEERu-C-GNdMOgvEYBvqLJgxiFrbtlfOlCJxs0056kTTkkbhvq40DAWBNOEqEioQZI4C6AAKYX0AK2_Kw_0SSTrQ4VJ-6BljJudKfBEdnKWVm-g836k_dVJFcw&google_hm=eXhJSFk4YzEzTG9rUEVIX0pRVlQ=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
294
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 753C
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEEtEnmNkyxNJVwczXWrVIyU&google_cver=1&google_push=AXcoOmQTTJSBuLlLemhzzQCuqTTud1VXiNdoStCyopv7EAbfinjpZ7NCei7CqgBplTu...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQTTJSBuLlLemhzzQCuqTTud1VXiNdoStCyopv7EAbfinjpZ7NCei7CqgBplTujWowymU_2g6DP9OkubLPqGMjqIlbRcERHmof_R71KqUSY80IslJPOW__867C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQTTJSBuLlLemhzzQCuqTTud1VXiNdoStCyopv7EAbfinjpZ7NCei7CqgBplTujWowymU_2g6DP9OkubLPqGMjqIlbRcERHmof_R71KqUSY80IslJPOW__867CYPTUpKMDcJQCP8XYCBgBd6oon-qYZfg
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
1d3ad5a5
date
Tue, 30 Jan 2024 10:30:54 GMT
x-bytefaas-request-id
202401301030540A667A52636A43246C69
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401301030540A667A52636A43246C69-38AE21C41F03E29A-00
x-cache
TCP_MISS from a23-209-116-5.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
server-timing
inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=69
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401301030540A667A52636A43246C69
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQTTJSBuLlLemhzzQCuqTTud1VXiNdoStCyopv7EAbfinjpZ7NCei7CqgBplTujWowymU_2g6DP9OkubLPqGMjqIlbRcERHmof_R71KqUSY80IslJPOW__867CYPTUpKMDcJQCP8XYCBgBd6oon-qYZfg
x-bytefaas-execution-duration
4.07
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
0159cfe19847f6e82340bdf42bb00a76080b040c4b680c872b71db9e2c54cf39ab073e2b0bb0ff86aeb58cdc9763c2066aebed2955583797e6caca16c18723a37a159dd3118314893b4662bab56b47187b1732f4f9d15150c69b718c2c63965054
x-origin-response-time
69,23.209.116.5
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Tue, 30 Jan 2024 10:30:54 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 753C 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jop40N2I3-ObidzWwe_EetGDxRLRQQxfJXU_AXLCBYUjd5RHgMIcRaE6bdRsnxcTn2OW-mLg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame B082 		0
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoNCAEqCWxhbmRzY2FwZQoKCAIqBnNlcnZlcgouGiFkaXNwbGF5X2xlYWRfZm9ybV9xdWVzdGlvbl9udW1iZXIhAAAAAAAAHEAwAQoNECshAAAAAACATkAwARIaQ0xPajZvcjBoSVFERldVaWd3TWRUbk1FUlEiFWxlYWRnZW4vZnJvc21vdGhfdGV4dCgs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d0c418fd7c3c9b1fa25e4b07b8f8ee33.js?tag=pingback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame A5D4 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:44:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
35189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 00:44:24 GMT
collisionadmarker.&ad_ids=
fundingchoicesmessages.google.com/f/AGSKWxWqH8rlBrOpTj1ZCDDD4rEJoCkE0AuV8xl8fxECEWmLfiT2i-ViB95h0mu2jL-r1Qpt9NVh7U9RyFU-aqWY94qQtPte75wr3WlPMEyl6Q1fTeTihHWjtmqXFBtveqWjLTCIMC8VHeGlAEmQ1Ir_ER-3sIbMa... 		54 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWqH8rlBrOpTj1ZCDDD4rEJoCkE0AuV8xl8fxECEWmLfiT2i-ViB95h0mu2jL-r1Qpt9NVh7U9RyFU-aqWY94qQtPte75wr3WlPMEyl6Q1fTeTihHWjtmqXFBtveqWjLTCIMC8VHeGlAEmQ1Ir_ER-3sIbMaASLUc8KYHp-JibKbaVBq8WwFUOgiQEV/_/collisionadmarker.&ad_ids=?adunit_id=/adgearsegmentation./scripts/AdService_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzwLT_IEintvUW-deM3bwx75V_bpQ/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e2d5e03b6a7053fb904f1195851d13e277a5de08122be5a3d310375f91223954
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iXCdfV5aqf5XtKLwNrxKcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-iXCdfV5aqf5XtKLwNrxKcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLWI66-mC6ayXgZitYjorHxDH1U1nzQFivnXTWTXXT2fdcmY66x4gjnk-nTUFiBezzmBdDcRTAmewzgHilugZrJOA2Cl9BmsAEH_OnMH6G4h96mewRgFx2e1zrHVALMTDcXf-47VsAhP-_tjICAAxzVvZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzwLT_IEintvUW-deM3bwx75V_bpQ/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31172
x-xss-protection
0
server
cafe
etag
8274047967244442607
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 11:14:19 GMT
AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P5s-zz8LTpLsJcR0aqR6ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-P5s-zz8LTpLsJcR0aqR6ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4978x2vZBDqO9dgBAMpNH_E"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://onthitopik.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
yrhYEesrE
post.plastformspecial.com/ 		0
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://post.plastformspecial.com/yrhYEesrE
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.91.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHpyDYOLKN194REc7c2yfW8ssxYzwV44lqkTSXK4%2BuDSoSBNWC39JuCEGMlrZfbkPsowmRSpQcyKNMxw4D0tlRUcl1mvavWMgkbwPFZVeIq5C2zRInZ2y7KGKEcoRj61pnmpcAV7BJYfZJJQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
84d90acb6ff74a83-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Tue, 30 Jan 2024 10:30:54 GMT
viewability-pixel.js
widgets.outbrain.com/viewability-pixel/ Frame 11B7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Tue, 30 Jan 2024 10:30:53 GMT
content-encoding
gzip
content-length
1594
last-modified
Tue, 26 Sep 2023 12:16:31 GMT
server
AkamaiNetStorage
etag
"706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Tue, 30 Jan 2024 14:30:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 11B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:56:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
34474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 00:56:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 11B7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:40:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
39033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 23:40:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 11B7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 10:30:53 GMT
28a075ff08f2acf0d19cb3c2de263678c9.jpg
zem.outbrainimg.com/p/srv/sha/76/6e/23/ Frame 11B7 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/76/6e/23/28a075ff08f2acf0d19cb3c2de263678c9.jpg?w=300&h=250&fit=crop&crop=optimized&q=45
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1edf83b509f38f707e0009d61d2f999d2189a2fa44504cbf743d5aa67d54dc62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
2292306
x-cache
HIT, MISS, HIT
x-imgix-id
9b758ca0f4bfcd3618f8c2ba8e3f2c5f7e6f6c50
cross-origin-resource-policy
cross-origin
content-length
19832
x-served-by
cache-sjc1000138-SJC, cache-qpg1267-QPG, cache-qpg1235-QPG
x-imgix-render-farm
01.140328
last-modified
Wed, 03 Jan 2024 21:45:46 GMT
server
imgix
x-timer
S1706610654.934777,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24
/
b1t-sindc1.zemanta.com/t/imp/impression/ZAZED256ZUDH4GTKFRIHRWRCWZQIZRJDLWU4H5AS55XM2TRK5AMXNZYWH5E5LCFMKRVWJZJCEDS2XAG5UU2WZ3PYQEPMFF5GJ23WDW35TWZO26OMWXCZNHROYP2IW7M4VP7QYHA7A36YQBAIX56NNXVTSZ6HO... Frame 11B7 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/ZAZED256ZUDH4GTKFRIHRWRCWZQIZRJDLWU4H5AS55XM2TRK5AMXNZYWH5E5LCFMKRVWJZJCEDS2XAG5UU2WZ3PYQEPMFF5GJ23WDW35TWZO26OMWXCZNHROYP2IW7M4VP7QYHA7A36YQBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NMKBE3XDFN3ZVVPYG4CPUYHTQD6NAIBEIPWBKQB4HMPJMTQNHZ5V6AYMUCSTZWZU57F4M3XT5LPHQBSAQQGQFXG3V2QEUY2JPAGM35JQXTNUKPHVVDRYNWRGVMRAGF7POQUUSYG66VEQN7VG7UZZUZZZ74VHGRCNPRRIHST2PS3GREQ5EK5CQ/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 30 Jan 2024 10:30:53 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
4.js
static.adsafeprotected.com/ Frame 17B4
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1924505/77817687/4.js?adContainerId=gcc_1s-4ZbTgHeXEjMwPzuaRqAQ&cbFunctionName=goog_wrapCb_1s-4ZbTgHeXEjMwPzuaRqAQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsa...
