groupda.link Open in urlscan Pro
172.104.56.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://groupda.link/
Effective URL:
https://groupda.link/add/
Submission: On December 10 via api (December 10th 2023, 1:04:41 am UTC) from US — Scanned from SG

Summary HTTP 75 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 75 HTTP transactions. The main IP is 172.104.56.139, located in Singapore, Singapore and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is groupda.link.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time groupda.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 21	172.104.56.139 172.104.56.139	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	2404:6800:400... 2404:6800:4003:c00::61	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c04::9c	15169 (GOOGLE) (GOOGLE)
17	2404:6800:400... 2404:6800:4003:c1c::8a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::59 2620:1ec:46::59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c1c::9b	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f20... 2a03:2880:f20c:3c1:face:b00c:0:167	32934 (FACEBOOK) (FACEBOOK)
1 2	20.205.115.81 20.205.115.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::63	15169 (GOOGLE) (GOOGLE)
2	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
75	15

21 172.104.56.139 (Singapore, Singapore) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: vsrv506.armadaservers.com

groupda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c04::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4003:c1c::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c1c::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f20c:3c1:face:b00c:0:167 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

pps.whatsapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.whatsapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.205.115.81 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::63 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	groupda.link 2 redirects groupda.link	164 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	224 KB
10	whatsapp.net pps.whatsapp.net — Cisco Umbrella Rank: 1125 static.whatsapp.net — Cisco Umbrella Rank: 2207	412 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 c.clarity.ms — Cisco Umbrella Rank: 1377 s.clarity.ms — Cisco Umbrella Rank: 7674	28 KB
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	11 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	150 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	762 B
1	gstatic.com fonts.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	32 KB
75	12

	Domain	Requested by
21	groupda.link	2 redirects groupda.link
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	pps.whatsapp.net	groupda.link
8	pagead2.googlesyndication.com	groupda.link pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	groupda.link www.googletagmanager.com
2	s.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	groupda.link www.clarity.ms
1	www.google.com	tpc.googlesyndication.com
1	c.bing.com	1 redirects
1	static.whatsapp.net	groupda.link
1	fonts.gstatic.com	groupda.link
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	groupda.link
1	code.jquery.com	groupda.link
75	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
groupda.link R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.whatsapp.net DigiCert SHA2 High Assurance Server CA	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://groupda.link/add/
Frame ID: 81B9705AC663AD71854F86B4FCFAEDBF
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 01EC1AA21723F46C5D064047D5B61F51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&adk=1812271804&adf=3025194257&lmt=1702170277&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277084&bpp=5&bdt=214&idt=90&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7940671970702&frm=20&pv=2&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=131
Frame ID: 2E143C59CE7BAECDB7CA3D8B2C02B746
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277089&bpp=2&bdt=219&idt=147&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=155
Frame ID: 15E472C3F2221DC5F2EEA45598488952
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277107&bpp=2&bdt=237&idt=150&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=154
Frame ID: DDFB4E29CBD5132620EB583745F8265E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7358138091441515&output=html&h=90&adk=1815799839&adf=2415722585&pi=t.aa~a.2889029677~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&to=qs&pwprc=2399385140&format=1200x90&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277354&bpp=1&bdt=484&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e5dc6cb8be77b1f%3AT%3D1702170277%3ART%3D1702170277%3AS%3DALNI_Ma_lfLSqHn_FOkAacsSq2xvE0CgcA&gpic=UID%3D00000ca892657fc1%3AT%3D1702170277%3ART%3D1702170277%3AS%3DALNI_MYe5u8P4lNlAo60p4dHXH0EjFOhTQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=50
Frame ID: D3694388D7E0DE834607CD3A8747BF56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B08D3E865C7B4077D3C4C9C17FD03670
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BFC2FE90BE9730DBE9D4C0355113B433
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Groupda Link Whatsapp Group Link Join 2023 - Groupda.link

Page URL History Show full URLs

http://groupda.link/ HTTP 301
https://groupda.link/ HTTP 301
https://groupda.link/add/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

