urlscan.io logo urlscan.io
SecurityTrails logo

xn--220b31d95hq8o.xn--3e0b707e Open in urlscan Pro Puny
내도메인.한국 IDN
139.99.90.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://k-bank.n-e.kr/
Effective URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Submission: On November 06 via manual from CA — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 82 HTTP transactions. The main IP is 139.99.90.56, located in Singapore, Singapore and belongs to OVH, FR. The main domain is xn--220b31d95hq8o.xn--3e0b707e.
TLS certificate: Issued by R3 on November 2nd 2023. Valid for: 3 months.
This is the only time xn--220b31d95hq8o.xn--3e0b707e was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    172.104.112.214 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-112-214.ip.linodeusercontent.com
k-bank.n-e.kr
kisawarning.o-r.kr
5    139.99.90.56 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 56.ip-139-99-90.net
xn--220b31d95hq8o.xn--3e0b707e
9    2404:6800:4003:c01::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2404:6800:4003:c03::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    119.205.238.29 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www.mediacategory.com
2    2404:6800:4003:c1c::66 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2404:6800:4003:c06::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
googleads.g.doubleclick.net
7    2404:6800:4003:c0f::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4003:c05::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4003:c0f::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    2a00:1450:4008:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2404:6800:4003:c01::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
bid.g.doubleclick.net
1    2404:6800:4003:c04::65 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2404:6800:4003:12::6 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
r1---sn-npoe7nes.c.2mdn.net
2    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
ade.googlesyndication.com
1    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
googleads4.g.doubleclick.net
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
cm.g.doubleclick.net
15    211.110.63.237 (Seongnam-si, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn.megadata.co.kr
img.mobon.net
1    2404:6800:4003:c1a::63 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com — Cisco Umbrella Rank: 301
281 KB
14 mobon.net
img.mobon.net — Cisco Umbrella Rank: 129804
377 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
48 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
85 KB
8 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
5
function sub() { [native code] }.
132 KB
4 mediacategory.com
www.mediacategory.com — Cisco Umbrella Rank: 106005
14 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
2 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r1---sn-npoe7nes.c.2mdn.net
7 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
134 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
273 B
1 google.com
www.google.com
559 B
1 megadata.co.kr
cdn.megadata.co.kr — Cisco Umbrella Rank: 163944
3 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
615 B
1 o-r.kr
kisawarning.o-r.kr
645 B
1 n-e.kr
k-bank.n-e.kr
215 B
82 16
Domain Requested by
14 img.mobon.net www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
img.mobon.net
12 pagead2.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 www.googletagmanager.com xn--220b31d95hq8o.xn--3e0b707e
8 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
xn--220b31d95hq8o.xn--3e0b707e
7 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
6 csi.gstatic.com imasdk.googleapis.com
5 xn--220b31d95hq8o.xn--3e0b707e kisawarning.o-r.kr
xn--220b31d95hq8o.xn--3e0b707e
4 www.mediacategory.com xn--220b31d95hq8o.xn--3e0b707e
www.mediacategory.com
cdn.megadata.co.kr
3 dsum-sec.casalemedia.com 2 redirects xn--220b31d95hq8o.xn--3e0b707e
2 ade.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
2 r1---sn-npoe7nes.c.2mdn.net xn--220b31d95hq8o.xn--3e0b707e
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 cdn.megadata.co.kr xn--220b31d95hq8o.xn--3e0b707e
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net xn--220b31d95hq8o.xn--3e0b707e
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 kisawarning.o-r.kr
1 k-bank.n-e.kr 1 redirects
82 24

This site contains links to these domains. Also see Links.

Domain
letsencrypt.org
xn--c79as89aj0e29b77z.xn--3e0b707e
Subject Issuer Validity Valid
xn--220b31d95hq8o.xn--3e0b707e
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.mediacategory.com
Thawte RSA CA 2018		 2022-11-29 -
2023-12-23		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
cdn.megadata.co.kr
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-10 -
2023-12-10		 a year crt.sh
*.mobon.net
Thawte TLS RSA CA G1		 2023-05-24 -
2024-06-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://xn--220b31d95hq8o.xn--3e0b707e/
Frame ID: 6A98E0EDF2BB1E865834844CB90FD2C1
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Frame ID: D8820B3E1E1B815953C08FFC6BA69F43
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775035&bpp=1&bdt=141&idt=97&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=6543263949924&frm=20&pv=1&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=wWcmbwlHI0&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=102
Frame ID: E7BCA23FEFA637F632FAD64FC530498B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0D30F4FCD2F4620D7A667712447EDEC8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1699257776&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257776173&bpp=1&bdt=1279&idt=1&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da714caf64e38b1f4%3AT%3D1699257775%3ART%3D1699257775%3AS%3DALNI_MaU1DGQj1kIwwxYQNeuGNlFRRXDoQ&gpic=UID%3D00000c80cedccc0f%3AT%3D1699257775%3ART%3D1699257775%3AS%3DALNI_MYIZ4wFH667hYJbdwCuiA9WOtsmUA&prev_fmts=938x280%2C938x280&nras=1&correlator=6543263949924&frm=20&pv=1&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&psts=AOrYGsl6I0BlnsfV_L6o1qBtdgToBMvAXqo9dgTwVLZr6aScOGVKyX_ks9JgAc8PXJjNrNsDXxFZyp8oIe9d2wXaYBnj_x7J&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=17
Frame ID: C6C5F99A865CF603A7B9B7FC2B1FFDBD
Requests: 1 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Frame ID: 5E6D5FF400225F30B6FD78B8F5D5C306
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA27DA18055FC829FB8A374EFE7472B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CECCAEFA2617A7461785414E910C724
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

내도메인.한국 - 한글 무료 도메인 등록센터

Page URL History Show full URLs

  1. http://k-bank.n-e.kr/ HTTP 302
    http://kisawarning.o-r.kr/ Page URL
  2. https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

96 %
HTTPS

57 %
IPv6

16
Domains

24
Subdomains

20
IPs

6
Countries

8307 kB
Transfer

9325 kB
Size

62
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://k-bank.n-e.kr/ HTTP 302
    http://kisawarning.o-r.kr/ Page URL
  2. https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://k-bank.n-e.kr/ HTTP 302
  • http://kisawarning.o-r.kr/
Request Chain 34
  • https://gcdn.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/03B6FB5B28E75CD47525CD35CB407D365A7F919E.937D0185767CB8D3625959B6E270365F7A5751EC/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3B0414FC22AC6685CE2F8E7FC3B9753C04D53A0F.4E64236E25105682EC6D6357EAD18774B1053959/key/cms1/cms_redirect/yes/mh/Wv/mip/2001:df1:800:a00a:12::3/mm/42/mn/sn-npoe7nes/ms/onc/mt/1699257139/mv/u/mvi/1/pl/62/file/file.mp4
Request Chain 43
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-znAIQluisAhjqsb77ASABMAE&v=APEucNUJWBhlyuILJSXbEbmC6lr1L-bD6B1dezdWUr-9DYDliCLuVQJPdeoLadUklLEgfYnUgHkQyNRGWMsRUSKjl6I8I2eZixpVzKAN-7UA8sQ273p3lzQ HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUidr4Zs7flbB.yI2TXn2AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-WZ-foaO49FakxkZB48uc&google_cver=1&google_hm=2

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kisawarning.o-r.kr/
Redirect Chain
  • http://k-bank.n-e.kr/
  • http://kisawarning.o-r.kr/
459 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
http://kisawarning.o-r.kr/
Protocol
HTTP/1.1
Server
172.104.112.214 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-112-214.ip.linodeusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 08:02:54 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 08:02:50 GMT
Location
http://kisawarning.o-r.kr/
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Primary Request /
xn--220b31d95hq8o.xn--3e0b707e/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/
Requested by
Host: kisawarning.o-r.kr
URL: http://kisawarning.o-r.kr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
0b703915a7fb91a4d7ee229a8acdedc6105fc640fe99372b66dec92fc01c6904