  • https://static.adsafeprotected.com/4.js?adContainerId=gcc_1s-4ZbTgHeXEjMwPzuaRqAQ&cbFunctionName=goog_wrapCb_1s-4ZbTgHeXEjMwPzuaRqAQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=gcc_1s-4ZbTgHeXEjMwPzuaRqAQ&cbFunctionName=goog_wrapCb_1s-4ZbTgHeXEjMwPzuaRqAQ&true_pb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
18.164.52.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-52-40.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:11:18 GMT
x-amz-version-id
xSP7ulO_2Xmug2hTG9afMUmLlvmSi3oh
content-encoding
gzip
via
1.1 8bdbe34841dae048e23c3b85d9dccfca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
44377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 29 Jan 2024 22:11:16 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
BfbQ83BrzTatBF1aNHnHEVBs7kmkzHNNfT1xkuNLnpBSyuns9-umNA==

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=gcc_1s-4ZbTgHeXEjMwPzuaRqAQ&cbFunctionName=goog_wrapCb_1s-4ZbTgHeXEjMwPzuaRqAQ&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame BEB5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.52.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-52-40.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 8bdbe34841dae048e23c3b85d9dccfca.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
11355704
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2k5ulJNe42n2kfuJx2TFv1-pSaXh9SrZ3Xy9vRFDFBRSdzdNh5W_bQ==
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4UE7,pingTime:-3,time:96,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:34%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4UE9,pingTime:-6,time:98,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:98,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B86~0%5D,as:%5B86~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:34%7D&tpiLookup=ao:onthitopik.com*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4UEp,pingTime:-2,time:114,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:130,mdZ:1047,beA:1109,beZ:1111,mfA:1115,cmA:1117,inA:1118,inZ:1123,prA:1124,prZ:1133,si:1142,poA:1143,poZ:1173,cmZ:1173,mfZ:1173,loA:1206,loZ:1209,ltA:1222,ltZ:1222%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B102~0%5D,as:%5B102~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:34,sinceFw:79,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame C563 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
560144d356bd62e597cf639f10986eaffc41522b31bad4847f2b4cc82072b0e4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
fundingchoicesmessages.google.com/el/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aCWNzBBMeVfFUQCVtKiIYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aCWNzBBMeVfFUQCVtKiIYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4978x2vZBDYc-uQAANB_II0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://onthitopik.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C563 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 12:48:00 GMT
x-content-type-options
nosniff
age
78173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 12:48:00 GMT
view
ad.doubleclick.net/pcs/ Frame 17B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvRfsScWhDi-iLB-eeUDZANS1O2RQBUJM9MTg525O5DyS0jihv4eHu73mJVBdhYmmrrG2MDUQPRiWMEKW37C2w5WbFBQ4uEdusfMw4vehXFYd-0N0qqoEU06cjr8-FGwWreR7koc79Q_ThGjcu_FQ9sn2KUZDyLiamZIP3CW_uNrpNMvdhP2yOyxktbIX7wR_8imh94sD_VLZ9B2rs-n4jmGMYJTTY77RByST1WqGdF403kdqfl1yVwz40pemPiCv8u_v8DI24qZdZYzdyMPJ_tmF45IIQlezSyzefa86xGpz8tAfprYjLiFsu4OsDN_qY6AZ9ec79_3ZtRp0Iye7TFiprwvMcehz4TX0NJcFeWcV1pWZoD04xe1uRwzA8Fe0Z9Pjw1ZVtPoLIJEuspyuw8Nwux3RbI4cFTqWFAEox7z8oUjv03_RaS8lCf6M_NgVfJuW4j_PqUr66e4KEEC4wfIm1K7BeayxudbqQxyMhfUsMFbtJMZgyAGTgYAO7CYILMK803TTx2QYaiussE0P4vpy6qlIotPHnA29DS83ImN-ZgRPeCwNTXnR2F2h6swMAzN2KLvvFurC36K8D6ScJLlKJ2iiiMS3o25P8YHc8NifEFG8LqayD9WyFYKepg7aQ6PhO6g2NzB-y7ZP9rnEMYtcSqZfMpHpBEPIE-KgWpXBceCwNIBKUoFxea7JWNeWC2bjGJ6pQYHSO53WRMG7H1JEhyTmJ2Xv--s9GD-MsMa3nlJcymkKUcZBSA7oLQK-BmOzjPMkiUE54uRvCAWiBBumiO16LBMd-KgihBGOug83WAqcsmiTF-JpNupBUGDl9IN7CFtbiwJ5rLlOb2tmH_pn6MHABvOfJfD6SWrUPBiT5SZ--bGVyMngAUX-41UU0erUVlD-QUHRNFXj_l-7DohjE0GpVrYwfZwQr_cmUCaJs2GovD_gJ4Bb1AlwZbv8yBbORANrpuWbkiYq7bsVVQgiwnYJCoNO57iQ8oWN4q7HwdCzc9H9xhEE5qDD20-V7-W9b82OpPBRc1BVyTamHlAeCz9vpTKh8wo0hDviaFKAeEVmxM4GGRC95SuPTVpOVz4tEdwNSsoWeJTC0EslzvczA7zpWVevXdcsrHKtkrHt8OGrS1yGkx3ThHBeUgYz6egHnpODTKJK8M92Gm3dogfHsDtaorRoCBBE0TFoFvHPbN0d6Oq_5FDorBRrIxgNEcuiERGey0W6uX1G6wu0rvMUCcGOMZqdHeTAlYf9uWBXUPW627O1697WltHyOIlwdFpmSHmM0HOeW7at3WJCn9VYnNfOLYkwEy6OV1AUC9zNyC&sai=AMfl-YSnpiQxj7j1jKa-Pm30ED3QGBmFgIvVz4SkSlZUeAK6GxHqYS1GpMSvuah4YzTk5iP9K3hfn-EUY1d5jNLyQlHGfi3TPSUYJe1vZPznXQ1GoCqDRkVh4NNgRXty04wYglKTADqXbxcghhG8OzObKS6C58vjOskl-WR4Fo6-AyGTmiKO-4jvM1SDTRNlC8KJIvXYEWLAllyUM84Bqh7UlIFmh5DgtVPVX7jbTsn_ROiEsgGr1YzXQKGJKGLF49VjYixqlZDNaPvU9JJprXHHZThSDjWgeOPXjBulacojrxKIMZMSb4BwP6NArpbEA_WYfGW50RYO7t6S5BodsQ06IpWwl9da0KCOzLCvbC63LSG74qdjEkQb15gbIciLLYQnDQ-sxGBbj1pO-mEQkIuD_jlzgLzX4dQmT0canQHVvjujBoJZMDPwpoSldR1X38UZjGt4tKU_yVu1AkcZjOfhn-bUi1s-5tQJjCbTd8qpHuciQ1d0OjTuM26pjMcLyVLDgtbYfRlat5jkXA&sig=Cg0ArKJSzMmQSmPxZveUEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sYXphZGEuc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1293&vt=11&dtpt=1291&dett=2&cstd=0&cisv=r20240124.08453&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jan 2024 10:30:53 GMT
AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
fundingchoicesmessages.google.com/el/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tV7CHREcGo65SIeWtm0_zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-tV7CHREcGo65SIeWtm0_zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4978x2vZBDb0XnECAMtwIC4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://onthitopik.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
fundingchoicesmessages.google.com/el/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i2FaPKiaKEk0PbtjyyM1Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-i2FaPKiaKEk0PbtjyyM1Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4978x2vZBGa83-MAAMu3IF0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://onthitopik.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX8oKIDnVbOmZdcma4tziKEjWDomj8BeCAVdtXgGt10nh5bRrGonZEoSyye--O5RdqJ5Uku5nkIunA990Yp4F-wEU-mSDs8YjPIWBDfqjT09SNLAAdH3Z9B3cBHphcHc1n-oHnCag==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8oKIDnVbOmZdcma4tziKEjWDomj8BeCAVdtXgGt10nh5bRrGonZEoSyye--O5RdqJ5Uku5nkIunA990Yp4F-wEU-mSDs8YjPIWBDfqjT09SNLAAdH3Z9B3cBHphcHc1n-oHnCag==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjEwNjUzLDc1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiemgtQ04iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vbnRoaXRvcGlrLmNvbS8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
23407233d8a82f5b3bb2661b5657162d829f51303b60cf1e0562d3471deb0b1a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4kLkXynxnC-wpXVRaqgSnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4kLkXynxnC-wpXVRaqgSnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KchxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZOL6-ZJIAYjUgfif5iukbEO_w8WB5Ez6dlS1iOuvpgumsl4GYrWI6Kx8Qx9VNZ80BYr5101k1109n3XJmOuseII55Pp01BYgXs85gXQ3EUwJnsM4B4pboGayTgNgpfQZrABB_zpzB-huIfepnsEYBcdntc6x1QCzEzXFv_uO1bAIf3i-uAAAa42Cm"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4UI0,time:337,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:337,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B325~0%5D,as:%5B325~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:0,renddet:IMG.qs.bi,siq:34%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0BC 		0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bpn7v1s-4ZbTgHeXEjMwPzuaRqAQAAAAAOAHgBAI&bg=!jY6ljsHNAAa8BdJLnAU7ADQBe5WfONJMC8LaYEcPCmlqBhGCMZ3Gm_Gd1-4hlkz9RS6wpgj6k-uk9EVXcxCs6_WU3qpPAgAAAVBSAAAABWgBB5kC7T-t9h2YFMOhrELS0Uzm_GRHTymq0JvHOz4akQoYS9GEFVNhfqtS013eFupCrQpYT_L2y6nr53fQfFqrfQIgcZO4muv6nuWywP-o1bcNBNsFZTo65W7tRfa40lnHmWzN89eoglE6nfANDkvy0b_EixV4GmoHGwvmtEMv1XJK-WPAKgfcfJBaMyd0f74Zue5YhyI_qmwySZM-xrsaPSMej_JS0Meb-N9fNBiNgpZMLvusiW68YGHFmyJbmaBm1y9p1npb4N5ePo9cwvMjF8S51rR4_E09p9T3MD6Zr2TRZdBxLXupVCV33P4FSZPpZ0LVESKewhimeohzNoxeK-_Scq2QQAPdK6X3JInwbWJgTlTZslCxoGS2UTld-h5H9qSDQDV8bz7Si8ATrUBWGBJok0PKMQrZJQfF1aTriMRt1dp5K10Fjn3cBeEojwLtNwAiuzB9UmHX0g-92vvpBr20jdc0fIFC6WWHJ53q7MpGpGxmCbhkc46tY-1ZUyXeHHTemvavnXb19H1JaV7MNBu3rs8YJ5O58ez5briuZFYc7gLRPED4B2B_sxSgXUkq08GEMT5wiASRUHFZN29eYL0oxAdO9WpJVmeCBcvo9LyDODtzM2uc02QWa0e0Q9qkBYZUFuXOMXbZfnbCjMupuGr_WEBPfiHtGCFo2_eZ30t5tzRM9RRDhfMw4ur2btiJ-KSoVOm61Awiuu0n5eUGzhQjayjyTt6EEVAUegZUnL1deAap8Gzz_rNyuuXjEZ0fJrq6HU7I-u9AsNIblSKryq5KdtwtTUtXPy0Pc4RbI8fVjSyDtisqCBEVqgQcz7tS_joK4co3P4ANT9xDlMwHvI0djKphf6_B8areGbIG4Y6qN35LW0GCxDsSvG_Iz4EBPiKMXmUt4fR1vSZx__CDe07lRd2ibRaTSsIKD8KJXr4OZoqTy-hoH6Jyg8oU6TIy9ureSKmQYT8pcEiyL65sU2shfQo6ct-DUtzc0NBLG6qS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame C563
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvYEN3M-4ZeeSFZe8jMwPkt2G4A7O3oy3df_e6fzuEdvZHhABIKCKsHhgvwWgAbm02ZICyAEJqQItp9UFAgipPqgDAcgDywSqBMcBT9APpjF31vktYyjUdb3PIO884HfRaSAhWKH96vwQ3CX...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x67822e1dc80201c80000000000000000%22,%222%22:%220xe73196e49ad038140000000000000000%22,%223%22:%220x375f99...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x67822e1dc80201c80000000000000000%22,%222%22:%220xe73196e49ad038140000000000000000%22,%223%22:%220x375f99ca4739f90c0000000000000000%22,%224%22:%220x54c316a3c5cc09ed0000000000000000%22,%225%22:%220xd9f7cb5db593e9100000000000000000%22},%22debug_key%22:%2211078163531090149947%22,%22debug_reporting%22:true,%22destination%22:%22https://cochlear.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22576084537%22],%2222%22:[%22true%22],%224%22:[%2201-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215214217115118098737%22}&andc=true