99 %
HTTPS

81 %
IPv6

12
Domains

18
Subdomains

15
IPs

3
Countries

1127 kB
Transfer

2314 kB
Size

19
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/KvDFROEzLxnF8hZ5B0DrNu

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/KvDFROEzLxnF8hZ5B0DrNu

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/EFozSAtlOnLLE6wP0Uqe1k

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/EFozSAtlOnLLE6wP0Uqe1k

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/GvELRXI6kRvKWQpA2uDZzh

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/GvELRXI6kRvKWQpA2uDZzh

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/CxESNV662B865SfBOtuB2W

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/CxESNV662B865SfBOtuB2W

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/KjCsqLW4Nb9GWokKRl5Af1

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/KjCsqLW4Nb9GWokKRl5Af1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/LwhmKtC3xf16onuPjRR7kB

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/LwhmKtC3xf16onuPjRR7kB

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/Bxw3A49T3KQCsO7xUb3MkY

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/Bxw3A49T3KQCsO7xUb3MkY

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/FP8g0EX91f6FfUEvLmKQY5

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/FP8g0EX91f6FfUEvLmKQY5

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/EPyQY4AlEYgK2zFDr6KwrK

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/EPyQY4AlEYgK2zFDr6KwrK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/LhdPCTWtVW0JE7xpzh6936

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/LhdPCTWtVW0JE7xpzh6936

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://groupda.link/ HTTP 301
https://groupda.link/ HTTP 301
https://groupda.link/add/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C65417D26E0644D89A88584EA83D0444&RedC=c.clarity.ms&MXFR=25EA5BB2EE6D6F0915A84851EA6D6160 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C65417D26E0644D89A88584EA83D0444&MUID=2E399F229D6367D715508CC19C6266D4

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
groupda.link/add/
Redirect Chain

http://groupda.link/
https://groupda.link/
https://groupda.link/add/

22 KB
7 KB

1205ms
1205ms

Document
text/html

172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

349a7240c0abfd251be71a66e1c58a3424076da4598d9be9afb354efcbe061c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 01:04:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 01:04:35 GMT
expires: Sun, 10 Dec 2023 01:57:55 GMT
location: https://groupda.link/add/
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-litespeed-tag: c11_HTTP.301,c11_HTTP.301
x-nginx-upstream-cache-status: HIT
x-redirect-by: redirection
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 26ms
13ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-133706520-1

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

382feb98c34c8fa575596585667f991fe5176a9a7597e15d16a4e521cd89258e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68935
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Dec 2023 01:04:36 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
32 KB 136ms
40ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7368078
x-cache: HIT, HIT
content-length: 32788
x-served-by: cache-lga13622-LGA, cache-hkg17924-HKG
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702170277.988286,VS0,VE0
etag: W/"28feccc0-16bb3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 52, 103405

GET
H2 200 style.css
groupda.link/add/css/ 21 KB
4 KB 6ms
3ms Stylesheet
text/css 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/css/style.css

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

31dd57a98b3edc2cfc2d95cfb1c51a1b70e9ac818a2eb969b2ad21b0cd38c47a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 osd.js Show response
groupda.link/add/js/ 72 KB
27 KB 8ms
6ms Script
application/javascript 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/js/osd.js

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

65d47fed43704255959d18f70708a442e3deb6e644d1def288661adf38d46d31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 18ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

607007014d9837aa57a9d2288ca0ed2bcbd7b8709d3160aa85df3f0f68120199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 01:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 00:31:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 01:04:36 GMT

GET
H2 200 css.css
groupda.link/add/css/ 12 KB
1 KB 6ms
4ms Stylesheet
text/css 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/css/css.css

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

9b5770079ac1923ecd9e578a91769af472c297416af70ec12cc980d36d839ab3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 main.css
groupda.link/add/css/ 3 KB
1 KB 6ms
4ms Stylesheet
text/css 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/css/main.css

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

aec9daa9ad915ae4dca1b21fc82668beb3e40dac015fb4f7eda8d0d9a9e5df13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 jquery.js Show response
groupda.link/add/js/ 95 KB
34 KB 11ms
9ms Script
application/javascript 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/js/jquery.js

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 newlogo.png
groupda.link/add/img/ 7 KB
8 KB 14ms
12ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/newlogo.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f57e891f138d0e99f02cc17a625f183cb0325297bee61c3709a8e7f60ed698f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 08 Jun 2023 08:25:23 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7414
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 30ms
16ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7358138091441515

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a88b14a99806a3e109d0a7cab8f5ab9a5a58335a3c4e59db489d13dac2d2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Origin: https://groupda.link
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52058
x-xss-protection: 0
server: cafe
etag: 10042500148111204768
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 01:04:36 GMT