Request headers

Referer
http://kisawarning.o-r.kr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 08:02:54 GMT
server
nginx/1.16.1
x-powered-by
PHP/5.4.16
style.css
xn--220b31d95hq8o.xn--3e0b707e/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/style.css
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:38:47 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335c7-507"
content-length
1287
content-type
text/css
jquery-1.7.2.min.js
xn--220b31d95hq8o.xn--3e0b707e/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/js/jquery-1.7.2.min.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:39:30 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f2-17278"
content-length
94840
content-type
application/javascript
loading.gif
xn--220b31d95hq8o.xn--3e0b707e/image/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/loading.gif
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-38ee"
content-length
14574
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62e8215235e8814adaf319cd4433c012e2a7ffb8cd2342c8a8f7dfd42dc7043a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 08:02:54 GMT
logo.png
xn--220b31d95hq8o.xn--3e0b707e/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/logo.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-2706"
content-length
9990
content-type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b8b9fb745375239be69f6f239bad35de959a98ffc9b2be5b9a886ef2bd057e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52124
x-xss-protection
0
server
cafe
etag
1655066626467384790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 08:02:54 GMT
adMediation
www.mediacategory.com/servlet/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
32ae19a6969ac85b614b1ba8bc27bd4efaacbb6f7951c7c082f23ea670758495