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x67822e1dc80201c80000000000000000","2":"0xe73196e49ad038140000000000000000","3":"0x375f99ca4739f90c0000000000000000","4":"0x54c316a3c5cc09ed0000000000000000","5":"0xd9f7cb5db593e9100000000000000000"},"debug_key":"11078163531090149947","debug_reporting":true,"destination":"https://cochlear.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["576084537"],"22":["true"],"4":["01-30"],"6":["true"]},"priority":"500","source_event_id":"15214217115118098737"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 30 Jan 2024 10:30:54 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 Jan 2024 10:30:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x67822e1dc80201c80000000000000000","2":"0xe73196e49ad038140000000000000000","3":"0x375f99ca4739f90c0000000000000000","4":"0x54c316a3c5cc09ed0000000000000000","5":"0xd9f7cb5db593e9100000000000000000"},"debug_key":"11078163531090149947","debug_reporting":true,"destination":"https://cochlear.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["576084537"],"22":["true"],"4":["01-30"],"6":["true"]},"priority":"500","source_event_id":"15214217115118098737"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 2BFB 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=1648921604&adf=402930822&pi=t.aa~a.1175514741~rp.4&w=1068&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=1068x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610651015&bpp=1&bdt=10428&idt=-M&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280&nras=4&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=1265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:44:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
35189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 00:44:24 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x67822e1dc80201c80000000000000000%22,%222%22:%220xe73196e49ad038140000000000000000%22,%223%22:%220x375f99ca4739f90c0000000000000000%22,%224%22:%220x54c316a3c5cc09ed0000000000000000%22,%225%22:%220xd9f7cb5db593e9100000000000000000%22},%22debug_key%22:%2211078163531090149947%22,%22debug_reporting%22:true,%22destination%22:%22https://cochlear.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22576084537%22],%2222%22:[%22true%22],%224%22:[%2201-30%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215214217115118098737%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 10:30:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B778 		1 KB
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
7051
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 08:33:23 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 08:33:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 11B7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15780ca1e4d875171235d1f5458daf4e50ed9005ae074aa45e82f7ce37d82b73

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 11B7 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJO7m3c-4Zc033deMzA_4u5moBdesnIJuyur8vP0QwI23ARABIABgnQGCARdjYS1wdWItNDkxODc5OTU3MTA2MDM2MsgBCagDAcgDAqoEwgFP0I31AL4ZuJ4cB35y7mHXy7YrsneHfkqPthuW8x5P2409NNg3grmkIJ0dFIi-7yJCtpTRd9uIuXy4wefg3Sf_TfwUrec7F2ZKAo0HoiV4i83GUVlh0rte-_ayMjbbdVONf7DfZlJe6tPPMWap1p_SPJ1JtJJLtimfJd-0caS7bhNFEgnB2cWCoulAXFBt1nrM2Tu0qDmdkb0YSc-MtFQ3AZvhGyasZXFD0OM9hQTrjQQ4-WkBVR2LyE8NLwHNBiGCGYAG47iG8dfQ875BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WOj69430hIQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ5MTg3OTk1NzEwNjAzNjIYAA&sigh=kVfc0kzfeIc&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_OejEkTlwRu8phIkh3K3wemrUX3JiJ4MY-ExwF4cKR4Hpt6RNUscW6elB22xD1K1VBsEVAWTWGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 30 Jan 2024 10:30:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
b1-sindc1.zemanta.com/bidder/win/googleadx_display/a4fca0df-bf5a-11ee-9114-8a294abc764c/ZbjP3QAAG80DgyvdAAZd-NlKKgM_j6sXJllSQw/VORLIW2UUXUWS5X3A6JB24Y6CKNAM6SS4SV4D6MZMRH4FS22DAAVIWUU6NTYPEVSAOMO2A... Frame 11B7 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/a4fca0df-bf5a-11ee-9114-8a294abc764c/ZbjP3QAAG80DgyvdAAZd-NlKKgM_j6sXJllSQw/VORLIW2UUXUWS5X3A6JB24Y6CKNAM6SS4SV4D6MZMRH4FS22DAAVIWUU6NTYPEVSAOMO2ATE2UWEUXCO4NUYE6EWDK5W3NES5EPHRHGO3WEDZYCP7HOFVH24YBIDWC4HV7GQQNOAN7OHEPXXKZ2TZS3PBDXR757LAGPVERMRAO7XXCJMTO2QQ3UAEAGCOVW5EM372X7MA5GNOPIVZ2S2C6JJHMO55S3W7LCFHYOQVYJURIKV56VXHJ44ULHFS57RBAFYFGBDOHS6M3L3KZSRDBNRX33BXFHQNNTSIZSQYDQARIFOVPWKYZ3GV3X6BJSBKSO7QXYNDO3WOPXH4NLWFOB5YN2CDBXSL5VQKMHGOEVRJVHOHMRBSG7KH7IP2Y7FPAOVYRHHKPBGKPV6TTAGA3Q5KHGWGWFFAXG7X7WB3DO46FUKXGXSFHGKDO5SKR7HCMZX5PWYML5HEQBQLKBJ2KLRU4T66MAMV4XA3QKA4IS46ACO6TEXJ7T5WPMSTDGJF2QJOGVIR3U2QXL6CWFLX7AAONRXXXM63DN3ODHDXSVWCDDJNP6DMDZOSOKFQOPYHKQPXVC7HQCKCENB73PWCM6SV36ZSQS5DBOUPBXF3JCBFIJQFQFUOUYKIW6EV2ZRMFYSWOV5BYJUYMNX37ZJLWZBGN3LSTPX4IQKEVTB5TBANPXI5F6NGUKBBBHWMFKLKXLLCGM5P2J5QCVWVSGQQWGHUUQZUGRUSIRR4JCSAC3ULI66CA4BWV7OMVU5RH2AO3YB2KDUBRQGU2IIAXZHFRSG3HTEH4TF76BB5HA/?amtw=&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.161 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 30 Jan 2024 10:30:54 GMT
Content-Length
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B778
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM2QFsfb-0-FeI5LguB2-dk&google_cver=1&google_push=AXcoOmT8TYmyrjNJqx0Mf7wVwa2gVOjWhjp5R3KHzSzxZNm_kJm9oSOyjAyXqQFUIn14NG1JqfVelz8c2nMicvTbQ-PClff2KD1f0...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYzMjE0MDk1NTMwMTU1NTE4Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM2QFsfb-0-FeI5LguB2-dk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM2QFsfb-0-FeI5LguB2-dk&google_cver=1
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM2QFsfb-0-FeI5LguB2-dk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame B778
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAmtv8-gRwQM0E1C5KBw_yk&google_cver=1&google_push=AXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqP...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmtv8-gRwQM0E1C5KBw_yk&google_cver=1&google_push=AXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kN...
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmtv8-gRwQM0E1C5KBw_yk&google_cver=1&google_push=AXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84d90ad23cba3f7c-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5366
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAmtv8-gRwQM0E1C5KBw_yk&google_cver=1&google_push=AXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTRPpNBAsrbaceCHQMs3gPqx7VC6v7QKpPPy6xScer2AknIuKWZeQ57Vo6hXIoDGQVQX4gs_Kbzennr7lg_KW8QVH3j1kNqPC2YqiijWKJ9AvpOYLZAQwslJrqaQ7g4T3ZSbr7PAXYW0To4JJLrphzxMA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84d90acff9ea3f7c-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B778
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBKUCLIU7sM9RlUxBfniRsk&google_cver=1&google_push=AXcoOmRNxObIvJs4PQ26JE_mrWeVDMW5Vu5fXaaVig8CgpYwPZbvbuRkWhlNQw3JeO2DTQNLpeDrxgvWkPrnC7wsm8...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEBKUCLIU7sM9RlUxBfniRsk&google_cver=1&google_push=AXcoOmRNxObIvJs4PQ26JE_mrWeVDMW5Vu5fXaaVig8CgpYwPZbvbuRkWhlNQw3JeO2DTQNLpeDrxgvWkPrnC7wsm8...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTQ2NGQzNTItYTNmNC00ZTMxLWFiZjgtZmI4ZTU2NTdiYWNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1464d352-a3f4-4e31-abf8-fb8e5657bacc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTQ2NGQzNTItYTNmNC00ZTMxLWFiZjgtZmI4ZTU2NTdiYWNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1464d352-a3f4-4e31-abf8-fb8e5657bacc
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTQ2NGQzNTItYTNmNC00ZTMxLWFiZjgtZmI4ZTU2NTdiYWNj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1464d352-a3f4-4e31-abf8-fb8e5657bacc
date
Tue, 30 Jan 2024 10:30:54 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame B778
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDkFDcUHMn8e_cN8p6eYz0k&google_cver=1&google_push=AXcoOmT_rojUvEEemxoUJeayY_mvJGEfkYbM3_M2ijUm447RHohYg4mq80UnEq2BAZFPQW5TE4cZV03B46ls6c_kqUfw...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b320a13f-4ea0-44ea-b4e7-d2d9a15c7525
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=b320a13f-4ea0-44ea-b4e7-d2d9a15c7525
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=102218b3-cc58-4c90-8005-f51a9a6e83eb&user_group=1&ssp=google&bsw_param=b320a13f-4ea0-44ea-b4e7-d2d9a15c7525
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT_rojUvEEemxoUJeayY_mvJGEfkYbM3_M2ijUm447RHohYg4mq80UnEq2BAZFPQW5TE4cZV03B46ls6c_kqUfw3ix-wbCNz98KQA1aYeOY6abv78F7A3sGh8MnFcrbBB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT_rojUvEEemxoUJeayY_mvJGEfkYbM3_M2ijUm447RHohYg4mq80UnEq2BAZFPQW5TE4cZV03B46ls6c_kqUfw3ix-wbCNz98KQA1aYeOY6abv78F7A3sGh8MnFcrbBB1pmSpoDRctkCuaYZeWmu4_6w&google_hm=syChP06gROq059LZoVx1JQ==
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT_rojUvEEemxoUJeayY_mvJGEfkYbM3_M2ijUm447RHohYg4mq80UnEq2BAZFPQW5TE4cZV03B46ls6c_kqUfw3ix-wbCNz98KQA1aYeOY6abv78F7A3sGh8MnFcrbBB1pmSpoDRctkCuaYZeWmu4_6w&google_hm=syChP06gROq059LZoVx1JQ==
Date
Tue, 30 Jan 2024 10:30:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B778
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKYQusyhwjdo--tDdvBaOk8&google_cver=1&google_push=AXcoOmQXjZm-nRTwqvd7AJE9_lDmJQSfPn3FoCydu-WZy7V52XfbrT8Ch5qYEdVuTFNQOqTKM7cF20pi9pfogk9chd-FNU4...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQXjZm-nRTwqvd7AJE9_lDmJQSfPn3FoCydu-WZy7V52XfbrT8Ch5qYEdVuTFNQOqTKM7cF20pi9pfogk9chd-FNU4YDcxMVgp90FPUTdg7OalI0xM7rn_l0exXyNeLP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQXjZm-nRTwqvd7AJE9_lDmJQSfPn3FoCydu-WZy7V52XfbrT8Ch5qYEdVuTFNQOqTKM7cF20pi9pfogk9chd-FNU4YDcxMVgp90FPUTdg7OalI0xM7rn_l0exXyNeLPaKhFSYps9r696f7vroiDeAs&google_hm=eS04UzNOTFhCRTJwRzl5VTNYcEVwXy5vVkJGLmUzbXU4VX5B
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 30 Jan 2024 10:30:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQXjZm-nRTwqvd7AJE9_lDmJQSfPn3FoCydu-WZy7V52XfbrT8Ch5qYEdVuTFNQOqTKM7cF20pi9pfogk9chd-FNU4YDcxMVgp90FPUTdg7OalI0xM7rn_l0exXyNeLPaKhFSYps9r696f7vroiDeAs&google_hm=eS04UzNOTFhCRTJwRzl5VTNYcEVwXy5vVkJGLmUzbXU4VX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame B778
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_cver=1&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEMbc_eFwycAnf0MN4x22ZV8&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC3DmmcgFGGhYfdASyf5h7Fi7ZtIyJX2owmELg3cqPoxeaXW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC3DmmcgFGGhYfdASyf5h7Fi7ZtIyJX2owmELg3cqPoxeaXWuRmtsGi56Q95tCzgFwQsuiowUag&google_hm=YkdjLXJOdkxkTl9LT1RCYy10blo=
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Jan 2024 10:30:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRxU-De7kmt_H9vtgxUJ0tygY_pu4M9wR0RYYFnYQJDd9AGMplJ-k-SEfCs8kqNKquhBhTyYnjyep9xC3DmmcgFGGhYfdASyf5h7Fi7ZtIyJX2owmELg3cqPoxeaXWuRmtsGi56Q95tCzgFwQsuiowUag&google_hm=YkdjLXJOdkxkTl9LT1RCYy10blo=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
294
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B778