GET
H2 200 loader.gif
groupda.link/add/img/ 30 KB
31 KB 14ms
13ms Image
image/gif 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/loader.gif

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

7263dc2c64c87b9847f52e8a6e35447c968a144fc7940084fe3ca89003e8fbb1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 31057
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 jquery-1.js Show response
groupda.link/add/js/ 91 KB
33 KB 6ms
6ms Script
application/javascript 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/js/jquery-1.js

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 01:04:36 GMT
date: Sun, 10 Dec 2023 01:04:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 15ms
14ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WHXR5KXXMB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133706520-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6370062939ee130178126ed011ea03a31bae236a1c337cfc2e94617505af1a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Dec 2023 01:04:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 14ms
4ms Script
text/javascript 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133706520-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 00:09:57 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3279
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Dec 2023 02:09:57 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 5ms
4ms Ping
text/plain 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WHXR5KXXMB&gtm=45je3bt0v9115751510&_p=1702170276892&gcd=11l1l1l1l1&dma=0&cid=364457086.1702170277&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702170277&sct=1&seg=0&dl=https%3A%2F%2Fgroupda.link%2Fadd%2F&dt=Groupda%20Link%20Whatsapp%20Group%20Link%20Join%202023%20-%20Groupda.link&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1432
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHXR5KXXMB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:04:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 5ms
4ms XHR
text/plain 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1171454490&t=pageview&_s=1&dl=https%3A%2F%2Fgroupda.link%2Fadd%2F&ul=en-us&de=UTF-8&dt=Groupda%20Link%20Whatsapp%20Group%20Link%20Join%202023%20-%20Groupda.link&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=282917136&gjid=322374028&cid=364457086.1702170277&tid=UA-133706520-1&_gid=1431588057.1702170277&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=688374427

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 15ms
5ms XHR
text/plain 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-133706520-1&cid=364457086.1702170277&jid=282917136&gjid=322374028&_gid=1431588057.1702170277&_u=YADAAUAAAAAAACAAI~&z=375427371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 10 Dec 2023 01:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 idm08vks22 Show response
www.clarity.ms/tag/ 650 B
1013 B 729ms
390ms Script
application/x-javascript 2620:1ec:46::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/idm08vks22
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 563196df5a1a645801df9dec9d58b447b2e2a493396ef2686aa73679bd0288ea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: -1
date: Sun, 10 Dec 2023 01:04:37 GMT
x-azure-ref: 20231210T010437Z-h40wwpmygh5rz4w63u7gxv2syc0000000a1g000000013uca
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 nav-icon.png
groupda.link/add/img/ 666 B
1023 B 4ms
3ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/nav-icon.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

d82ca0699739ff332a0764450dc1b5e5191878ffa8ae33eed1a6a0cc8853ac31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 666
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 close2.png
groupda.link/add/img/ 1018 B
1 KB 4ms
4ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/close2.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f3540afcf09d5a83319752d4bcebad95dbc9f0c873b1b84afc5013472eadee29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1018
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 19ms
6ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Origin: https://groupda.link
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 07:08:28 GMT
x-content-type-options: nosniff
age: 323769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14048
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 07:08:28 GMT

GET
H2 200 search-icon.png
groupda.link/add/img/ 657 B
1014 B 3ms
3ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/search-icon.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

fb4d6e13f4dd6fc5e54198f73debbb923455f80c5e6d9faf6da6a386f9ea5650

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:20:16 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 657
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 44ms
35ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7358138091441515

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da4af7ed9e7daeb9952e87aff4d50b3084038f207bd8c7160479671ee9d35b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137696
x-xss-protection: 0
server: cafe
etag: 4279933931103543041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 01:04:37 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 01EC 9 KB
4 KB 15ms
4ms Document
text/html 2404:6800:4003:c1c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7358138091441515

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 16241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:33:56 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:33:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 loadresult Show response
groupda.link/add/group/ 34 KB
4 KB 25ms
24ms XHR
text/html 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/group/loadresult