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 08:02:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=euc-kr
Cache-Control
no-cache
Connection
keep-alive
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMMPJ6F50B&gtm=45je3b11v867488053&_p=1699257774932&gcd=11l1l1l1l1&cid=539750945.1699257775&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699257775&sct=1&seg=0&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&dr=http%3A%2F%2Fkisawarning.o-r.kr%2F&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=297
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=xn--220b31d95hq8o.xn--3e0b707e%2F&tdp=G-FMMPJ6F50B;67488053;0;0;0&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=xn--220b31d95hq8o.xn--3e0b707e%2F&tdp=G-FMMPJ6F50B;67488053;0;0;0&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ccdemscroll.1ccdemdownload.1ccdemvideo.1ccdgaregscope.1ccdemoutboundclick.1ccdconversionmarking.1ccdemsitesearch.1ccdempageview.1setproductsettings.1ogtgooglesignals&ti=2ccdemscroll.2ccdemdownload.2ccdemvideo.2ccdgaregscope.2ccdemoutboundclick.2ccdconversionmarking.2ccdemsitesearch.2ccdempageview.2setproductsettings.2ogtgooglesignals&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f11edb4449de7161571e84edd42e4c1a00eabcb300794a84d1df0b5ed0d35c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138456
x-xss-protection
0
server
cafe
etag
15250219858651399282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 08:02:55 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAACCA&h=Ag&epr=1G.2G&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=*&eid=8&u=AAAAAAAAAAAAACCA&h=Ag&epr=1G.2G&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie.js
partner.googleadservices.com/gampad/ 		427 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xn--220b31d95hq8o.xn--3e0b707e&callback=_gfp_s_&client=ca-pub-6586021537633126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cab4ef0ad3718005a8a49489e1975f6dc20e0c9103f28bf6b590687e31927d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
263
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D882 		86 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b37245fbbc2b5d90c51fd6bba018b24d043e117433c368605047cf6147c1dbad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:02:55 GMT
expires
Mon, 06 Nov 2023 08:02:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E7BC 		755 B
545 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775035&bpp=1&bdt=141&idt=97&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=6543263949924&frm=20&pv=1&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=wWcmbwlHI0&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=102
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21ab8040c77ad0ab50882430a3413d706df28033f1e45428c3fb630305b40312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
373
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:02:55 GMT
expires
Mon, 06 Nov 2023 08:02:55 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame D882 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
43455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:58:40 GMT
css
fonts.googleapis.com/ Frame D882 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 08:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 07:15:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 08:02:55 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame D882 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 12:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 12:50:07 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame D882 		374 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 14:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132916
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 14:12:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame D882 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
43455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:58:40 GMT
csi
csi.gstatic.com/ Frame D882 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lomm7ewx&c=8169014885964&slotId=4084507442982&qqid=CPbXx8D0roIDFQz7aAodN54MyQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D882 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:03:13 GMT
x-content-type-options
nosniff
age
439182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:03:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D882 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:14:48 GMT
x-content-type-options
nosniff
age
438487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:14:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D882 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CWiwgr51IZbbECYz2owO3vLLIDOes6-dz3N3AopQS8C4QASDM1LckYMEFoAGbtdzWAsgBBagDAcgDmwSqBJECT9DRf570FE17aT-GCUF0e1po0PQYlkSZuPTy8RfbzdwtPCmO0j5E_Jzloe9VuQR1i9RAlzjvzk-U8Sz3WRIVZfSFjrpbFXSRfEzpkUYbBAZ9NU522I-iSG8pycEkczMbVL0Bo3vlH16njhQMzXqm6nbSUr5UO7fRNqiO_weQUQ_3qF-tXcKf8WO7Nc76HVcR-nrOd1IQIfCm1yaCci8Qkiv2XpTvFO8ta6wiQLOxuM5cI5b7fAXBklYfc2JiPvlkr11VBCyrsM8VSrpelkCVd7P38nDN8E9IypldBiCj14U6YZ0Ckpi6ZZ9R-r0imc8IX5NphM3kx5QNxn1w7lj6_pkcu6N7wyLzDylGriPEIKFlwAT6juu0vwTgBAOIBeWj_pBNkAYBoAZ2gAfNyqOpAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAlZOsBOhz58VyBOivuPjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1699257775439&ai=CWiwgr51IZbbECYz2owO3vLLIDOes6-dz3N3AopQS8C4QASDM1LckYMEFoAGbtdzWAsgBBagDAcgDmwSqBJECT9DRf570FE17aT-GCUF0e1po0PQYlkSZuPTy8RfbzdwtPCmO0j5E_Jzloe9VuQR1i9RAlzjvzk-U8Sz3WRIVZfSFjrpbFXSRfEzpkUYbBAZ9NU522I-iSG8pycEkczMbVL0Bo3vlH16njhQMzXqm6nbSUr5UO7fRNqiO_weQUQ_3qF-tXcKf8WO7Nc76HVcR-nrOd1IQIfCm1yaCci8Qkiv2XpTvFO8ta6wiQLOxuM5cI5b7fAXBklYfc2JiPvlkr11VBCyrsM8VSrpelkCVd7P38nDN8E9IypldBiCj14U6YZ0Ckpi6ZZ9R-r0imc8IX5NphM3kx5QNxn1w7lj6_pkcu6N7wyLzDylGriPEIKFlwAT6juu0vwTgBAOIBeWj_pBNkAYBoAZ2gAfNyqOpAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAlZOsBOhz58VyBOivuPjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D882 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lomm7exc&c=8169014885964&slotId=4084507442982&qqid=CPbXx8D0roIDFQz7aAodN54MyQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.99&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame D882 