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKDfx-UR_hdhgF-14ZJpt9o&google_cver=1&google_push=AXcoOmQkqSmr0LRUS8PXAJRNd2Ertn1iG6677J7RgQ09yLGsT8iaBuABJ-LL5tmm1pzdZSMyXYOruLjTR9uSX-Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yCYkleDTQSlpc7Pw8ELf_Q&google_push=AXcoOmQkqSmr0LRUS8PXAJRNd2Ertn1iG6677J7RgQ09yLGsT8iaBuABJ-LL5tmm1pzdZSMyXYOruLjTR9uSX-Z5sjH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yCYkleDTQSlpc7Pw8ELf_Q&google_push=AXcoOmQkqSmr0LRUS8PXAJRNd2Ertn1iG6677J7RgQ09yLGsT8iaBuABJ-LL5tmm1pzdZSMyXYOruLjTR9uSX-Z5sjH1aIRVMhi6vzYeZJQHZDqC3OLQlrwxV6A9XN9rz_8S2kdqUEOtXt76k9XVTuF1B7fxPQ
Requested by
Host: onthitopik.com
URL: https://onthitopik.com/
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=yCYkleDTQSlpc7Pw8ELf_Q&google_push=AXcoOmQkqSmr0LRUS8PXAJRNd2Ertn1iG6677J7RgQ09yLGsT8iaBuABJ-LL5tmm1pzdZSMyXYOruLjTR9uSX-Z5sjH1aIRVMhi6vzYeZJQHZDqC3OLQlrwxV6A9XN9rz_8S2kdqUEOtXt76k9XVTuF1B7fxPQ
Date
Tue, 30 Jan 2024 10:30:55 GMT
Connection
keep-alive
Content-Length
295
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame B778 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KuPaQaKh7IxgB8pd3piwD1vNgy1SIyVe50rQi3qL36d26nlu7VP-NSMvPjX37eI9BSgCx4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4918799571060362&output=html&h=280&adk=2484755795&adf=2235263015&pi=t.aa~a.4254279088~rp.1&w=341&fwrn=4&fwrnh=100&lmt=1706610652&rafmt=1&to=qs&pwprc=8797652355&tp=site_kit&format=341x280&url=https%3A%2F%2Fonthitopik.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706610648047&bpp=1&bdt=7460&idt=1&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28d8707f8cd45605%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MYrGykp8achUPYV8hEws2r6xmbeEA&gpic=UID%3D00000cf3f24f7254%3AT%3D1706610646%3ART%3D1706610646%3AS%3DALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A&prev_fmts=0x0%2C1164x280%2C1164x280%2C1068x280%2C1600x1200%2C728x90&nras=7&correlator=6159089195683&frm=20&pv=1&ga_vid=697482153.1706610645&ga_sid=1706610646&ga_hid=568810873&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=993&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31080620%2C44785293%2C95321963%2C95320868%2C95321626%2C95323007&oid=2&psts=AOrYGsnDg_Wqtno1rzIakWI0vcoid352rI1lv29N6Ns61OhCR_m6LkICZ-vnL4VkF5kN7ZwwQrm4-A9_rFpv_QUWrtkeHQ%2CAOrYGsmtH5gIaAURX2gXT36t7qzdegKHArzTnZ3CuI0le0Nw1M1EZVMRH6gmFjtMXskma0veEhBMMzwy0EpdSXxdVnfxUCLC1XNhaJMlR5RzejAgVLbdlg&pvsid=2754061327435285&tmod=477988201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=4791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4UNB,time:684,type:e,im:%7Bpci:%7Btdr:570%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:684,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B672~0%5D,as:%5B672~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:34%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:54 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
AGSKWxWR6igB_ZKJR6jfZ0WwgupGlcsi0EL-9Wit6n0PkQXoFAfVTYj7z6R2ElMQCgTfD5TUsBJnxx2RXN3lgA0sIkjcZEai7irQ1IhRBZf64-fWcOQnPNYvSHEIbwDlTVoXuVHzPtas-w==
fundingchoicesmessages.google.com/el/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWR6igB_ZKJR6jfZ0WwgupGlcsi0EL-9Wit6n0PkQXoFAfVTYj7z6R2ElMQCgTfD5TUsBJnxx2RXN3lgA0sIkjcZEai7irQ1IhRBZf64-fWcOQnPNYvSHEIbwDlTVoXuVHzPtas-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ukOjY3niaLOupIvUUyZrrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-ukOjY3niaLOupIvUUyZrrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4978x2vZBGZsPbiMEQDvvSCc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://onthitopik.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
fundingchoicesmessages.google.com/el/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWQ5kdhRvBhAX3CUUmL4I3BwIAVyu6GxpEztMdqLnbHy9PuzZ232l0NeSuAueMmqExteuTi_4wX_7_LjxADO_HuoXzSjpNO4ImAWQ-o9NPWT1CAqu3eTRTo5M6BxbsgMhbZ-HF7eQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMy3YPPppbfAtEMIulhmMGrAE21tFQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-queAZO4K1njcJ_TJB8_rfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 10:30:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-queAZO4K1njcJ_TJB8_rfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4978x2vZBHbM_7OFEQDvmiDr"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://onthitopik.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4UZl,time:1412,type:e,im:%7Bimprf:%7Bttecl:2357,ecd:1342,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:271,o:1141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1129~0,1~100%5D,as:%5B1130~728.90%5D%7D%7D,%7Bsl:i,t:1141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B271~100%5D,as:%5B271~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1254,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:34,sis:1378%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 17B4 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulhg6H1BpuOsnedVm5Y81g0EQjRqBA2MHK3yJcGYPj33Wk08BUgyoFnNeYprIeopEzTlgWoQj2QWBBVTSw0dyhe-YQSvKpu2rXgOzB54SsBq1kDUwvAywMd-EAaDdmZEE43ImHKXjKapo&sai=AMfl-YRpq5cP_30N377dth9Zg1PizV2kot06aO3pCoCsoKjdOb1TkPFssZGLT2UpDl3-g2a-IEdA7m4U1WdVY-sq0j6f4izIwI-2FmftnJz7Bgfs88GLcH1uPiRBuIT39g1DBUcwkKiMycMEzHpGZba_Eg&sig=Cg0ArKJSzDODe1CwFFv0EAE&cid=CAQSTwAvHhf_LIJgTrA3dDydnU8W3ChQthRYXFZQJYTGeDVLHIe23fpZbBsf114y6uPzVlatqegsPaYtta7s9S68BFWWKFvqrJA7x4ytAPi09tQYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170661065200&rst=1706610652322&rpt=1703&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4V3C,pingTime:-10,time:1677,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706610655108%7C%7C3bf90f94277707eb7b23beb616a9f6cb%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cddf42323be7a0eb06ede776befa043d1%7C%7C13b930fe06c95b704a09ff6dd2498cb0%7C%7Ca0a9fcd8f2b56aa81ca5de729cf8dc45%7C%7C976228a59d82ea9250dbf9a20ef8f36f%7C%7Cd707808064c6109c38ac3f0f85d1c43d%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
iJWKBXyIfDnIV7nPrXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nPrXyi0A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A500%2C400%2C600%7CRubik%3A400%2C500%7CNiramit%3A500&display=swap&ver=10.3.9.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f4bbc2bf47fda8157880cd1b33f76c49d8af6825c3dbc15df63e625d8b35df65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://onthitopik.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 13:52:39 GMT
x-content-type-options
nosniff
age
74296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18928
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 13:52:39 GMT
page.php
www.facebook.com/v10.0/plugins/ Frame B627 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=166e291bc1661b288bdb756c8c150183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
/
Resource Hash
a5ac1c722f2919f98f34ec8ddc82cd4cb666f5c1d53a8d7663849780d7a894ff
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:56 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=()
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ejuqqeEf49SBLeG3jX+nQGlgz7CrJ6GL9SevpCzO3l3ivsO4TtSsvRNEvPm58Nc2lJFwn8HLbGniNsx7C+3zPg==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
91422c632fa21464891cbf4b1bbfeb6fafb869693a34a7a912be91e59951123f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12501
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4Vea,pingTime:1,time:2331,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:1141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1190,o:1141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1129~0,1~100%5D,as:%5B1130~728.90%5D%7D%7D,%7Bsl:i,t:1141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1189~100%5D,as:%5B1189~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:417,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:34,sis:1378%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 17B4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4Veb,pingTime:1,time:2332,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:1141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1191,o:1141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1129~0,1~100%5D,as:%5B1130~728.90%5D%7D%7D,%7Bsl:i,t:1141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1190~100%5D,as:%5B1190~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:417,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:34,sis:1378%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.29.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-29-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:55 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 30 Jan 2024 10:30:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3774 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
275624
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 05:57:12 GMT
expires
Sun, 26 Jan 2025 05:57:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7F14 		829 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f106.1e100.net
Software
GSE /
Resource Hash
dc444cecfd0afcdcbba59667bd1b2e4768793ab5c38506a8fb3812bf155766bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7F3n4zszbUt7MvbZzP3MNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7F3n4zszbUt7MvbZzP3MNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:56 GMT
expires
Tue, 30 Jan 2024 10:30:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2754061327435285&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 3774 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 08:34:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
7006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 08:34:10 GMT
generate_204
tpc.googlesyndication.com/ Frame 3774 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oVJkDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:56 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame B627 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o/7VM47+HYG0hT0S5PaW4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5162
reporting-endpoints
x-fb-debug
gbkQaPSBaWftHB0WNjZgCGssOrnkmbpTBXUo7FI7ihUdhav8l6suS7bIR5JxxNMGZPC/mbgYAPYwpXrs99lTww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 19 Jan 2025 11:00:42 GMT
R1rI9_QXPKe.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame B627 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/R1rI9_QXPKe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