Requested by

Host: groupda.link
URL: https://groupda.link/add/js/jquery-1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f82dfa6f75e15558d7bec0f7dd602760d885a49e33241dfff0de768701576b4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://groupda.link/add/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
server: nginx
x-server-powered-by: Engintron
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 377624867_3546042065713430_3045909258112325412_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 64 KB
64 KB 33ms
11ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/377624867_3546042065713430_3045909258112325412_n.jpg?ccb=11-4&oh=01_AdSD9b2tlZJ-Lv8FnrTdHgbGK2QH_-s-1uKI-KK0YRDcTA&oe=6581BA9F&_nc_sid=e6ed6c&_nc_cat=101
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 90b02bddab24fab5a763ac9f6b659a62654171084b93cc0df94cdb5f1c595ca9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 19 Sep 2023 05:23:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3675972681
thrift_fmhk: GBDkjtdtB46PXNmyL+GjVr3bFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 3675972681
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 65123

GET
H2 200 category.png
groupda.link/add/img/ 2 KB
2 KB 7ms
3ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/category.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

442ae75e727cd9f2f200830b5ff457d274363ff02987a6b6000090c0e512c9ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1609
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 country.png
groupda.link/add/img/ 2 KB
2 KB 7ms
4ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/country.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

d6832684dc34252ac44d2576145f34d02cc81de2114917a02c7a8b8fe2912b75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1570
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 language.png
groupda.link/add/img/ 993 B
1 KB 8ms
5ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/language.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f605e0617edfaa51b83e023d5a8937f08f8093fa72041c90c197ddc856f9a809

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 993
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 facebook.jpg
groupda.link/add/img/ 1 KB
2 KB 9ms
5ms Image
image/jpeg 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/facebook.jpg

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

5033899daea22c45c22b457247bf1445b5e44dc75d9c796ab50809be0b98b240

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1290
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 whatsapp.png
groupda.link/add/img/ 2 KB
2 KB 9ms
6ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/whatsapp.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

bea45a652702db616c3f4edf7be402cdfff5643ee0e152f6053a22f2a01cb093

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1779
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 twitter.jpg
groupda.link/add/img/ 1 KB
2 KB 10ms
7ms Image
image/jpeg 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/twitter.jpg

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

a805b8db590cc0ce99beb8a465c0e475b97b770fce7305e1910db9cda5a7bfaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 08 Feb 2024 01:04:37 GMT
date: Sun, 10 Dec 2023 01:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1459
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 397559158_608484601356768_178182734695995628_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 5 KB
6 KB 24ms
4ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/397559158_608484601356768_178182734695995628_n.jpg?ccb=11-4&oh=01_AdRKAKHX7CylQ1OQtd-tldLjnECLAd1T7BVZyWCdTt3Hvg&oe=65817F15&_nc_sid=e6ed6c&_nc_cat=102
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cb37723ec133e12d735970ea9bfbabadf1a7601853162d57188cc64c6109e469

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 05 Dec 2023 09:13:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3543905489
thrift_fmhk: GBCkG8wQ6K+BDWaT7LcWNaOJFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 3543905489
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 5511

GET
H2 200 343788114_198153909666111_2455462825037239610_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 27 KB
28 KB 31ms
11ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/343788114_198153909666111_2455462825037239610_n.jpg?ccb=11-4&oh=01_AdRKlZlgJ2u7P99vvde2FajGKY152WrabbSUNWqR5LVmfA&oe=658189A1&_nc_sid=e6ed6c&_nc_cat=106
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f9991001b115391757a30f4cd7070c6b97705acad6b2bf91394a9ae66d473f30

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 27 Apr 2023 22:21:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2316565542
thrift_fmhk: GBBUQy07QOnWH/+016+H8xYeFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 2316565542
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 28040

GET
H2 200 399385695_371229851947929_7611727139635375582_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 64 KB
64 KB 33ms
13ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/399385695_371229851947929_7611727139635375582_n.jpg?ccb=11-4&oh=01_AdR0QLrmL-TgydyKfMKbKm1q7-wHYd7rRGUArnObSiB7Wg&oe=658158A4&_nc_sid=e6ed6c&_nc_cat=111
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: eded282c4ab15d9bd1d6ec78a114429e3fcaf29a5b9ccdb660cb420fc7732251

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 06 Dec 2023 16:12:51 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1336193358
thrift_fmhk: GBDeY0dUkiOISo26nxh29z4/Ffarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 1336193358
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 65770

GET
H2 200 J5gK5AgJ_L5.png
static.whatsapp.net/rsrc.php/v3/yo/r/ 6 KB
7 KB 22ms
3ms Image
image/png 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.whatsapp.net/rsrc.php/v3/yo/r/J5gK5AgJ_L5.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5b1aa263dd0d7ed4996b3cbad2fe66e00e55a557c20b5bfed57f7b1dab52491