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DtQCcsrrbDRtfwBdUbY_JLE7lQAayjTFHAPPEow_3k13PgynByx8YZmmTJqK91X6R-7EIEbJBNa-K2JOni4yy_bg2WUg&cry=1&dbm_d=AKAmf-BOYxJUgclwjM75XJBXemtNnjF1QzLvtSFPlIQKh3rgX9KKSruv9oYhRVhV2aQYBFVZTlFKJ-H383j_QYGZry7VCcZ8Mt0VnTRjDOLtXd9UZOieKvblDMDH4fsh-srSvIBBQK6zrrAsFXsHi8eP0v4-rAwFx2BSKAKJ1wx4_lveH3GadU_09ojiX_YbpxpaPhO3_Raw0ahFK_DvsTIykum_Dv2BKUVF8QwDdPFhvnhMhe8Xk5omFjh2z1u1OG7R6ysEIgraHBp-9HemueBZbW0xMOqnPVGr3W6JQFkOZ2sx5miV-ItvkB43dYWtVaxDeQjL1tvEuNoVZFikONoVEEpJsACiceXlhKJWArolzmHpUjgpjr-Z59FTe6ECyxC5fGYRjdMLryPE5BRgjo2J2rSkSGeOjAowHwEFSKd26TVM6FUKdsYYbPkXT5fws8-INFb6MNBpNldfsov5gtyYh7d3X_s5VUUfIpJNsOK9JvToYwGrc5vIcl72fUdTWUzTxbVXYauCRAGSSTTxAC8loZ3E02V04NECZ2uL9nJDYUpyj8aIjE9E6CkrtAIMl6ehJd8jFacXbDRWx3o3MocJsNI0q2-a966Yqm_UaH3S6FxZO5M2o6R7UxSNZLPRwT8DNjJWq9ofb1wvkERaXzpZ7PIZ2ptHyht2fnd3uZads-RFPzRvFLKyZUr5_pYK7aMToTgmotKDblyU-aou8AY0Gd6DoVNn_K4nl6ST0UdhNXN2QPhrXBZE-Iamb2bDRQupGO6YQyBKnSlTR_Xd7YWmv0KH-71Xm3uxHCzyvLU8j3_5AaDKLEC5cE1bD4ONUBitzqXivvsoMXOZRYnrUQOgUQ2O2dkMFZ_gRFYfU423n-O2Sqn8i4pvkrtcw5eNvoBXl4PCPK7Aku_jksfMO2nqDV0Ez5V_tB3E196wUKnoCuJ8Y2r8HSFH1ft_D4bvWI1znXTnBI7p4gCGhCNniLdXLjpuAUXxFBFlK0398VFApy9GD-4xgUrGYiujtCitXPqJY-5JBQZgutGYZiutp5YDInouhm_z8QV_zfk5QCAYhaCP3nV-HisI1m_pM0R1YEQ7pHyNONQqSWRsyU_mS-pcitNF8Z27nAegem3bPTYtZAA3F5DBKOOiVYyuLaD1xngKzQml5hKntj0FBKq4ZeH6hItay-wlIYTTajaIR0QswnImQ-gLGyOYR5SKaaO3Q2wfKvkn6AW1We7L4QeEkjhqLxl3odyiVR9oNb4BEOj0rkstE5EXL_ix7bAsakNjWRTkpuq_Qwt4CH1xhfnrHN5gusJuWnshy0sVD5i8FJVesK_nxQqbyToU0URoYvFJ6sfUUi0lBymzeDrBDQBhyDa1Knr6eTudInwOA22e5QxAkEvO2fNnedYdTzzlnTHjKs4FdvDep6QsVlWTSIErPIMoyFKddczCzL-cmAGNO026ApzhnNKj1WqCq7Wj4PmM6qB7GK8h_1b51gwlFgRNgEq8P4ijZ4-F02_I8tjVRortFr0KxHLVifdsWgkJ3Qa9f7OZgQ_6STZezepWxr0EnJppDLbLZJABmWJWcjDGB711OugvFjAP5yu6_8d0-BaUNVxeBI8u3Y1sEbCd_B2YZvxH8PfuW7ABcJ19YDu8VEbtY00QjeiJTJZvUZBQ-WtdHulriGryPajn-setyTGoXTNN5jKxyDLyF_rdv70-1QT947qrX6KQ_nhxqG1m_P-n3RjlGf1L_feaY4-_nNIn8L1JM3szEtIvZkXFCNHLVOqBX3AMiusA-okjP1TgkaLvrXCW7FkoIlapjrQcXIfYHjUQIqno6zq0znjEhgL27NKMCyrrllwEXnxJ2qCFBAEHJLIz4Z0HMo1mQPXXNNmolCIwRamcQI3b9JTQLtIB7L-HwZ3KoFGC0lWmjNFk6YldTqnYuH4ouYMDpB37XGu76oBwgVGi65dCMUkqQJubnliVPYoJFSyiOCIotmMtZXdDqhGZ-U1q1r_4Tv78Xwau-3tgRKU4D_vrA4izFRvXACOBM_fvW_RkkS-q7V4vs5WLbf2kZcBGpQ6c4rIVCrHWkcgImwwocEQJ340TveMl_9vg74nbiQE9GjCbmGigfxKIebAwqLsvBctiCOdt_2mtvht3WxE5HnSYwpyB2xVQWlhiut-YQ5Ea8yLKih3FKihzuGU_ab1okYcBebUjRfxR8IsEpFcGgVIMOzWm_7bEqjE8zky3DkqyLsUZETXaflekPZIfSTryLy7zhaB8ezKO3RjOrbjZXeILpU0T7aALm7nXAeIyiSpxgE4pP7wmHBKOG3yrthFyKJPv0JOS48KusUI4h0KW2_lWOZj90yu1l12OswB41wY-gbrOjLGcQY-QluqV9FIx3cUxHgEOj9ITK7UxrYkbxR44wtPcN_rviWBTylNo4bXS7OqID4kAVKRhj_wj36I2-hwSPGmVS4GwF_YEbIRiMiJQUQ5uUhmTdQA15uP8nA4eSMen7DLaDspfaUXlHPSq3Nup__UpRSoST9GNz_sw-cWgCn39Jcowh1c-k4fm4ZmdGiqvlSCeCkBK0iBG-kmCP6u00OQXSdXdnApNWZk1Rmcf8Uvc2JLSHM13cqZvk3BW5NAE3PyLGUtt00Gya8jd4lOvuoj0Vg_SWRcwFfJ8V5I4UinZHk_DSD5KMkHr8lRI4i_8r98DYCOqJ-p_jc80fKtTHD2HNlyuAk_g7Qj7trVZ_oKV8qRwL3SgWclgQXAx1ODe0R6dU0O0vuhYx8sC5bmheArMPJwxDCHzf0N4t7Dw6VZXZB8fgHB1mIHiUx7UYFAGzzDcjaVDmMzb9jImUGg07b1w3ig7jK5mA6VpO7R8r-_1zEXW-qrJcSlsAaNseiSBQhCzw8g3WO8aXfhVjXihoDiIJkDacwUBjktBgjlk6KgiuQEHl9K9Kci4KTQJDzA43wMKvLr5jnQJ2CNzwj0VVFLnCibQw_PX2bSnOSKERD3b9QNSCYSUp_Pj2ba-0tLvgsGddRfBN_XgWjEQ5b7T5c4DaNtqe-26coY50uvRYAvKA3dNytuGAS-TSZLJjwNx-foR9lPEUiOJHl-j5sYjyyUuA8FkQwSyemDLkctqkrHYg-iUdOptchId2CJJ1aeDY3Yh5acCqFgDCGkRBqBqAUpcqO2H2T9bWa5UfLd6z8Ig8NzjeSHPXhAT-7bMMdlvr0ZNiH-CZAr_Qa7mcpZNAVJJ55oVf6Lau7fLW2HeU2TSxIyasZBJBpF85lMYmF0_ggVbxjS-oMPd_B7ClMYonI1p7qEu4EPti8aDMwIMLsGzG0bUtTd2cn2eGdxGBN7OAPhsrkLLMBeJztRc_bs2s1p66XpQ6qeNUFTKciVL-gGeXq-rP8UqgX5fVgLsWTaWToOAd6-nXMD-YD5DKxWec9qrU4nMFIGKnBQaYL438n6FjHHPdgNtZ1r_Rp8iRkMxleONKajxAxBfg3bwkWmEyKp5hF7r-8qWzdVMVHhCeqww8JISQzI_mz39jjxrOwGIIh5TP4tGIU2sUZEoKAl0pkjLbMifCTc6VBdZoaXed1jfwMuGERt6GLAOswyN4WCGnvM4copyrFMLzUdO62_p8nl4R551Q20hWpaRSB7fBOBzvVmM4zlF_mJ_uFRT7w3OMHo_FwiDbZjZf_4qy0IE1nnN5VYaFPJHKgrG2glC-D2Qw30yn6Moepr58IPq98FQ0pL1Ne5FEY8NCi2ICs-cA4gWyhFYA8spFXuZVIBu1CxyIrDNgdtjJe6a6dsJ6mckazKP06qSeu6-ihkyVsK-MBtJJon6wg0YWnXTftHudQ-1jAZz2RW24XoKxldjZoaMFLjp0h00crNKmRKAZHLA8Lulr0i0p2URGy1RWPJdtVRO8f2r70L_SOWzl2Fevtu6ImjRuT5ivbS0qYDy6tcs&cid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046DwQmZw_25Lj2iFbIyQySv7eVpt-nT_VYYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
899f8eefa102caba3f0bd0edf6382830d7b646b04aee5cf8c22036344c26be90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17418
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D882 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
271ce6739ab6464386aeae1a58f85ccbaf85d467832e2b1ae0ce634ee906f32c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame D882 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9OSwr51IZbbECYz2owO3vLLIDOes6-dz3N3AopQS8C4QASDM1LckYMEFoAGbtdzWAsgBBagDAaoEjgJP0NF_nvQUTXtpP4YJQXR7WmjQ9BiWRJm49PLxF9vN3C08KY7SPkT8nOWh71W5BHWL1ECXOO_OT5TxLPdZEhVl9IWOulsVdJF8TOmRRhsEBn01TnbYj6JIbynJwSRzMxtUvQGje-UfXqeOFAzNeqbqdtJSvlQ7t9E2qI7_B5BRD_eoX61dwp_xY7s1zvodVxH6es53UhAh8KbXJoJyLxCSK_ZelO8U7y1rrCJAs7G4zlwjlvt8BcGSVh9zYmI--WSvXVUELKuwzxVKul6WQM12KQJh4oti4ahLyJ2HQC1giIHWmZFvnCmw33bwbSuw15XBPGQ_WHTpuhVSzJXqyyVutzCjD65aczN7y2pUMMHABPqO67S_BOAEA4gF5aP-kE2SBQYIAxABGAGSBQYIGxACGAKSBQsIIhACGAJI3cOSApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHzcqjqQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCPlQkY6rG--wHSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdoMEQoLEKDwtPa9i9mDlQESAgEDsBOhz58VyBOivuPjA9ATANgTCogUBtgUAdAVAYAXAbIXHAoaCAASFHB1Yi02NTg2MDIxNTM3NjMzMTI2GADoFwU&sigh=0DNOb4XOw5Y&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046DwQmZw_25Lj2iFbIyQySv7eVpt-nT_VYYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
Attribution-Reporting-Eligible
event-source
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Nov 2023 08:02:55 GMT
csi
csi.gstatic.com/ Frame D882 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lomm7exy&c=8169014885964&slotId=4084507442982&qqid=CPbXx8D0roIDFQz7aAodN54MyQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame D882 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 21:42:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 21:42:42 GMT
file.mp4
r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D882
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3B0414FC22AC6685CE2F8E7FC3B9753C04D53A0F.4E64236E25105682EC6D6357EAD18774B1053959/key/cms1/cms_redirect/yes/mh/Wv/mip/2001:df1:800:a00a:12::3/mm/42/mn/sn-npoe7nes/ms/onc/mt/1699257139/mv/u/mvi/1/pl/62/file/file.mp4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Server
2404:6800:4003:12::6 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:55 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7371533
Last-Modified
Tue, 24 Oct 2023 09:54:43 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 06 Nov 2023 08:02:55 GMT