4cb8829aa29254fcf51588307eaf1626e78ec6daf17d580b2415a527889340f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qEunU9EdsMUffyx3o/MqTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93736
x-fb-debug
Sm7vutrZaNuJ8fdZvcjdo7R4r5ulk+b+/91z4fudC2ShVq/0iR7T1/iqyr6RYzuMjGvPN/g5sxEmNB9kojkzKQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 29 Jan 2025 00:03:05 GMT
8ZrPme2EwKH.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame B627 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/8ZrPme2EwKH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JieWsOvZ3RFDEjZePuauxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2809
x-fb-debug
Gu02XaAxHmPsC24i6sGgiVjZCcgZGjxQro7phwAHd8/joaYt0kHn68RrbpEoErxfpbnE6BbIWxp3u6bomj+6XQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 25 Jan 2025 17:02:01 GMT
ru8zNtgW1u3.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame B627 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xfgcH48ZrXyM9ExSIhREow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27517
x-fb-debug
q0HMTyMerH6WPvZuX10N5otT9ff0bWGEfF66t2lwYx3pA3P3HwehfUGX1PNnEsqpvtbzdLcbuRoWaOUmqInXkg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 22 Jan 2025 10:30:45 GMT
91fY1Wa8SUF.js
static.xx.fbcdn.net/rsrc.php/v3iSa94/yB/l/vi_VN/ Frame B627 		107 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yB/l/vi_VN/91fY1Wa8SUF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
f8edf2083f3a9fe502c83bfee68ee236699028790d26e9ffb935d85ccd4522ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FH2HbJLPQCfOEKueHKq3Wg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31355
x-fb-debug
+/Miv/nLp+foSxm2xEaP+m6WnbEdHADMQdBH0ZfomMX7Sp2sQFI4JWL4TzcTMldlIp2HqKeyuXAVnoRaNe0ouQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 25 Jan 2025 01:13:45 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame B627 		507 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:56 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
lOKdfzOtXxwzstzRRLHwSlaD4BcQsn7k3I9ktJHY0raCI2PoG54SGXKQCNhn8yRivYpGuzZJ5DQbuNoNRLkuUQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:14:35 GMT
308588887_519125290220086_8570028397416862242_n.png
scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-6/ Frame B627 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-6/308588887_519125290220086_8570028397416862242_n.png?stp=dst-png_s350x350&_nc_cat=103&ccb=1-7&_nc_sid=081abc&_nc_ohc=Wh2vHtEsaNUAX9mXnS1&_nc_ht=scontent.fsin3-1.fna&edm=AD5vYhEEAAAA&oh=00_AfAhSyxuOz-mtX5VGa-nGjlC1JjA4jYVsSnhSuRzi8FqVw&oe=65BCF53E
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.245.104.145 , Singapore, ASN4773 (MOBILEONELTD-AS-AP MobileOne Ltd. MobileInternet Service Provider Singapore, SG),
Reverse DNS
Software
/
Resource Hash
c8c36c48d1f36970dac28c5f3d4e1674ca4c2a84fc5f0d22071f6c576820dae7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:57 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 27 Sep 2022 21:36:05 GMT
x-fb-congestion-signal
congestion-delay:629;congestion-delay-p50:104;congestion-delay-mean:280;congestion-delay-stddev:444.5683299561497;total-samples:2986;dispersion-samples:1520;num-congested-samples:0;num-single-packet-samples:1;
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=414003894
thrift_fmhk
GBAtjQVoMHvMNmXr5kkllDKFFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1444560585
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
36100
309103170_519125293553419_3238386229176672338_n.jpg
scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-1/ Frame B627 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-1/309103170_519125293553419_3238386229176672338_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=aGvC-uz3MqAAX_gObfP&_nc_ht=scontent.fsin3-1.fna&edm=AD5vYhEEAAAA&oh=00_AfANABEKhV94wwUJ-jBYNMHFDEVX0foDGILGYFwKF5fTpg&oe=65BE8AFC
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7a1d4d483a8d4eea%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=324&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.245.104.145 , Singapore, ASN4773 (MOBILEONELTD-AS-AP MobileOne Ltd. MobileInternet Service Provider Singapore, SG),
Reverse DNS
Software
/
Resource Hash
829cd168e1e8e2db6e7dfe448613f6e85c2bfcef5c2dde8f9d37a386e337d33f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:57 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 27 Sep 2022 21:36:05 GMT
x-fb-congestion-signal
congestion-delay:629;congestion-delay-p50:104;congestion-delay-mean:280;congestion-delay-stddev:444.5683299561497;total-samples:2986;dispersion-samples:1520;num-congested-samples:0;num-single-packet-samples:1;
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3187391626
thrift_fmhk
GBB+dy0c7HPm/7zaMl9S4M4jFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
694441718
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1401
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame B627 		573 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:57 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
IheBHXCPVoEE60rVaf1Ggf6FGd1MdLOsmlwQIrHKQToQrA7B+VDnvW8Y5bBdSe9/xTSDbmGhs2mZh9cXZN1rxw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:17:37 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2754061327435285&bg=!AQKlAk3NAAa8BdJLnAU7ADQBe5WfOAfcZ2GSBBWVRtZQcEZey3qCtXj_-vu0AK77wn4BLf8DTt4IMpxRcG2WoM0L6hShAgAAAG1SAAAABGgBBwoAhOtSWfnDvGUn3CoxkIGrHVq4vRoU2G2jadTC20gH_aRfDzRjzVPout7UOdZPYH6E9FtRBT0dPKulZ-z2oS8lqBtmEFhx1bMnFUYfWzV3KhMrhCeNKzc5Y71hVbLgDg5fqB4x97NLvTSwfCBwFIWW_PoBDecrWwgWvODvHcTGpJ0YYiNNRJkCvDnk5siath7MN-w2kAX6JvAiFypptO9mlk6syJb2xUoKgAOSw7uAWJo6NkBOvpaLx2d_-s_CvkQ9whUAtqHOBbcDdA8Bu3yMgE7WKDEaDSVCVARvivfmIEb2EXPyBKoeHHlY37IAlKJnGruk31tOH8GpSjcPlkA6YWFLmE0MucOa_DlFCQG34-VCOJ7wi9k8GJrkeYdCTx9OfxvOBDeE0xNPZxqruUS8tn_Td8JLHydBhTbC2Ay-nsoU0hki73bHo2SOI9bcYNiCUhp3Bs4z8O5XiLzINVdeNSeT5nNLkoQv2foMjo3SZiQPYuxtUctAxm6yKxCcfNxNdeAncXo4IOWzoKmkbonk7mOb4JSyUatL4NhYaSd9ukAoQMefsKdVlGXbo803SsqnjKeGI-o8iC8lzvPJcy_g8rC0-kx0B1zVPUALhisiVUeveGR_keiOcNtUqlpYh44ZhgJry-dXzZLda2jX4eaJ9dDd3LaR0EkNSDIfLUhN0FtzwE4-vT8RhRkXayZa5H1C7xHX0R_jCVwr-V4IruORwr6qHpArYTISWuiSa_1QX4XC31odrkHwnH5RolNI30bO5NwdD2uahPmKVOtTGpu3HU9keeWmMEdnSioKCTs-hpcaa6LiE44xxehze5iw0y285uv1iXGN8N71vCMEBGX7W4smqiycu27JSRDJhqupNx7y4wZi3KAOhdxBfCUS5F-IeEIMZXkGlRjBKcZ_yhvYMcDAYS2g1KJY0vTfdVBG631x8YQK4iE_PlAnbIfL9J1hX-KwsAd1oGb_gpGHJBzttg00oeQuzWKHOlXqtrIhlX5ntpQiu9QcMHDdB3IP8bJwESKAQCjtiyYf8zN0hrYDRT5pEq214mXrFjdAVZoCDVWD3W8YgwdP83W-1EpwwRP0lTlijNR3OJCG2Usjqr8d1irzbY4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://onthitopik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DQGG3B27WF&gtm=45je41o0v9118391988&_p=1706610641477&gcd=11l1l1l1l1&dma=0&tcfd=10000&gdid=dZTNiMT&cid=697482153.1706610645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEII&sid=1706610645&sct=1&seg=0&dl=https%3A%2F%2Fonthitopik.com%2F&dt=Home%20-%20huongiu&_s=3&tfd=20170
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQGG3B27WF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onthitopik.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 10:30:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onthitopik.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bz
www.facebook.com/ajax/ Frame B627 		0
0
page.php
www.facebook.com/v10.0/plugins/ Frame 9C07 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=166e291bc1661b288bdb756c8c150183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
/
Resource Hash
42565c5e52312e9aee7cfd534d3d9e0ae79fec208655c9ac5efa9138c85baf76
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onthitopik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:30:57 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=()
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
FeP7LxliwAN/0Utih4bJtgA++15AEDoaLlcagCwhEOjRKUWygr9a/mylKPvoYH956Dty4koEkDTy4u4SkEiing==
x-xss-protection
0
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 9C07 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o/7VM47+HYG0hT0S5PaW4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5162
reporting-endpoints
x-fb-debug
gbkQaPSBaWftHB0WNjZgCGssOrnkmbpTBXUo7FI7ihUdhav8l6suS7bIR5JxxNMGZPC/mbgYAPYwpXrs99lTww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 19 Jan 2025 11:00:42 GMT
R1rI9_QXPKe.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 9C07 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/R1rI9_QXPKe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
4cb8829aa29254fcf51588307eaf1626e78ec6daf17d580b2415a527889340f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qEunU9EdsMUffyx3o/MqTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93736
x-fb-debug
Sm7vutrZaNuJ8fdZvcjdo7R4r5ulk+b+/91z4fudC2ShVq/0iR7T1/iqyr6RYzuMjGvPN/g5sxEmNB9kojkzKQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 29 Jan 2025 00:03:05 GMT
8ZrPme2EwKH.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 9C07 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/8ZrPme2EwKH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JieWsOvZ3RFDEjZePuauxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2809
x-fb-debug
Gu02XaAxHmPsC24i6sGgiVjZCcgZGjxQro7phwAHd8/joaYt0kHn68RrbpEoErxfpbnE6BbIWxp3u6bomj+6XQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 25 Jan 2025 17:02:01 GMT
ru8zNtgW1u3.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 9C07 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xfgcH48ZrXyM9ExSIhREow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27517
x-fb-debug
q0HMTyMerH6WPvZuX10N5otT9ff0bWGEfF66t2lwYx3pA3P3HwehfUGX1PNnEsqpvtbzdLcbuRoWaOUmqInXkg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 22 Jan 2025 10:30:45 GMT
91fY1Wa8SUF.js
static.xx.fbcdn.net/rsrc.php/v3iSa94/yB/l/vi_VN/ Frame 9C07 		107 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yB/l/vi_VN/91fY1Wa8SUF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
f8edf2083f3a9fe502c83bfee68ee236699028790d26e9ffb935d85ccd4522ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FH2HbJLPQCfOEKueHKq3Wg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31355
x-fb-debug
+/Miv/nLp+foSxm2xEaP+m6WnbEdHADMQdBH0ZfomMX7Sp2sQFI4JWL4TzcTMldlIp2HqKeyuXAVnoRaNe0ouQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 25 Jan 2025 01:13:45 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 9C07 		507 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