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sun, 10 Dec 2023 01:04:37 GMT
x-content-type-options: nosniff
content-md5: TjDbtmsh4Nj2+3mKJ8TRRQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5932
reporting-endpoints
x-fb-debug: XXpUKXjrEsYOrZjdvbVjbbO8202qicuaxIc44oMORkg3LneXvHM6gOUGbJMElZ3ly+sIQGiuQ56kszZ0Y97+mQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 16:29:34 GMT

GET
H2 200 401453984_727540272583904_8909491588602700293_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 47 KB
47 KB 26ms
7ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/401453984_727540272583904_8909491588602700293_n.jpg?ccb=11-4&oh=01_AdQ9-LWSDLp890QMhxHdvEAB6DwMaoaGo5m8ea8keVsO1Q&oe=6580CA30&_nc_sid=e6ed6c&_nc_cat=109
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c4ff230478a948e709c6e7766ba45b7b7bc99a41daaeda79d72a2ea52b49d09f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 08 Dec 2023 22:41:37 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2312301360
thrift_fmhk: GBC/hVHakZXnJ+1/eEv8e+g0Ffarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 2312301360
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 48000

GET
H2 200 405037215_663152012388476_4755255744985155395_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 16 KB
16 KB 29ms
10ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/405037215_663152012388476_4755255744985155395_n.jpg?ccb=11-4&oh=01_AdR-pN_f3WZhSh4g7sVyvXot351dO1-rgbW0vN0TCu4O8w&oe=65804D86&_nc_sid=e6ed6c&_nc_cat=104
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c29586383cf2b09e88ad1082e081d8abe8f821f3e745db55ea4b6da5cdc37440

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 08 Dec 2023 16:13:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2847970292
thrift_fmhk: GBCWN8heoNl2TMTPuxKlw3PLFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 2847970292
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 16705

GET
H2 200 162225088_772235233662830_8667691695224900129_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 56 KB
56 KB 191ms
190ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/162225088_772235233662830_8667691695224900129_n.jpg?ccb=11-4&oh=01_AdS0GeXbUxdpdJ7FBs5FyDeoyw_20JTDDLQSzF5qK2EMUA&oe=65805692&_nc_sid=e6ed6c&_nc_cat=103
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 02f50ffe1ca6fdf4663b8854c6ec643f13a18b4eca14b31a262d881924caa150

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 03 May 2021 06:57:38 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2778357060
thrift_fmhk: GBCVwLptMkv8jEaIT/OWKshJFfarm9sDAA==
cache-control: public; max-age=460800
x-fb-edge-debug: ygOXritrxMWxD0-Ovyel58_t-hRyGAJ8oIg50M4RXtgUFpt5wiZdtV6fNy5Fawt8rc2Gzk5v-XCZ9IVVzMIyKHcqr_mTfL2sAL6w86IfjO024tAnVtbhLoGLQVZ9B2DK
x-needle-checksum: 2778357060
access-control-expose-headers: x-wa-metadata
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 57178

GET
H2 200 389325512_2766146430199773_1350527203950794032_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 49 KB
49 KB 10ms
8ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/389325512_2766146430199773_1350527203950794032_n.jpg?ccb=11-4&oh=01_AdS2-qGfDk7fN9uS2bGur0hWFXyYi3ZDK4beyQpTJaAagw&oe=65804360&_nc_sid=e6ed6c&_nc_cat=109
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e39f7502356ae556f1cd8d10e53d719cd0b883231e666d81c55388e504694488

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 30 Nov 2023 04:21:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1913423728
thrift_fmhk: GBDXRzevv3fFS8dl3ty0bet5Ffarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 1913423728
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 50282

GET
H2 200 407016644_1696609250765624_6681719182780413207_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 75 KB
75 KB 13ms
12ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/407016644_1696609250765624_6681719182780413207_n.jpg?ccb=11-4&oh=01_AdTsRn9bYNd_umaky3aVQhSuh1zFJZclW6q4flQhN0y09Q&oe=65804A2E&_nc_sid=e6ed6c&_nc_cat=105
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 832abce2196b530e06acf17e8b5567ac6c85313057dbc72376637c4d0e39dcf6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 08 Dec 2023 14:42:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1007466872
thrift_fmhk: GBACBGTZOzMdSBRgY0fcKNNeFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 1007466872
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 76984