Redirect headers

date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
653
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3B0414FC22AC6685CE2F8E7FC3B9753C04D53A0F.4E64236E25105682EC6D6357EAD18774B1053959/key/cms1/cms_redirect/yes/mh/Wv/mip/2001:df1:800:a00a:12::3/mm/42/mn/sn-npoe7nes/ms/onc/mt/1699257139/mv/u/mvi/1/pl/62/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D882 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lomm7ezv&c=8169014885964&slotId=4084507442982&qqid=CPbXx8D0roIDFQz7aAodN54MyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3725&mt=video%2Fmp4&vs=1024x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.bd~videopreviewvisible.bl&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0D30 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
432008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 08:02:47 GMT
expires
Thu, 31 Oct 2024 08:02:47 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 0D30 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 05:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
10366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 05:10:09 GMT
file.mp4
r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D882 		7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-npoe7nes.c.2mdn.net/videoplayback/id/4680c67bf7bb37af/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730793775/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3B0414FC22AC6685CE2F8E7FC3B9753C04D53A0F.4E64236E25105682EC6D6357EAD18774B1053959/key/cms1/cms_redirect/yes/mh/Wv/mip/2001:df1:800:a00a:12::3/mm/42/mn/sn-npoe7nes/ms/onc/mt/1699257139/mv/u/mvi/1/pl/62/file/file.mp4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:12::6 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0200925ff9e8ea06d91f1f89cece3ca6dd00c5828f32d6cb9d6013518d88dca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 06 Nov 2023 08:02:55 GMT
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-7371532/7371533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7371533
last-modified
Tue, 24 Oct 2023 09:54:43 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D30 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BSuxGr51IZcKdHs69ssUPxuGA8AkAAAAAOAHgBAI&bg=!6Oul66TNAAb4oU7C2KE7ADQBe5WfOEV6dkVixRN-ZVuJfE2ThxZa2sr_HLb6Z4QYPtpdlYyUNBla3Wqoj2Ti2_Ou9uKDAgAAAGJSAAAACmgBB5kDLrz-_pwgb470fbBNy3KMvV09O1JdchdyPJV8j1JyEaxs_766urh_YmQ5y83kR1290zqMJzOJ2FHjmEj0lgHWbGO2MNj_A0XihyNKZdQCNvCv95hsw1b--bo4H9cXbPMguy3_HgcI6FHbhRO_E5Pz_r8637wV38TCNLG2oiDu1gRQC9_4c7dvERWUqKqzw0-vovEbxRTgk0eV8arQCBa1HzxO2lvaZNJr65rXqS81GhEVzCVR6dSAV4-wdtYlJPLfywocx8KuCglrsKFQbYps8h4qr_3xOFZIHjs1Q0GIDku8hx0MB8u4hbvsHZSjJtoViWc7hpGtgFJkwF23FvzRFlAUB-vsr7Bhvc63CSXowSjXQ8trGnOzVjicNoeqg9Cah6v5YeW0_lG7zgVGf2Ol0J3-0J1zMymvLsPQq0KSbiKz-MBnpriK2StJqWMvcV1XEk-oPsvKCt2_e_IrOk2mjv-JnojlyC2Gosq-nBjgdY1oXFJlmV0oUmR1isxBS4TOAIsld0Ul0ZK4NCay3lVmh7u0D2OgpP22KiUbzI2AowIC-C95zev-0WKuZojpkcYfHE8qDLtA_gPMB0hUtu_UFDEhBhd8XYykbA-xKZ-VBmTixCXj0s7OpS_TNAFCkoEUhgqQ8J8Wm-vlntVzndGQYut0eNP77XkH0MA_AQ1nvaq4P-ifwwkNHtsX_s9lJLs7EgbYhwvmMlJH1ZvR4fIQ7hHK4hqDE1vcM1s2_25MborcUof6P0yPu-YB4o9ym92WJ9G39v2kRld4iUD2Vmy1mc3I670IWCkhXT7ZTjHgsO-cWuNjkB_Dbu0eXAlk8u459tqQ_-VitVQVrXSJHerb4sYS8jcjiKEEZhWUPntuooWQa1AeVoNyPDJQRfoBz9TE44uaq0g_7xwiM0frxSD-Zf0A9ZMF-wJ5p2Nbwg6Lkx0TV6gGS6TlhYiK8b9ZefB_oT59uMM31_MMkC2eO7oGr4sJH-N_ueT-qQ09gepjTkEUNvnAxxFlnNqMr79s5Q67gnVAM86KLi15zw83iE86brNp_fj9f6R8g4mjMScWxYVdxWH0dvqGAMO4ey4KpV4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgrHcwPSuggMVzp6sAh3GMACeEAAYACCjv-ZgOhoI0c7AqQEQ-o7rtL8EGKK-4-MDINzdwKKUEkITCPbXx8D0roIDFQz7aAodN54MyQ;dc_rmcid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046...
ade.googlesyndication.com/ddm/activity/ Frame D882 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgrHcwPSuggMVzp6sAh3GMACeEAAYACCjv-ZgOhoI0c7AqQEQ-o7rtL8EGKK-4-MDINzdwKKUEkITCPbXx8D0roIDFQz7aAodN54MyQ;dc_rmcid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046DwQmZw_25Lj2iFbIyQySv7eVpt-nT_VYYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTo;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699257775790;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D882 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWiwgr51IZbbECYz2owO3vLLIDOes6-dz3N3AopQS8C4QASDM1LckYMEFoAGbtdzWAsgBBagDAcgDmwSqBJECT9DRf570FE17aT-GCUF0e1po0PQYlkSZuPTy8RfbzdwtPCmO0j5E_Jzloe9VuQR1i9RAlzjvzk-U8Sz3WRIVZfSFjrpbFXSRfEzpkUYbBAZ9NU522I-iSG8pycEkczMbVL0Bo3vlH16njhQMzXqm6nbSUr5UO7fRNqiO_weQUQ_3qF-tXcKf8WO7Nc76HVcR-nrOd1IQIfCm1yaCci8Qkiv2XpTvFO8ta6wiQLOxuM5cI5b7fAXBklYfc2JiPvlkr11VBCyrsM8VSrpelkCVd7P38nDN8E9IypldBiCj14U6YZ0Ckpi6ZZ9R-r0imc8IX5NphM3kx5QNxn1w7lj6_pkcu6N7wyLzDylGriPEIKFlwAT6juu0vwTgBAOIBeWj_pBNkAYBoAZ2gAfNyqOpAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAlZOsBOhz58VyBOivuPjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&sigh=_4kJvBA2_m0&label=part2viewed&ad_mt=7&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699257775790
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D882 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHENa8FVhaJHOBhzEN9cqJoNdfamOtep9jQMxAs3srkvIN5CCH43Iat4GJQia57b8Mqsh9NP1wDfray3DBw1KAsOmOKuBpSwAEiFTAcDtoh4LSV_KhGSKG3IDhI0kgDaRanYY3cp5J7ApiWE-VG5MSJ7gLjtjU04OiwaYKSVNnS0PSt4krRaYqXF99wnNA3lqUaKyf-8xPMUFTK-74uND0U7BM1uAsH73sR6Ybsb5hrjOMOWtAZU6YRZpkOWiwiwrBde4dSjuZWySPAeTsqbtAP0bfzTnZtBWrSWw1rdVCRYOxB0ef-B5gQVWiEyRSbMnQO-hfbmcp2WNxR1Cd6yq4mKBr-se_5JcMDW6FU8BRIWly68kyagGMszTe3T5dY1evD4LyH0ACWpthTEhOK96x-XGH6ytv22B2Vnck0JdbL7Roffl1BNx4xyMFcxi1cZpo9eD7Rw06_8p9VPKjjaF4p6k8Du-lzEyJsTa0Wk-zxxuu4NGvTUPAGlfVmucGQcE0bkvutqoaZHKQuf_Ah3CZWqviQ1UWAykVc3q0S8MtwyINoHtsukBOuXgcOmsKHMNvbm-KxcvwMZxGGHw_u6JHYiskb-ZpG4clxDe8O2cPACjxuCfEs6w8qdm4mI3BC4hXM9gTBYSl35ykOXONkCOgK9yeoGXObH-mh77JzLFiQFb6uhFi9g9n_vVDsTbrcKQtBOR1XPVszGa6DDsD2mUppHCmSin2swnLydR_AJaq_7f1_4GdDrigUJgxqRuy8bNSieOOEqLwXiq9gs3T80kwldsl-EQB8G3cEoqp9cCvnOPL32HBTc0dU5xxqRJMRKRuASQcqOgq9dDBHTWI1ZodjkLSRQbmHPDv1LhoxTIKiN3eyVAZE5o01QTwYaMEFkhOlbqONt8xDK_IKQVZfeAR5GGNBLgM2TPwzvPjPDyvteffN_NOEaez7QDMJCI59vRnAkjhdtzyGugRa07SIjG-qhLZyRe2EZQVY9ujFLVExrfHpcOsrFq9ZVI1q1BoZCUaBwx-i733X_4dABCoubfwFHWkHtQ3H3taUy8b2ycbp5yJC5m6ovnlUp_N2s-VvkcYgjTGOugTqlN-iytxWpm7ukosjvqQlEa_VD8Q5UEMP_BRFYQfnBnMiW6bY2blq4ZQAyy_hkSncCkSDTgrfQ30zD8P4Lf_kMGx8AVADL0m3sw4uNTqTJxxYP-0_rDZ9xRMYb6nEybGlEL64NH5RPvHem8xb0Wk3sxEn4tF0oRj-yWhRBTS_h2kX3LZbFfjsXC72sI5M_N3eo8Ou1iW2ejjToqtlBeP5ZQpcO9PjELbEevoVnAFYmGjbp8cukyht85IYANXg__VmR2q6TVM4zhSqD0Zs9VmfgU&sai=AMfl-YTbKLnkf6AWVHPuFB8F2Co8ANtf88MtMyvkvjR6Dye_-4yuPytRtLc7atZs5Qj4Q5x6ZxFTgGabhducxD8Xfygz-x0IwCG5aQJbYp8iCB_JuSnKGCOxvPW2Q4qkbMBBQmey4YYwFDocDaShwPfe5oldv4BZJCMK3dHfPJ67MuW6c4UbkoU1Bv6Oiarh9SP-RKQfS1BB_CxlCKE5GKYzdYEwbUMlc2tZMhJYF8rTw8K65NLjT09L-yYnoLDMyof9WvUzucjRr8B3HDqJcenMiHS34E3_suFBFlU6WxaX4MSuxg559zEQ-xmhBNp8jw&sig=Cg0ArKJSzGEU3s785j8-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame D882
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-znAIQluisAhjqsb77ASABMAE&v=APEucNUJWBhlyuILJSXbEbmC6lr1L-bD6B1dezdWUr-9DYDliCLuVQJPdeoLadUklLEgfYnUgHkQyNRGWMsRUSKjl6I8I2eZixpVzKAN-7UA8sQ273p3lzQ
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUidr4Zs7flbB.yI2TXn2AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-WZ-foaO49FakxkZB48uc&google_cver=1&google_hm=2
43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-WZ-foaO49FakxkZB48uc&google_cver=1&google_hm=2
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFwVmXbkTEbgUGGx6De0ydwwTFLdrJy38GsjS9P8nJKsZGmrZkLTxlPU000uZ%2BnS%2FUWHqKFNj3zF5kcH%2FmHX%2BAbcYfcR8S%2Bki7a%2FmdtzoO2%2BGW88vpiDQrChbRoi33TnvcbJtk%2FywCC8dA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821bd12c1b6e87c3-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA-WZ-foaO49FakxkZB48uc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D882 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D882 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6VknyiyX3o3xusr1ve6JTt9zGl85Jtt6avmp6XnDWbzckaOjq9m8hGKNa0ek1G_77JLY6DOKHbSSqgASubK51Ng_YIDWS06S3-whyO-XocAvhEJ9NftxgfhA2Y7c-6Kaq0XC3RutIWA&sai=AMfl-YSz0UfM2XeBab-F9c49Z-28VuC_QhDZzHhzsiZCuaQeeE7_CE9Ga-8iKtuymtPDuBSZiz-HS0PYpl2htsS3D_pkqpIX5xL1ApsGmo8I_enc15VuFoXLlfW0EJjL8strlpbGbPvizm_fJ2tvzQ&sig=Cg0ArKJSzJtWr7v_91yeEAE&cid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046DwQmZw_25Lj2iFbIyQySv7eVpt-nT_VYYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699257775790&avm=1
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D882 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWiwgr51IZbbECYz2owO3vLLIDOes6-dz3N3AopQS8C4QASDM1LckYMEFoAGbtdzWAsgBBagDAcgDmwSqBJECT9DRf570FE17aT-GCUF0e1po0PQYlkSZuPTy8RfbzdwtPCmO0j5E_Jzloe9VuQR1i9RAlzjvzk-U8Sz3WRIVZfSFjrpbFXSRfEzpkUYbBAZ9NU522I-iSG8pycEkczMbVL0Bo3vlH16njhQMzXqm6nbSUr5UO7fRNqiO_weQUQ_3qF-tXcKf8WO7Nc76HVcR-nrOd1IQIfCm1yaCci8Qkiv2XpTvFO8ta6wiQLOxuM5cI5b7fAXBklYfc2JiPvlkr11VBCyrsM8VSrpelkCVd7P38nDN8E9IypldBiCj14U6YZ0Ckpi6ZZ9R-r0imc8IX5NphM3kx5QNxn1w7lj6_pkcu6N7wyLzDylGriPEIKFlwAT6juu0vwTgBAOIBeWj_pBNkAYBoAZ2gAfNyqOpAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAlZOsBOhz58VyBOivuPjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&sigh=_4kJvBA2_m0&label=vast_creativeview&ad_mt=7&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D6%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699257775790
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D882 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lomm7f06&c=8169014885964&slotId=4084507442982&qqid=CPbXx8D0roIDFQz7aAodN54MyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3725&mt=video%2Fmp4&vs=1024x1024&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=197837&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.ig~ff.iu~videopreviewstarted.iv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
passbackWebServlet
www.mediacategory.com/servlet/ 		604 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/passbackWebServlet?s=132364&iCover=true
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
f5508a2e18e30f1f48f841604a717d24e510c10174186ea12238d74e4cfc9255