lOKdfzOtXxwzstzRRLHwSlaD4BcQsn7k3I9ktJHY0raCI2PoG54SGXKQCNhn8yRivYpGuzZJ5DQbuNoNRLkuUQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:14:35 GMT
308588887_519125290220086_8570028397416862242_n.png
scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-6/ Frame 9C07 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-6/308588887_519125290220086_8570028397416862242_n.png?stp=dst-png_s350x350&_nc_cat=103&ccb=1-7&_nc_sid=081abc&_nc_ohc=Wh2vHtEsaNUAX9mXnS1&_nc_ht=scontent.fsin3-1.fna&edm=AD5vYhEEAAAA&oh=00_AfAhSyxuOz-mtX5VGa-nGjlC1JjA4jYVsSnhSuRzi8FqVw&oe=65BCF53E
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.245.104.145 , Singapore, ASN4773 (MOBILEONELTD-AS-AP MobileOne Ltd. MobileInternet Service Provider Singapore, SG),
Reverse DNS
Software
/
Resource Hash
c8c36c48d1f36970dac28c5f3d4e1674ca4c2a84fc5f0d22071f6c576820dae7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:58 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 27 Sep 2022 21:36:05 GMT
x-fb-congestion-signal
congestion-delay:629;congestion-delay-p50:104;congestion-delay-mean:280;congestion-delay-stddev:444.5683299561497;total-samples:2986;dispersion-samples:1520;num-congested-samples:0;num-single-packet-samples:1;
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=414003894
thrift_fmhk
GBAtjQVoMHvMNmXr5kkllDKFFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1444560585
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
36100
309103170_519125293553419_3238386229176672338_n.jpg
scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-1/ Frame 9C07 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin3-1.fna.fbcdn.net/v/t39.30808-1/309103170_519125293553419_3238386229176672338_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=aGvC-uz3MqAAX_gObfP&_nc_ht=scontent.fsin3-1.fna&edm=AD5vYhEEAAAA&oh=00_AfANABEKhV94wwUJ-jBYNMHFDEVX0foDGILGYFwKF5fTpg&oe=65BE8AFC
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfff9c1a4ea4860496%26domain%3Donthitopik.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fonthitopik.com%252Ff15724d340c1f506b%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fhoigiaidetopik%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.245.104.145 , Singapore, ASN4773 (MOBILEONELTD-AS-AP MobileOne Ltd. MobileInternet Service Provider Singapore, SG),
Reverse DNS
Software
/
Resource Hash
829cd168e1e8e2db6e7dfe448613f6e85c2bfcef5c2dde8f9d37a386e337d33f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:58 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Tue, 27 Sep 2022 21:36:05 GMT
x-fb-congestion-signal
congestion-delay:629;congestion-delay-p50:104;congestion-delay-mean:280;congestion-delay-stddev:444.5683299561497;total-samples:2986;dispersion-samples:1520;num-congested-samples:0;num-single-packet-samples:1;
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3187391626
thrift_fmhk
GBB+dy0c7HPm/7zaMl9S4M4jFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
694441718
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1401
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 9C07 		573 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 30 Jan 2024 10:30:58 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
IheBHXCPVoEE60rVaf1Ggf6FGd1MdLOsmlwQIrHKQToQrA7B+VDnvW8Y5bBdSe9/xTSDbmGhs2mZh9cXZN1rxw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:17:37 GMT
dt
dt.adsafeprotected.com/ Frame 17B4 		0
0
dt
dt.adsafeprotected.com/ Frame 17B4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU29zEdEc83WwvE3vx60Vo1upE4W0OE2Wwio7C0yE1VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w&__hs=19752.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7329836954538180216&__req=1&__rev=1011102455&__s=%3A%3Adsiamn&__sp=1&__user=0&dpr=1&jazoest=21963&locale=vi_VN&lsd=pAnyy66WLLRYf_jSXNPsZO
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4WdD,pingTime:5,time:6142,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:1141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1129~0,1~100%5D,as:%5B1130~728.90%5D%7D%7D,%7Bsl:i,t:1141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:312,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:34,sis:1378%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=2de77e91-4dcb-4c56-cb5e-2a64f2c6dd51&tv=%7Bc:2O4WdE,pingTime:5,time:6143,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:1141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1129~0,1~100%5D,as:%5B1130~728.90%5D%7D%7D,%7Bsl:i,t:1141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:312,fm:u2QcnD9+11%7C12%7C13%7C14%7C151%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1c11%7C1d*.1924505-77817687%7C1d1%7C1d21%7C1e1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:34,sis:1378%7D&br=c

Verdicts & Comments Add Verdict or Comment

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| e object| tdb_globals object| tdwGlobal function| filjlxtxyoa function| ytwfy number| cc object| d object| s object| adsbygoogle object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| div object| img object| _paq function| ym object| block_tdi_61_9ff object| block_tdi_85_faa object| block_tdi_108_f5f object| block_tdi_124_9b8 object| block_tdi_125_eef object| block_tdi_130_0df object| block_tdi_133_5ab object| block_tdi_140_8c2 object| block_tdi_151_c85 object| block_tdi_154_8c7 object| td_youtube_list_ids object| block_tdi_164_f70 object| block_tdi_167_b06 undefined| timeout_result function| show_wpcp_message function| hide_message object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| sprintf function| vsprintf function| _ function| lodash object| wpcf7 object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| twemoji function| get object| Base64 object| ZaloSocialSDK object| _zap object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates function| onYouTubePlayerAPIReady object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer string| _za_version object| ZA boolean| R boolean| T boolean| z_tpv_ object| googletag object| gaGlobal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| _0x2a03 function| _0x23ff23 function| _0x5214 object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| gaplugins object| gaData object| Ya object| yaCounter95781862 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| seal_getFlashVersion function| seal_useFlash function| seal_installSeal function| verifySeal object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run function| _0x3a5987 function| _0x10c5 function| _0x355c3b function| _0x3bd790 function| _0x2365e1 function| _0x43bc18 function| _0xa9e905 string| _0x160bee function| _0x15b686 function| _0x3c81 string| _0x2a58ad object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MTYyNzViYmQ0MDcwYmRhZGxvYWRlcl9qcw== string| MTYyNzViYmQ0MDcwYmRhZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| _0x2fbb function| _0x18dd undefined| _0x49886e undefined| _0x321b46 undefined| _0x4f8044 undefined| _0x11117c function| cewtwewetw function| rewrwerwer string| a boolean| 89e685d4-9bb4-48fa-80aa-22193b513bb3 number| __google_lidar_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests

60 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: LFOkFkqbXjA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 81ikOoQfEgI
onthitopik.com/ Name: _pk_id.1.903f
Value: b72e383a8e1f30f7.1706610646.
onthitopik.com/ Name: _pk_ses.1.903f
Value: 1
.onthitopik.com/ Name: _ga
Value: GA1.2.697482153.1706610645
.onthitopik.com/ Name: _gid
Value: GA1.2.2064855921.1706610646
.onthitopik.com/ Name: _gat_gtag_UA_194942831_1
Value: 1
.onthitopik.com/ Name: __zi
Value: 2000.SSZzejyD5z0_Wlkun1KNptwH_Rx8MbhIC9_b_9H8KCmYtVVgXaSEn2kLk-gBIWxFBf_tuer8HCWed_VWYKn7om.1
mc.yandex.ru/ Name: yabs-sid
Value: 250509051706610645
.yandex.ru/ Name: i
Value: HQECzXQiCRVomgWUJQvyBX7v0QtQQyddMgEa5w9o2NlK4LmGk+MBCeYe3zrxK/Z9eNefkKSYlLs02N0adfbRRHHjYPE=
.yandex.ru/ Name: yandexuid
Value: 1359939791706610645
.yandex.ru/ Name: yuidss
Value: 1359939791706610645
.yandex.ru/ Name: ymex
Value: 2021970645.yrts.1706610645#2021970645.yrtsi.1706610645
.onthitopik.com/ Name: _ym_uid
Value: 1706610646127809341
.onthitopik.com/ Name: _ym_d
Value: 1706610646
.zalo.me/ Name: __zi
Value: 2000.SSZzejyD5z0_Wlkun1KNptwH_Rx8MbhIC9_b_9H8K9rydUoqs4XTa7oMwRwKG5kIDf7llfH2NvOrDm.1
.yandex.ru/ Name: bh
Value: KgI/MA==
.onthitopik.com/ Name: _ym_isad
Value: 2
.onthitopik.com/ Name: _ym_visorc
Value: b
.onthitopik.com/ Name: __gads
Value: ID=28d8707f8cd45605:T=1706610646:RT=1706610646:S=ALNI_MYrGykp8achUPYV8hEws2r6xmbeEA
.onthitopik.com/ Name: __gpi
Value: UID=00000cf3f24f7254:T=1706610646:RT=1706610646:S=ALNI_MZrQtjSul1-8N8_Onh_dP8y_Afx3A
.doubleclick.net/ Name: IDE
Value: AHWqTUmACJT4BK8H1OEC3IvDY7t8Ai-drzZ7fMiuXuFl20ms2EYjMmfqAptDBYKLeBs
.googleadservices.com/ Name: ar_debug
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: tY4oBG4Jq9UwErhkWP1OSPdmyRBotghw-abRzGTDNYSC5BUWjBtXLoSq0h2lRyMMlFT-jUVgv6I-98gKOsP4RXEzQ1MxI62MQ_HBCwmAgKY.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4805463670395510991
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZbjP3feZhafAsWce19QwiAAA
.casalemedia.com/ Name: CMPS
Value: 5317
.casalemedia.com/ Name: CMPRO
Value: 5317
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU$x3>@D!]tbPl1M>e)ZlrFUfJ+tGXxo<a7P#I<96!*<zDEcXt#'dESRmXOyzSCS7Y`23If)y3KL9D3I?+T2Ng/c
.ladsp.com/ Name: cr
Value: 1
.ctnsnet.com/ Name: cid_5612d38dd81c4ed58dfb437b03bee22c
Value: 1
.ctnsnet.com/ Name: gid_CAESEEcPYkkc3u65GkQeXabydOU
Value: 1
.socdm.com/ Name: SOC
Value: ZbjP3cCo8YIAAEIiJ9oAAAAA
.bidswitch.net/ Name: tuuid
Value: b320a13f-4ea0-44ea-b4e7-d2d9a15c7525
.bidswitch.net/ Name: c
Value: 1706610653
.dotomi.com/ Name: DotomiTest
Value: 548f6a85d28b205f
.ladsp.com/ Name: smn_uid
Value: DE-Q9fth8V3tXo5VB7S_2xA-NdiENF8
.ladsp.com/ Name: lum
Value: CKn2r8_VMRIFCAEQqAE
.onthitopik.com/ Name: _ga_DQGG3B27WF
Value: GS1.1.1706610645.1.0.1706610654.0.0.0
.bidswitch.net/ Name: tuuid_lu
Value: 1706610654
.onthitopik.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9nYJRuoq7REnKXzpw0PQGp08XQnvsjpjgrgbldurw0VUjliIy2VgZnyenE34V4-rKMP3LeOM796My95fLs7x7QGOnWPl7NwVck28mqD3K2Gqjgps0vsQlY99HCFW9DNUsc6aIjSuPZ7lKrVaE1XnaGEJLT_Q%3D%3D%22%5D%5D
.pangle-ads.com/ Name: _pangle
Value: 2bfeePhK012tCEGKQs8bh7vKP2q
.adsrvr.org/ Name: TDID
Value: 1464d352-a3f4-4e31-abf8-fb8e5657bacc
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIuOjopJLi0DwQBRgFIAEoAjILCLiQ5NCo4tA8EAU4AQ..