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E14 14 KB
5 KB 55ms
54ms Document
text/html 2404:6800:4003:c1c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&adk=1812271804&adf=3025194257&lmt=1702170277&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277084&bpp=5&bdt=214&idt=90&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7940671970702&frm=20&pv=2&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=131

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43b87f1078435cd4d011b4f71bcce112f187835e8ab102c51722b73c740c1e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 5281
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 01:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15E4 720 B
372 B 48ms
45ms Document
text/html 2404:6800:4003:c1c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277089&bpp=2&bdt=219&idt=147&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec5cc03e306ccf49c8be29bd258d48765c6aa1444f5baa3dbda85b8538fc28f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 01:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDFB 720 B
379 B 49ms
48ms Document
text/html 2404:6800:4003:c1c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277107&bpp=2&bdt=237&idt=150&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104515628827654ced82d8581bd946047099345d1f39696f09e09de49abf0362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 01:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-7358138091441515 Show response
fundingchoicesmessages.google.com/i/ 180 KB
60 KB 45ms
33ms Script
application/javascript 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7358138091441515?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5f5cca06b6579f9623a8c59b9f02c19fc09d2d15dbcbdf65ee773792bf7cb91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hFeLW4Lj_KatpmeSM9bJIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-hFeLW4Lj_KatpmeSM9bJIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 6ms
6ms Image
image/gif 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=42532559&hl=id&pvc=319049403695484

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:04:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D369 436 B
235 B 56ms
55ms Document
text/html 2404:6800:4003:c1c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7358138091441515&output=html&h=90&adk=1815799839&adf=2415722585&pi=t.aa~a.2889029677~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&to=qs&pwprc=2399385140&format=1200x90&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277354&bpp=1&bdt=484&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e5dc6cb8be77b1f%3AT%3D1702170277%3ART%3D1702170277%3AS%3DALNI_Ma_lfLSqHn_FOkAacsSq2xvE0CgcA&gpic=UID%3D00000ca892657fc1%3AT%3D1702170277%3ART%3D1702170277%3AS%3DALNI_MYe5u8P4lNlAo60p4dHXH0EjFOhTQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47681fb95f8ecd4a9c04b6ccd88cd36e7ac2d33a9dbc5d96bba57e67f3185912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 01:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXcyPLSznoz99gvVar7p0T3YA_rWwHtecElbYC_70EdYlCH3pBjP3FDgnHOCo44rmv_GMZgmq9EuqJUqt2OJjBUJaa55ZafPcJElqxep3gHRX3sVhTyWb32lWNKbqrgeLUEZVuxSg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 32ms
30ms Script
application/javascript 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXcyPLSznoz99gvVar7p0T3YA_rWwHtecElbYC_70EdYlCH3pBjP3FDgnHOCo44rmv_GMZgmq9EuqJUqt2OJjBUJaa55ZafPcJElqxep3gHRX3sVhTyWb32lWNKbqrgeLUEZVuxSg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMTcwMjc3LDQxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ncm91cGRhLmxpbmsvYWRkLyIsbnVsbCxbWzgsIlE3cWs4YVctS2trIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.Q7qk8aW-Kkk.es5.O/am=AAM/d=1/rs=AJlcJMwwD6T4UtEo30iuOa6Mvn-vZPXhyg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfcf9d61204ed3ba598120ea04c34d22e86369f3b0e2d460a484114d01d3eb8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PV5WU4rv3Z6z6P_Q2ieb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-PV5WU4rv3Z6z6P_Q2ieb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW-Df4Q_hW7azUbJJ0XpomNQaof4XxRDd_W_3h7-QKxoGtiX-r1jRjti-Ljimpwbgz6p8XkqqHhSlxFARdXHbMqDz7qJqdPoMxkeg5wAbWCDNoo38xwGtj8rL9fF1J7Jah7iXBDUA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 47ms
46ms Script
application/javascript 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-Df4Q_hW7azUbJJ0XpomNQaof4XxRDd_W_3h7-QKxoGtiX-r1jRjti-Ljimpwbgz6p8XkqqHhSlxFARdXHbMqDz7qJqdPoMxkeg5wAbWCDNoo38xwGtj8rL9fF1J7Jah7iXBDUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMTcwMjc3LDQ0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ3JvdXBkYS5saW5rL2FkZC8iLG51bGwsW1s4LCJRN3FrOGFXLUtrayJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee55026eec5ab6d5daa68a601f3e076801a745b1ad7800a2bb9547a2effa4d3e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-E6jGxca7hUdx6P1nx35Uxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-E6jGxca7hUdx6P1nx35Uxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 342ms
342ms Script
application/javascript 2620:1ec:46::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/idm08vks22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:37 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231210T010437Z-h40wwpmygh5rz4w63u7gxv2syc0000000a1g000000013ufx
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 969c47aa-901e-0009-32ae-266b08000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 25ms
16ms XHR
application/json 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aefef8280cb3adeffa00fc8dc36603443592d70adba346ed6d6a0e1607f4262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12040
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C65417D26E0644D89A88584EA83D0444&RedC=c.clarity.ms&MXFR=25EA5BB2EE6D6F0915A84851EA6D6160
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C65417D26E0644D89A88584EA83D0444&MUID=2E399F229D6367D715508CC19C6266D4