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 08:02:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
no-cache
Connection
keep-alive
MBSHandler.js
cdn.megadata.co.kr/js/media/1.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 May 2019 07:42:03 GMT
Server
Apache
ETag
"f4163a-25c6-587e2c51e28c0"
X-Cache-Status
EXPIRED, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
2552
ads
googleads.g.doubleclick.net/pagead/ Frame C6C5 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1699257776&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257776173&bpp=1&bdt=1279&idt=1&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da714caf64e38b1f4%3AT%3D1699257775%3ART%3D1699257775%3AS%3DALNI_MaU1DGQj1kIwwxYQNeuGNlFRRXDoQ&gpic=UID%3D00000c80cedccc0f%3AT%3D1699257775%3ART%3D1699257775%3AS%3DALNI_MYIZ4wFH667hYJbdwCuiA9WOtsmUA&prev_fmts=938x280%2C938x280&nras=1&correlator=6543263949924&frm=20&pv=1&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&psts=AOrYGsl6I0BlnsfV_L6o1qBtdgToBMvAXqo9dgTwVLZr6aScOGVKyX_ks9JgAc8PXJjNrNsDXxFZyp8oIe9d2wXaYBnj_x7J&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame D882 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lomm7f7g&c=8169014885964&slotId=4084507442982&qqid=CPbXx8D0roIDFQz7aAodN54MyQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=3725&mt=video%2Fmp4&vs=1024x1024&dm=15000&met.4=vfl.14v
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtm.dom&eid=9&u=AgAAAAAAAAAAACCA&h=Ag&z=0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:02:57 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adBannerFloating
www.mediacategory.com/servlet/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//kisawarning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Requested by
Host: cdn.megadata.co.kr
URL: https://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
645e8f509e4910ea73fad426d59ad762022626cf180891acadcf157ffb3e97e4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 08:02:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
application/javascript;charset=ISO-8859-1
Cache-Control
no-cache
Connection
keep-alive
wp_rcFloat.js
img.mobon.net/mediaCategory/newAd/ 		22 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/mediaCategory/newAd/wp_rcFloat.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//kisawarning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:52 GMT
Last-Modified
Thu, 22 Nov 2018 05:56:29 GMT
Server
Apache
ETag
"f22405-16-57b3a872f5459"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
22
activeview
pagead2.googlesyndication.com/pcs/ Frame D882 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6VknyiyX3o3xusr1ve6JTt9zGl85Jtt6avmp6XnDWbzckaOjq9m8hGKNa0ek1G_77JLY6DOKHbSSqgASubK51Ng_YIDWS06S3-whyO-XocAvhEJ9NftxgfhA2Y7c-6Kaq0XC3RutIWA&sai=AMfl-YSz0UfM2XeBab-F9c49Z-28VuC_QhDZzHhzsiZCuaQeeE7_CE9Ga-8iKtuymtPDuBSZiz-HS0PYpl2htsS3D_pkqpIX5xL1ApsGmo8I_enc15VuFoXLlfW0EJjL8strlpbGbPvizm_fJ2tvzQ&sig=Cg0ArKJSzJtWr7v_91yeEAE&cid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046DwQmZw_25Lj2iFbIyQySv7eVpt-nT_VYYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,336,273,602%26tos%3D2503,0,0,0,0%26mtos%3D2503,2503,2503,2503,2503%26amtos%3D0,0,0,0,0%26mcvt%3D2503%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2665%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D39%26pst%3D201%26dur%3D15018%26vmtime%3D2672%26dtos%3D2503%26dtoss%3D1%26dvs%3D2503%26dfvs%3D2503%26dvpt%3D2665%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2503&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699257775790
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adBanner
www.mediacategory.com/servlet/ Frame 5E6D 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//kisawarning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
8863d1d772afef68bd09d8f90d5c843cf3d8779b51d5d66d730480823e90e552