.yahoo.com/ Name: A3
Value: d=AQABBN7PuGUCEAP6P5fsiZC0iIuVej31MZsFEgEBAQEhumXCZQAAAAAA_eMAAA&S=AQAAAhWxcyxoqaW-D9JKSArYCeM
pool.admedo.com/ Name: tuuid
Value: 102218b3-cc58-4c90-8005-f51a9a6e83eb
pool.admedo.com/ Name: c
Value: 1706610654
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTcwNjYxMDY1NH0
pool.admedo.com/ Name: tuuid_lu
Value: 1706610655
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c8262495-e0d3-4129-6973-b3f0f042dffd.NOW0rRFaBPd%2FVrrNjXQp0%2FF7NweIE0RE2E3nx0x7RdI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c8262495-e0d3-4129-6973-b3f0f042dffd.NOW0rRFaBPd%2FVrrNjXQp0%2FF7NweIE0RE2E3nx0x7RdI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AyCYkleDTQSlpc7Pw8ELf_Q.%2FDhcXzhsVmwmZwCQp1AH5smKOGSIP7bv7Etm0GruUNQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AyCYkleDTQSlpc7Pw8ELf_Q.%2FDhcXzhsVmwmZwCQp1AH5smKOGSIP7bv7Etm0GruUNQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMo1JuAtDAdfSoEmgmzWfW632o4g0W2YVR3-dbMpx60tEHwYAiDfn-OtBjoEO773p0IEhKz8_A.bLU0BaNs9QhASwuZTbaNsNCDYEudk7hMWQ9vbfRwDnc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMo1JuAtDAdfSoEmgmzWfW632o4g0W2YVR3-dbMpx60tEHwYAiDfn-OtBjoEO773p0IEhKz8_A.bLU0BaNs9QhASwuZTbaNsNCDYEudk7hMWQ9vbfRwDnc
.zemanta.com/ Name: zuid
Value: bGc-rNvLdN_KOTBc-tnZ
.turn.com/ Name: uid
Value: 3632140955301555187
.tribalfusion.com/ Name: ANON_ID
Value: aCnt6ZaO5nP87PRo7TGr75GoRqNVVe6Rn6M8ItbYsyFlTXIWALyVrXqPrxqmCVBBnh0I4VgKLUJ277IVWewvGKlrxIvX3

7 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/www-widgetapi.js(Line 1252)
Message:
Unrecognized feature: 'web-share'.
security error URL: https://www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/www-widgetapi.js(Line 1260)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://onthitopik.com').
security error URL: https://www.youtube.com/s/player/6ee8f9ce/www-widgetapi.vflset/www-widgetapi.js(Line 1260)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://onthitopik.com').
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
analytics.pangle-ads.com
api.widget.zalo.me
b1-sindc1.zemanta.com
b1sync.zemanta.com
b1t-sindc1.zemanta.com
cdn.specialtaskevents.com
cm.g.doubleclick.net
connect.facebook.net
cr-p1.ladsp.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
gate.getmygateway.com
gdn.socdm.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
img.youtube.com
ipac.ctnsnet.com
jnn-pa.googleapis.com
match.adsrvr.org
mc.yandex.ru
onthitopik.com
page.widget.zalo.me
pagead2.googlesyndication.com
pool.admedo.com
post.plastformspecial.com
pr-bh.ybp.yahoo.com
px.dmp.zaloapp.com
r.turn.com
s.tribalfusion.com
s0.2mdn.net
scontent.fsin3-1.fna.fbcdn.net
seal.godaddy.com
service.specialcraftbox.com
sp-zp.zdn.vn
sp.zalo.me
static.adsafeprotected.com
static.doubleclick.net
static.rapidglobalorbit.com
static.xx.fbcdn.net
sync.srv.stackadapt.com
tg.socdm.com
tpc.googlesyndication.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.yametric.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
za.zalo.me
za.zdn.vn
zem.outbrainimg.com
dt.adsafeprotected.com
www.facebook.com
103.43.90.179
104.18.25.173
104.18.36.155
104.21.16.219
104.21.86.49
104.21.91.165
108.156.133.113
124.146.153.165
13.213.97.214
142.251.10.132
142.251.12.94
142.251.175.149
142.251.175.95
157.240.15.13
157.240.15.35
172.217.194.119
172.217.194.139
172.217.194.157
172.253.118.132
172.253.118.139
172.253.118.157
172.253.118.95
173.201.249.4
18.140.209.19
18.164.52.40
184.168.101.75
199.232.46.132
202.241.208.2
23.108.101.161
23.209.116.9
23.44.1.119
35.186.193.173
35.213.12.39
35.71.131.137
35.76.19.218
43.245.104.145
45.140.146.101
49.213.95.222
49.213.95.229
49.213.95.240
49.213.95.247
49.213.95.43
49.213.95.44
50.116.239.135
52.22.29.151
52.72.60.253
64.233.170.148
64.233.170.156
70.42.32.255
74.125.130.149
74.125.200.93
74.125.200.97
74.125.24.155
74.125.68.106
74.125.68.113
74.125.68.155
74.125.68.94
80.66.79.252
87.250.251.119
89.207.22.108
00687710f786ef2f429c16e3b09855a9cf805a1b0621a6bafa16983151f41d15
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02c32590b46dcb571c7b4ed49ff512f9d4fa5c9903a4ae14afb402077ec648fc
03bb427e74f953317cb2614e48692842cc339df5803241c3d3c36652cd5e6984
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b0120cc0ad521ebb841fade7e97170b169d155a1106e0e36091f0918efc38f5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd0b87e32439014bcf13e34fe9353bf05aed5f74b71c85cea22ad62f12c3e7f
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cf6dfa2221a8576a9832fc2b1cae64163d403fc2ae30228872770d765135b18
0dc5527bcc334c3d7b7df482ca11a56b6ffd5c723ce5316ef8bcf8d1550567ed
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
13463b6a26f4ee2ce508df098003cdc101ebb17be48bb9b787665b4ada56cf58
139e7b1480adb6aaf54f8a4c39c0687cbef8b8c6bb5e3ebf239b096ffbc90ea9
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1537decc77ac4b5fb20a12144c7c8611700afe62a25d76f55222b4230c71d684
15780ca1e4d875171235d1f5458daf4e50ed9005ae074aa45e82f7ce37d82b73
162bf1963f866686d1e53e1eec3a67d57bde651d98706e097b23d87666c7b7c9
175148d4fdd889379200c6272e78ef47be5011cfac3148306096d45f22edea60
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
19a416b944a709bb614cf0abda752d79058a4b728b15ca28bd6211ac97433826
1a494bad9094de648041f58491610d1bb694749987c076719de2075edd39b237
1c0b4a754bfe9ce907d29f97f5212e9a04d792f544f13c6f01a780a7e5008980
1edf83b509f38f707e0009d61d2f999d2189a2fa44504cbf743d5aa67d54dc62
1f2d6b3ddd1daa78b11f8b941a5d45d37a34dbe5a7b9e89fc01d3cd1ecd799af
1f4109e90f71f3075c49be497aa83487727cc18a6ce09b3f6bd0916062dade48
1f943d35819842e0a021170d75509daecaa3bfa35e859344ac3123dc2689a202
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
23407233d8a82f5b3bb2661b5657162d829f51303b60cf1e0562d3471deb0b1a
255c7a1fa69437e6e19994bcd662189c05d12bf98f2eecdee9f31690942336e4
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
2c40587955b6b11c12bf0e7c6884a502c937887573ea69e369c02520d328d3d1
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fc1849983f4ee3d42dc8f4f6054fddab0301e1417082175dee6bf8d30e4b7cb
3051a90084894b6f43440c9501c73d59926c72f9fd05fd67c5bb9ba3771e74be
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32047f50e34d3e948499d645f88d14cdfeb533b44860a8eab816e64330f4db44
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
37811d4d55ec74751bcaa643b3a9798f1d577ac2910b63c6ca202c2e36544e05
3827d2ecbb681a3fc78fa5c25ef1aa27a8aad880245a3255285646adef4b21da
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3a9e00a6830fa6be17db8512565427e7992087ef2d24e49820291c0db44136e1
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d6d2c5dee8646297c989eb5ac4da288913274cf6a742d98000e1d7b625438c1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec818f1698b0a9bed616e20ee5269986beff37c7018e54f4d68857fdf4a9644
3ed83f7c5252d4b92fe57a7e474feb9e8923806a370ce4ab0d572bd16aa486a4
406ef3b9c965445d19d8475f8fd9d0efc96cf6d6ab6ef964a6a6d4bea383d27d
418c158f983e8c925d5b06904be61f35fb431d86ce3406de91a59353dc56496f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e4f8b7bc4f5fb14885c606c89c2376c2f376240d8740803eb0ba4e916a41fa
4229b3634f357cd2cf8f7b848a36e0541d273560c2491109a8d26693cb905938
42565c5e52312e9aee7cfd534d3d9e0ae79fec208655c9ac5efa9138c85baf76
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45061676b383d710f4c08b17e6567189e844cd706c6d9eaef30b48e60f863b15
4529420bb6296311bf4e5f72ce161b2fb73cf8b8520170ec80d6874e65f3e0ee
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
48052f6267b2e21fb086ad26457c715b3b8b5e8c6fcbcdea42589da06b05e9be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4949dd2a83e12273dbfb19c5bee58e3ba8daa109b443463de508b7ad96441345
49d6e676ce5f79498b995ebbf1d6ef4ad3222c87a1b8d5c6495524b1a2b38305
4a20c803bc0f1f8a7d73c63e18b89f38f235cad4118fb259665ed01fdc9176be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b87da14908d3e2553cae1aeb015f79cdaa62bfceee4f4544d5a145789332f15
4cb8829aa29254fcf51588307eaf1626e78ec6daf17d580b2415a527889340f6
4d3c05fa85297651fe3fa2fb569fe68f3b161a94669a21b4db5644bc5c71401d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276
53188c46426202a71b3be2dcd3fb92d56fa6a3337c91fedbdee3aabbb0a881f1
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
54753bd05c9a14e23b2ecd6fb242faf57272cc3e1c12688fe1fb117b9f4d4f36