42 B
443 B

37ms
37ms

Image
image/gif

20.205.115.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C65417D26E0644D89A88584EA83D0444&MUID=2E399F229D6367D715508CC19C6266D4
Protocol: H2
Server: 20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:04:38 GMT
last-modified: Wed, 30 Aug 2023 15:12:21 GMT
server: Microsoft-IIS/10.0
etag: "4b119d5f54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 01:04:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C697A24400924EDBAAC88DE6F6DEA301 Ref B: SIN30EDGE0507 Ref C: 2023-12-10T01:04:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C65417D26E0644D89A88584EA83D0444&MUID=2E399F229D6367D715508CC19C6266D4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 15ms
7ms Image
text/html 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=180100215&rv=3bt0&u=AAAAAAAAAAAAACCAAAEAAAE&ut=Ag&h=Ag&gtm=45je3bt0v9115751510&ccid=115751510&cid=G-WHXR5KXXMB&l=G-WHXR5KXXMB.L1309.S18.B14.E1170.I1544.EC5.TC13.HTC0~gtm.init.S0.V0.E27.TS5ogtgasend.TI16.TE1.TS5ogtreferralexclusion.TI18.TE1.TS5ogtsessiontimeout.TI19.TE0.TS5ogt1pdatav2.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ccdconversionmarking.TI23.TE0.TS5ccdgaregscope.TI24.TE0.TS5ogtgooglesignals.TI25.TE0.TS5ogtgagamlink.TI26.TE0.TS5setproductsettings.TI27.TE0.TS5ccdgafirst.TI28.TE1~gtm.js.S0.V0.E17.TS5gct.TI13.TE0~gtm.dom.S0.V0.E17~gtm.load.S0.V0.E0~gtm.init_consent.S1.V0.E26~GA123

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 16ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js?bust=31080036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 01:04:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B08D 13 KB
5 KB 7ms
6ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 321405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 07:47:53 GMT
expires: Thu, 05 Dec 2024 07:47:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BFC2 829 B
1 KB 35ms
18ms Document
text/html 2404:6800:4003:c02::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::63 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d0e1ab684a8742419ebc4bfcf5dc7c4f1a508457139b32af0c98457ed9a9973

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R91mLHIhkUu1GsRE1K0eKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-R91mLHIhkUu1GsRE1K0eKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 01:04:38 GMT
expires: Sun, 10 Dec 2023 01:04:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
292 B 1007ms
489ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://groupda.link
Date: Sun, 10 Dec 2023 01:04:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B08D 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 07:16:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 07:16:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BFC2 0
0 6ms
5ms Image
text/html 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=319049403695484&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B08D 0
10 B 6ms
5ms Image
text/plain 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PtLnFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 18ms
17ms Image
image/gif 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.243683235971922

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pqB_ScN40-e7S7je72oxJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-pqB_ScN40-e7S7je72oxJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 16ms
16ms Image
image/gif 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.7430439346689948