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Mon, 06 Nov 2023 08:02:57 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
close_video_bt.png
img.mobon.net/mediaCategory/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/mediaCategory/image/close_video_bt.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:53 GMT
Last-Modified
Thu, 22 Nov 2018 05:59:00 GMT
Server
Apache
ETag
"f0427d-bec-57b3a902d2dc9"
X-Cache-Status
HIT, HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3052
mobon_reset.css
img.mobon.net/Frtb/common/css/ Frame 5E6D 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:53 GMT
Last-Modified
Mon, 29 Aug 2022 05:49:42 GMT
Server
Apache
ETag
"f0265d-238b-5e75ad48a2078"
X-Cache-Status
MISS, HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
9099
jquery.js
img.mobon.net/Frtb/common/script/ Frame 5E6D 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/script/jquery.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"f0272e-16b3b-5935d7c543da4"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
92987
mobonStorage.js
img.mobon.net/js/ Frame 5E6D 		508 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/mobonStorage.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Thu, 21 Apr 2022 07:04:20 GMT
Server
Apache
ETag
"f08574-1fc-5dd24b81768e7"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
508
webutil.js
img.mobon.net/newAd/common/ Frame 5E6D 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/common/webutil.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Wed, 18 Apr 2018 04:47:59 GMT
Server
Apache
ETag
"f40c8c-dd0-56a1828c66b1a"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3536
frame_default_script_S.js
img.mobon.net/Frtb/js/ Frame 5E6D 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/js/frame_default_script_S.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1ecc69f757f53d0d49e14758d786e73d8585f88d1ae4ce8dab61df1d7a5533c6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Wed, 10 May 2023 08:12:42 GMT
Server
Apache
ETag
"f011c6-76c6-5fb526fa391c8"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
30406
nr_type1.css
img.mobon.net/Frtb/common/css/ Frame 5E6D 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/nr_type1.css?124
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"f0116e-436-5935d7c53fb3c"
X-Cache-Status
HIT, HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1078
bounceRate.js
img.mobon.net/js/ Frame 5E6D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/bounceRate.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Thu, 04 Feb 2021 05:36:00 GMT
Server
Apache
ETag
"f07ff5-bf1-5ba7c14227b88"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3057
js-image-slider.js
img.mobon.net/rtb/js/ Frame 5E6D 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/rtb/js/js-image-slider.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
a52cdad17a783fde261b1ab1cb4bbb5585f5ec0953526e394b58995664bab2b6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"1001681-7b98-5935d7c54c65c"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
31640
dc_oe=ChMIgrHcwPSuggMVzp6sAh3GMACeEAAYACCjv-ZgOhoI0c7AqQEQ-o7rtL8EGKK-4-MDINzdwKKUEkITCPbXx8D0roIDFQz7aAodN54MyQ;dc_rmcid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046...
ade.googlesyndication.com/ddm/activity/ Frame D882 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgrHcwPSuggMVzp6sAh3GMACeEAAYACCjv-ZgOhoI0c7AqQEQ-o7rtL8EGKK-4-MDINzdwKKUEkITCPbXx8D0roIDFQz7aAodN54MyQ;dc_rmcid=CAQSTADICaaNdqUlUrpjr3-tAW63crdxqIJIQFgRnne5lY5MSTm2A5BrYFHvYGs391RjCZuH046DwQmZw_25Lj2iFbIyQySv7eVpt-nT_VYYAQ;eps=CIBhEAEYHzICigI6AoBASL39wTo;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,336,273,602%26tos%3D3625,0,0,0,0%26mtos%3D3625,3625,3625,3625,3625%26amtos%3D0,0,0,0,0%26mcvt%3D3625%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3787%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D15018%26vmtime%3D3794%26dtos%3D1122%26dtoss%3D2%26dvs%3D1122%26dfvs%3D1122%26dvpt%3D1122%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3625,3625,3625,3625,3625%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3625;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699257775790;ecn1=1;etm1=0;eid1=960584;
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame D882 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWiwgr51IZbbECYz2owO3vLLIDOes6-dz3N3AopQS8C4QASDM1LckYMEFoAGbtdzWAsgBBagDAcgDmwSqBJECT9DRf570FE17aT-GCUF0e1po0PQYlkSZuPTy8RfbzdwtPCmO0j5E_Jzloe9VuQR1i9RAlzjvzk-U8Sz3WRIVZfSFjrpbFXSRfEzpkUYbBAZ9NU522I-iSG8pycEkczMbVL0Bo3vlH16njhQMzXqm6nbSUr5UO7fRNqiO_weQUQ_3qF-tXcKf8WO7Nc76HVcR-nrOd1IQIfCm1yaCci8Qkiv2XpTvFO8ta6wiQLOxuM5cI5b7fAXBklYfc2JiPvlkr11VBCyrsM8VSrpelkCVd7P38nDN8E9IypldBiCj14U6YZ0Ckpi6ZZ9R-r0imc8IX5NphM3kx5QNxn1w7lj6_pkcu6N7wyLzDylGriPEIKFlwAT6juu0vwTgBAOIBeWj_pBNkAYBoAZ2gAfNyqOpAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAeALAYAMAaoNAlZOsBOhz58VyBOivuPjA9ATANgTCogUBtgUAdAVAfgWAYAXAegXBQ&sigh=_4kJvBA2_m0&label=videoplaytime25&ad_mt=3795&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,336,273,602%26tos%3D3625,0,0,0,0%26mtos%3D3625,3625,3625,3625,3625%26amtos%3D0,0,0,0,0%26mcvt%3D3625%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3787%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D15018%26vmtime%3D3794%26dtos%3D1122%26dtoss%3D2%26dvs%3D1122%26dfvs%3D1122%26dvpt%3D1122%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3625,3625,3625,3625,3625%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D197360944%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3625&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1699257775790
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257775&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699257775031&bpp=4&bdt=137&idt=76&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&correlator=6543263949924&frm=20&pv=2&ga_vid=539750945.1699257775&ga_sid=1699257775&ga_hid=1620390038&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079193%2C31079266%2C31079306%2C42532600%2C44798934%2C44807047%2C44807335%2C44807454%2C44807462%2C31078301%2C31079424%2C44807405%2C44807749%2C21065724&oid=2&pvsid=1573437797822341&tmod=1916112237&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=vpv0Drmg1a&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=93
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:02:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mobonLogo02.png
img.mobon.net/newAd/img/logoImg/ Frame 5E6D 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/newAd/img/logoImg/mobonLogo02.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Thu, 16 Aug 2018 00:58:34 GMT
Server
Apache
ETag
"10010c6-287-57382f14d9e5f"
X-Cache-Status
HIT, HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
647
0816165919-wZ7fkMG300x250.jpg
img.mobon.net/ad/imgfile//2023/dG9wdG9vbg==/ Frame 5E6D 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//2023/dG9wdG9vbg==/0816165919-wZ7fkMG300x250.jpg
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
de9d693d10d8eb5a8ee2d54efb9da6f742303702b20e5795d652512a611903b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 08:01:41 GMT
Server
Apache
ETag
"74a8d865-18455-60305b4aeb4ed"
X-Cache-Status
HIT, HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
20230927143516-xBON9jQugl-300x250.jpg
img.mobon.net/ad/imgfile// Frame 5E6D 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20230927143516-xBON9jQugl-300x250.jpg
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
7422a314a71353023b71bb892033c6a39e97b3bcaf0d303b290eb1623adbdfaa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Sep 2023 05:40:00 GMT
Server
Apache
ETag
"4aa1f82f-5ab0-606509f4eaaea"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
22917
20230406142511-UkdgVCeGnw-336x280.jpg
img.mobon.net/ad/imgfile// Frame 5E6D 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20230406142511-UkdgVCeGnw-336x280.jpg
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.110.63.237 Seongnam-si, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
b2cc7171a4724e634e164d99a35eca2349a56743f7e5c7daec1a72de97f6dbc9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:02:54 GMT
Last-Modified
Thu, 06 Apr 2023 05:28:25 GMT
Server
Apache
ETag
"72fdd57c-14411-5f8a42d830f17"
X-Cache-Status
HIT, HIT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
82961
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMMPJ6F50B&gtm=45je3b11v867488053&_p=1699257774932&gcd=11l1l1l1l1&cid=539750945.1699257775&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699257775&sct=1&seg=0&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&dr=http%3A%2F%2Fkisawarning.o-r.kr%2F&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&en=scroll&epn.percent_scrolled=90&_et=38&tfd=5337
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:03:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c15a622c79a00d07d553b287447677c05d43921dcbed6112caf54da374927fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:03:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12057
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_fy2021.js?bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 08:03:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA27 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
515175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 08:56:45 GMT
expires
Wed, 30 Oct 2024 08:56:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CEC 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1a::63 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
ac017510cfa2e99fa6f905186392e058839c01d4307fb2ee4e1d095f9ffe457b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XpM0s8H-9ftXI-go_0w1-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XpM0s8H-9ftXI-go_0w1-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:03:00 GMT
expires
Mon, 06 Nov 2023 08:03:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame EA27 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 05:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
10371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 05:10:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=1573437797822341&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame EA27 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RhMfOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:03:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-FMMPJ6F50B&v=3&t=t&pid=768328012&cv=1&rv=3b11&tc=11&es=1&e=gtm.load&eid=10&u=AgAAAAAAAAAAACCA&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:03:00 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=1573437797822341&bg=!YGOlYyzNAAb4oU7C2KE7ADQBe5WfOGPel4_Ldub71W0n9KeA0OxEM61lBL08bsJouq2Ea9A4aGEmh3OqGEV9CXz_KTU4AgAAAGNSAAAACGgBBwoAXbAKc9yPehOIlpGfYKcaChvl1cj8aagL7Ie2tPGfig9wWhaP0x7rpd9dBYEBGO6VkDWxgfedTKMOicQvVXUP8cqeqOf9IP6SN8kh3sBO-Mc0jryWDYGnxpKf1YdQRJkC9lwNXgSbDelYq30zH4S-K_ZBCfAYshF5dCRyXAE84pvzokw5hlb9KjUxLi31bVWVOmZ0ZBnQmh7vW8R0PqlCrM_dRIy14-Cixp3HDDC6zVLwk-dE56WTCW_h-QqfDNFbldkac88G3flYeobyDwtD5rAlM-6f0j19XzDwo6x4BqD24chBxYluezj-XDmRwwnkI8VuxD86npLHdKUHMUsz9TiUav4C7zKONG9vytpTuSsJlX9tlZf3qaEZXLDD9jXHOwsLnD7oMJ6PtLaR2qcMFjnI2-J2p2D9DeH4wlCyunRwsnAHGQHod6SvHSSnM60w5k4zKIYc_Ss14SZEO_QUA1cjWogAK7W65pnBxsg73kaZgrcnv8QpsJ5ZUmNDMabK7O8FNFatmVnhE46BulSRSAXT38Cmw91RUyLd_SG1q_MrHtwR2BhUdYEnLW6PICo-8wZzkOxRjHJjKA0GW9b3Ze5NHnrynDpuvAQDyKk87QLV9FS2_dK05CIGve095TxZlw0ll0gevcCj-KXZeo1eARol3DAP5f2Zee6W2d7RDLYyA5E5wFZX8x-Om8zG34CgMGpFyyxAXFIPiwpArSNkTQROlO4C3SWuQnIem7VYDZrGB0OFo5WnF-i9Za-fPtRl7glEAuT3BMnrQjXLhmixM4-dxy_iasM9uTW5nHPsHFP52CcOrfGuqCKaQQOpgdLjCGVfQl4uUncXsa60VkmEPcWxr-owbX7IGoqLBfcpqcsZpZJaLwz973JkjBS0d_eSDUXvnyldmTUhho1vj-9GF4AXOitNhmxzn0o6Mt3wK2QYIeEWPE75x2Kl5RVSLmiPEhWrKAlNuwx7z8qJg1qGOiRFRXzc5hmDe9NKRJiBsUNBxhbM9RbAOdg4LmbBPArmcIXVzN88VxIkA-pSmXxLpmoawFTphDivaLxfN8sos7VZEOyn4SyCiCah-s1ArCyYGY_MIIeJeMr1DU9XtSBoK3zRSbsCqTy9PCHJMGdqyM5XJ8H7vlZV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| $ function| jQuery function| Ajax function| captcha_get function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| mobonMdScript number| google_rum_task_id_counter object| ad_data object| defaults object| options object| productTypeValues object| platformTypeValues function| enlipleMBSHandler function| mf_close function| mobon_postMessage function| mobon_animate object| wp_util object| wp_Toast undefined| wp_adbn_object function| resize string| wp_rcFloat object| GoogleGcLKhOms