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54be81567f4ade652333ab3edad9a3022c4c8ff9c643e342460d022501a15586
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560144d356bd62e597cf639f10986eaffc41522b31bad4847f2b4cc82072b0e4
580d176fbb4de052a70635e77fcacc99450365ac586936f7c5bd82441337b99e
584d623ec3125bfc106a88a57bfccb15faf6ec72547191f81b894612ad910cc1
5904f4c6de8f2b7a3912fa215e8486718e0cac1de1832f64b30f3f58c860dfa0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc76b392af2d57412de72e9a46dc7d7d9a4d9451cb89535ccf452632dff68a1
5e3793e9152572a66463856cc8aee43975c7d33820d9b2f655ec82196c2557a7
5e88cefac5e42c621823471d18bd3f7bee0f5504f6aeb14a035a4ebce04b622f
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
5fd27e32df435aef9451492bb2fa219ec8354a13ade10522ac5524202b5d93dd
601be129c09bdbb9d98f8f14521bd693a0569aaa88a1b3e2b526f47210240c63
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626ad41df68cc332b88ca4b2c3408d4701071ab1f06ed2347a66adfbb6786e4d
6296c96cbbfcb81f11017ec3d2271ca03808bdb141ce66b5dc376c81706f75b9
64b7afdf4767b7fe1c92565c482c544ba0db14c572dc396d9d40bb9a2ba95362
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
679a31ec5b9177abc9ed7fe6ca4bee3b694534cced97b4f4c045396185a45500
67a79703c2c3cbc535d121963d946122c324bdb8be5c3e72c6022fc08e4d84fd
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a2fd8165871a31946da9b2cb6ecc55a0dcbcdbc8b34be6ec4cc9eaafd7ab783
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6a8de2bc7f42fff0549a3dbf0b1e0fa86cae0feeae74937d5a7a899d0576fb38
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be7095fc7b4ccf33a454343009429cda6343ba3c32bb05f1c33a0f242ee2888
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6e55d7607a996a77c6dbb006d9b6be838c4a8edb7fbf2961d02d307abfd8abe1
721979efb5d7c84a280d9491f94da614e96203f7caad07b6ad2937f5fbc63924
7275579cae6c93512a73f3a929764eda9e88331f6bc4c44021229276c23775fe
72911d3e5ab9645fcb8eacdd437b126de6600b075a2cc2a38b897c44787b6245
72b73d2855e0486d43b842f989c61d012343879c26da5abaccfd8d624bb363d2
76eab3c87f08190130245bb309a55547b4dd502487ae3b1cee2b049c8b386775
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
79064a8766d900a98247bbc116e488552fb9a2c7d36436a823e77053aa75e7cd
791793b9681b13093a6d94372c03ee86f20582ce73135f566301c15248520a54
79ba674fcdcdc11c1637897839b6ef94da8a9a1e43e3db5a1aede6104f761a72
7ab7afe799e6876b7ad3fde95ca3be9af60c08bd48a16dc55e8504c4654247ca
7d375150f11a83ca60de317ffcfd2f40ebb3567952d11ac6c2b5a7b3d05310de
7d7dfd5386bca8b7045ad883d877772bc7cb96d90b7269021c94d95e806afcb3
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81b8bef55def091f2ecc976f4790ba7330800ae6ad39fe7e418da668fc5a56ce
829cd168e1e8e2db6e7dfe448613f6e85c2bfcef5c2dde8f9d37a386e337d33f
831d0dd6f20ade8b76d862df458520645d863717bb349a4bd5ece546339c6729
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
855aaf41b9bcce8fa26cda985dbaead0a24783365191a0f0ce467b662c4ea29b
85f4fe6b01478702a7c2581b25a81de3dfbfa871ee5ed0298fc44588f270720a
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
86b7acb9bd6df0aa5d5b5ce9a7ca5bb941c79609b0b2c8aecbb3a730bc2b8dd9
8936a6938f2dc15cb1bab8b433e906b86cb94cdc559de5a580e6eb434749b79e
8e32aaba2e2360f7ebae2b0f418ff65ae2845ebf56735c306c22455ac0bf5b8d
907be2b89def6c1267c8a7bbd7f4728d298406cdd28d4538d2e63b82e402acbe
91139cd4858f9daf9232a73337c709311f1c83ebfb69b7779ffd97fdc77ddeb6
91422c632fa21464891cbf4b1bbfeb6fafb869693a34a7a912be91e59951123f
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9832a8483487b28181e03d2e86716ec446689a53165be9f5e22d690d47ecc6b1
99adbddebd04cd72a45a8736c4fae05288a3babb305e8af622c0a576b9ee9f2f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
9cac3323389af973f6ffaa20dbb0712755aa578b0072226f883509a5da5ccf82
9d616edf010d999feb18ad36f1f45f8a233ab24b089992191c98f40b0af8c830
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
9e0c7ff29750e4d3b6bfc55daf1678c1ffd0e24334d725f112bf7cf3512c0914
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23810e64b0dd5d37bb127b52ddebd507c8ffb60c3d3664f2843f368e7c50373
a4518a2205f5917f44bfb75a043a10df95eef8c353aca95306de38dcd5d7bb18
a5ac1c722f2919f98f34ec8ddc82cd4cb666f5c1d53a8d7663849780d7a894ff
a6978b66270f649ce40a087dc49b0b917060e2166f7beaae24f5a7ccae3e80ff
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
a8f33fc5177c10c013ceaeec16fec77adf848093c30afbb64117f9626506a5d8
a8fcf6605dc44f9b2b7cd65ce594db86a9f7a06f3efc07a984148c8ce388ca30
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac5a6dbdda7aab602f15db66c077df910ff1d92975aed878064210547a729bb5
ac87416ed845ff96e8e61de3f5b75ba38d4987fc0648f48d9b43f9f4f2c1380e
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
ae26da9f07e798b00d97ce55e30822af2d64aa80d46fd5df3566a6b99b4e9378
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33967bd8f33de7f8265fed72e068b7672156623824bfdf0725089b3d3dc9df7
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b55f965a2946a9b9ff75a665c170ab04d24a71d758532303dc4b0d58226774ef
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b5daf5dba62655bc5b67adc4de4f2adbe54f839d0a0147b6e6b83f20c3a274c1
b707767f779334b647291a51b682c119812818c5e95c82392c08fec4eb6fccb5
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
be94ab61751b7494ad15abe618c21824d31974ee0682c1470bf93236e01879f2
bf2d0c8ae030fdb87799b9757bc2af435636fabdde0e2b607684cda9042e1173
c001568dc1b58f44b9f64eb2f6099192c72b91c62df2c8d49fed3869ffb22f64
c12bd7749429ae2b53109eaa342ed38954f4af51753ea0830f8aa9f295f27212
c4e5e13051e570e83e44fc5f5cebce3fcd2b456802d0fec9c9a20b9688c2be43
c55916a78fd8ec426fa039ec731291c1914a28c96b0784cb01d9efe29b85488f
c5c0737e98aa0ab1d892f5fea7dcea87ba2794f927e42cc0d8448809b6c4ec1c
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c8c36c48d1f36970dac28c5f3d4e1674ca4c2a84fc5f0d22071f6c576820dae7
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
ce7ee423447975a7e5001f904a2e9db792b97bb241240ad611cef26586c4d849
cec15ea3389d0fa86e7d6d473fef7bb332395ea9d6df726c0d758a5df6697920
d28bcaf1d77ac4a113db4e17886f55ac040edadebb53c6a6cdfb2bf04ccb30be
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d460975ded196aa6ad7753f18c6640a589ca97ba560d55f32d58cc912d09b719
d598674d4e8268f2ecad650d61aad62b027d3b24a1d93b4070f6df80d104f699
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
dc444cecfd0afcdcbba59667bd1b2e4768793ab5c38506a8fb3812bf155766bd
dc71568e49d85f5e427b207431efe320138b2f7d8b8b93882917a299ffc44744
de2074e0188c7ad53f5a8261e76b75a29ddf08b5aa1b4b3e62617e7bbb83bdca
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3bb36e7d3ac848a6ba8622d6b29518c6c80d4ddc2b12771ef401d1cc224b4b
de9940f5e9174f71a14abc6097a4b7b76748ff9cda1bc143d984f20c74c3d004
e0818c4b2a8c7f4c77fa6bbb4ac1b9d20ec79425206a1a058447035c49266d37
e1744a949a4255b6cee2d9abe2e4551535f281dbb8cb820abcd9b3733c19a1f3
e2d5e03b6a7053fb904f1195851d13e277a5de08122be5a3d310375f91223954
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e692b31b0a5544033250dfa52ec8f640df2ecf6e7e72c0928c9f218ad9ed6f21
ea688ae83c0dfadef80cbed051442c7ff64ab53a8d1576bafbcdb87e8662ec9a
eb254e425065a42cc3a0b15cc7ab8c2bb579b777627d085800d8a8928c084e21
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed3713498bc1bc3fed06ae9c8203a00a2d08d23c2bce55efe4fb3a9e43addab9
ed96e32ac80d73e209ed28add0756ace607005a88576332fcf19b6a3caf573b2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0300e6243307279dea081242f5c1e9039479351015378bb0b53ce1498c47c50
f03d1042b553fc821a6b2a329644899ae02469b01329abe241279555088391cc
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
f13adc7f54c5cd3ef571afd59389b1c7d2ae178268aee24b478554464e53e052
f2cac43ec7d08cea5df0a0e24172fe9a63a07bf3eed2e489dc8202987f4bc691
f37005a1dab16d395a5a678b500f00e1c08ee293d2aa940be9b82b1504e27989
f4bbc2bf47fda8157880cd1b33f76c49d8af6825c3dbc15df63e625d8b35df65
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d606d09f529b863a2739ec21b8abc2b4523b95c822c2beb4dc9f4ad14b542e
f81cca0f326a409e3a47458d4b4158c0f83ddf676e331dd9cdeca3aeba630712
f8edf2083f3a9fe502c83bfee68ee236699028790d26e9ffb935d85ccd4522ed
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837
fce439846d0667f0316c7083f90f113763024320cc17d86d6bd062e4ba22c60d
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
ff8f069d896fa99207a685cbe5fdef189f2d6586584f220baa75bb8c9f9a52b8