62 Cookies

Domain/Path Name / Value
directauto.samsungcard.com/oap/card-installment Name: JSECOOKIEID
Value: brp7oyq09o4
xn--220b31d95hq8o.xn--3e0b707e/ Name: PHPSESSID
Value: h2u5bvn6g6ce6gq0h52sbh3r87
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga
Value: GA1.1.539750945.1699257775
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga_FMMPJ6F50B
Value: GS1.1.1699257775.1.0.1699257775.0.0.0
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gads
Value: ID=a714caf64e38b1f4:T=1699257775:RT=1699257775:S=ALNI_MaU1DGQj1kIwwxYQNeuGNlFRRXDoQ
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gpi
Value: UID=00000c80cedccc0f:T=1699257775:RT=1699257775:S=ALNI_MYIZ4wFH667hYJbdwCuiA9WOtsmUA
.doubleclick.net/ Name: APC
Value: AfxxVi5A3R1gtoUed4OkyL17bQBi9SQNyrBRqpZlKY8D2kI9b4OT_g
.doubleclick.net/ Name: IDE
Value: AHWqTUk_nel4S-jP1CmH9zTlyZn24Pm3A59-1ijba6KyAG6-5jYAnkaa4gZPQAwad_o
.casalemedia.com/ Name: CMID
Value: ZUidr4Zs7flbB.yI2TXn2AAA
.casalemedia.com/ Name: CMPS
Value: 4777
.casalemedia.com/ Name: CMPRO
Value: 4777
.mediacategory.com/ Name: Start_Time
Value: "2023110617"
.mediacategory.com/ Name: s_IP_info
Value: "209.58.162.198.23227"
.mediacategory.com/ Name: s_au_id
Value: "7744b20544d2b8004ae0901518ba3a69c976ba2"
.mediacategory.com/ Name: dsck
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_1_46_____"
.mediacategory.com/ Name: site_code
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_1_46_____"
.mediacategory.com/ Name: mob_ad_grp
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_dumy_dumy_dumy_dumy_dumy_99"
.mediacategory.com/ Name: dsck_frame_matr
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_dumy_dumy_dumy_dumy_dumy_N_dumy"
.mediacategory.com/ Name: ad_click_time
Value: "20231106170254"
directauto.samsungcard.com/ Name: JSESSIONID
Value: Ivdx4gXuE1hMN8MvBPHAPJ0smwgY73k3bHhtrYR4ZunyxD1T9mEP!-1627176040
.samsungcard.com/ Name: _gid
Value: GA1.2.1589671031.1699257778
.samsungcard.com/ Name: _gat
Value: 1
.directauto.samsungcard.com/ Name: __utma
Value: 186423100.466630950.1699257778.1699257779.1699257779.1
.directauto.samsungcard.com/ Name: __utmc
Value: 186423100
.directauto.samsungcard.com/ Name: __utmz
Value: 186423100.1699257779.1.1.utmcsr=MBO|utmccn=T1|utmcmd=BAN|utmctr=BAN711319
.directauto.samsungcard.com/ Name: __utmt_UA-97210457-1
Value: 1
.directauto.samsungcard.com/ Name: __utmb
Value: 186423100.1.10.1699257779
.samsungcard.com/ Name: _ga_2LRHDRBLHW
Value: GS1.2.1699257778.1.0.1699257778.60.0.0
directauto.samsungcard.com/ Name: wcs_bt
Value: s_3c26177e4848:1699257778
directauto.samsungcard.com/ Name: _AT_vid
Value: OJHMY9L82VE7A7HFSEX0O7K1QW3XZ1JT
directauto.samsungcard.com/ Name: _AT_vid2
Value: UGEOFQHDVSPO0BVMTXUV50EDP6U6V7RX
.data.artistchai.co.kr/ Name: DataVid
Value: D0R14ADAD9S2P4H59PK2NYUOP188089
.data.artistchai.co.kr/ Name: DataVid2
Value: IULIH7D5ZOPG256UDGOALVQEK188089
.data.artistchai.co.kr/ Name: Dcmpgnno
Value: 324
.data.artistchai.co.kr/ Name: Dutmsource[324]
Value: MBO
.data.artistchai.co.kr/ Name: Dutmmedium[324]
Value: BAN
.data.artistchai.co.kr/ Name: Dutmcampaign[324]
Value: T1
.data.artistchai.co.kr/ Name: Dutmterm[324]
Value: BAN711319
.wcs.naver.com/ Name: NWB
Value: 6c5d16c901d41532951069ce2b2a0979.1699257779043
.dable.io/ Name: uid
Value: 24073699.1699257779052
.dable.io/ Name: _gg_ck_match
Value: 1
.dable.io/ Name: _nas_ck_match
Value: 1
.dable.io/ Name: _nh_ck_match
Value: 1
.dable.io/ Name: _gn_ck_match
Value: 1
.dable.io/ Name: _kko_ck_match
Value: 1
.dable.io/ Name: _bw_ck_match
Value: 1
.toast.com/ Name: BID
Value: BMUX3UUEOSLWA81158ZNGCC2A
.directauto.samsungcard.com/ Name: dable_uid
Value: 24073699.1699257779052
.realclick.co.kr/ Name: RTKEYCODE[samsungcard1]
Value: 1699257778
.realclick.co.kr/ Name: DSPRTSGCODE[]
Value: 1699257778
.realclick.co.kr/ Name: RTCATE2[1123]
Value: 1699257778
.realclick.co.kr/ Name: RTKEYCODE[samsungcard2]
Value: 1699257778
.samsungcard.com/ Name: dspbase
Value:
.samsungcard.com/ Name: dsptarget
Value:
.techhub.co.kr/ Name: _t_ckie
Value: Y
.techhub.co.kr/ Name: _t_guid
Value: 169925777944114502
.samsungcard.com/ Name: TR10205405900_t_uid
Value: 50575049014145039.1699257779447
.samsungcard.com/ Name: TR10205405900_t_sst
Value: 50575257600001145.1699257779447
.samsungcard.com/ Name: TR10205405900_t_if
Value: 11.0.0.530310.null.null.null.0
.samsungcard.com/ Name: TR10205405900_t_pa1
Value: 11.0.0.530310.null.null.null.0
.samsungcard.com/ Name: _ga
Value: GA1.1.466630950.1699257778
.samsungcard.com/ Name: _ga_7NS7KV1CKM
Value: GS1.1.1699257779.1.1.1699257779.60.0.0

2 Console Messages

Source Level URL
Text
javascript warning URL: https://xn--220b31d95hq8o.xn--3e0b707e/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://xn--220b31d95hq8o.xn--3e0b707e/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cdn.megadata.co.kr
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
img.mobon.net
k-bank.n-e.kr
kisawarning.o-r.kr
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-npoe7nes.c.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
104.18.36.155
119.205.238.29
139.99.90.56
142.251.12.156
172.104.112.214
211.110.63.237
2404:6800:4003:12::6
2404:6800:4003:c01::5e
2404:6800:4003:c01::61
2404:6800:4003:c03::9d
2404:6800:4003:c04::65
2404:6800:4003:c05::5f
2404:6800:4003:c06::9b
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::84
2404:6800:4003:c1a::63
2404:6800:4003:c1c::66
2a00:1450:4008:807::2003
64.233.170.156
74.125.68.155
74.125.68.156
0200925ff9e8ea06d91f1f89cece3ca6dd00c5828f32d6cb9d6013518d88dca8
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca
0b703915a7fb91a4d7ee229a8acdedc6105fc640fe99372b66dec92fc01c6904
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ecc69f757f53d0d49e14758d786e73d8585f88d1ae4ce8dab61df1d7a5533c6
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21ab8040c77ad0ab50882430a3413d706df28033f1e45428c3fb630305b40312
271ce6739ab6464386aeae1a58f85ccbaf85d467832e2b1ae0ce634ee906f32c
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2b8b9fb745375239be69f6f239bad35de959a98ffc9b2be5b9a886ef2bd057e2
2cab4ef0ad3718005a8a49489e1975f6dc20e0c9103f28bf6b590687e31927d2
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec
32ae19a6969ac85b614b1ba8bc27bd4efaacbb6f7951c7c082f23ea670758495
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4c15a622c79a00d07d553b287447677c05d43921dcbed6112caf54da374927fe
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e8215235e8814adaf319cd4433c012e2a7ffb8cd2342c8a8f7dfd42dc7043a
645e8f509e4910ea73fad426d59ad762022626cf180891acadcf157ffb3e97e4
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68
7422a314a71353023b71bb892033c6a39e97b3bcaf0d303b290eb1623adbdfaa
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
8863d1d772afef68bd09d8f90d5c843cf3d8779b51d5d66d730480823e90e552
899f8eefa102caba3f0bd0edf6382830d7b646b04aee5cf8c22036344c26be90
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
a52cdad17a783fde261b1ab1cb4bbb5585f5ec0953526e394b58995664bab2b6
ac017510cfa2e99fa6f905186392e058839c01d4307fb2ee4e1d095f9ffe457b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cc7171a4724e634e164d99a35eca2349a56743f7e5c7daec1a72de97f6dbc9
b37245fbbc2b5d90c51fd6bba018b24d043e117433c368605047cf6147c1dbad
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c
de9d693d10d8eb5a8ee2d54efb9da6f742303702b20e5795d652512a611903b9
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11edb4449de7161571e84edd42e4c1a00eabcb300794a84d1df0b5ed0d35c54
f5508a2e18e30f1f48f841604a717d24e510c10174186ea12238d74e4cfc9255
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615