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bdo7XMQ577v7F4H3NNDoxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-bdo7XMQ577v7F4H3NNDoxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 29ms
17ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-J6bGA2qKGD0LqJYpq_yBcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-J6bGA2qKGD0LqJYpq_yBcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://groupda.link
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 8ms
7ms Image
text/html 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=319049403695484&bg=!vL-lv_DNAAY3kmNgF5I7ADQBe5WfOBSZuYoY-V-SOeOYjmQbfbn9OE7Q4p2EBvOcmwn9aZHK3Ers2WYjBOKOa16vKUnCAgAAAFZSAAAABGgBBwoAjffviDGZSEgTQ6xiPmD8D1bu8CEBvpAkcj_zZGWfHCWa-IPuWOaHWaOw6NPbphXcKymPRelkdDO4wfhmVGCgdL0nJ88pCNFFciv2J851Oi4hZmYkVLd-6s45q3JErZtFCEg3ehTFC6e5d14FoGQ-bl1lxpxQT4thOTs7MUNzaIlmn_xRT913KAgQaKEMcZkC7HIMiChon3rLiXke5ncdWC5pyh6HBOOuejo2iBaKOY-TdQXzWk5Gtn5uW62nKgax5NLqo5UvI4g4wvJAjwAGgL6ESS4vm_0KH8Z6klgxx66jt-l2EEQer6QRy859TwV81fumNHlZjoJGnBsK_cdpqxM2_aJcOQwQgIOVzcDDHpMdVDscvMVLDRmuRkNZ2hXgAM7ROGdBEOYfrNeSfB4BYTh0eacqSCPv_MMkyk7G4RzZjkC0nl3eKQdDwlLjfLl2z-Hn7KdPC9yNGCCUDMFoNg-FqtZygywcasoBX-pnLfHa0CmtMu8SxxbWuRp3ObhKfOe67XU9gJAnwOlZRPbq8ZMql9uQfey8RL476iljy6jgMUc7HixACZ_Ay8CsIASjvHd9Pfhsln0Jtv1OatHhGIk40-20OifX3a2-St9VGSYUOCyZEx_NkFGg6HBjvaA3wqiE0telIroV8L8bx-GA-e4U4z0ulvrT0VrlyyN-F0okco8ns2ti5hlsUr_y_Kd39U5YgRxEXH03p6CUgdUcPY3FeguzT28pO5mA1aD2wlR-cb-2bwHvqC4c6-cmbWrzp_RAMYsOuJNbhDnYvHbsJNYsS7vRBdPdrnDLzFemazDDVudql7h-aWx26SmH8JP-6vQLH2FsjTjOKV77rlkfSnc0Pn4WGZNfIGaw1RKU9MprHOgGWjXmKXGrSpdukFQQm_Y8al22rLRFdSNP4xdE0EK11RlxOsztOw9rwVUewG0Jee30HeQSNUmTcjG72iEcpnLlXHHO707oZM6ZTY9hS5avpyAdiD4cT4_FPaYMcAx8KAuJ8NVarnNdL8-82GNxXj3iOoXx0cyEmHi-aGfy5HSWEM1Fyrx51WwXPD_eQSZ_S_dXd0ZXjyD_DJoxY6d1y4__ZJUrAm40h_b6VlylFNrqO91kiO6c5M3jCgfTYq_Hk74glAOrNoP0klYIKnsysp4Cc7CyAAF85fjTZUa66_oSd03D-oqKVv2sXuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 wpproadds. Show response
fundingchoicesmessages.google.com/f/AGSKWxUYxmBaGWXyOxZ4G6ziTNkzLo0mMR-R-yHP8vEwPcvuzlNTL8oHX4thmCjajka6MF6lpWjaQNEgzrQh-CVCkFhaBxGr5LQ6FAj3V2x7HQaU07g0tWUoUjd3aDsorxSIzKYfem1Ap3ER35YYbevIAE4DQ-llN... 54 B
109 B 130ms
129ms Script
application/javascript 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUYxmBaGWXyOxZ4G6ziTNkzLo0mMR-R-yHP8vEwPcvuzlNTL8oHX4thmCjajka6MF6lpWjaQNEgzrQh-CVCkFhaBxGr5LQ6FAj3V2x7HQaU07g0tWUoUjd3aDsorxSIzKYfem1Ap3ER35YYbevIAE4DQ-llNargjjbr0bPdv3QWqCBsXSnW_NNCm_k1/_/html/ad./ads/acctid=/ads-07./ad_label2_/wpproadds.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.Q7qk8aW-Kkk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwrsEuaMpYN-ywtbxc23RokQW-SPQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43aa7b0b0fb0de97c8f74a26998b29b35bde1c2364f4ad21582b547338211da1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zkBmN2hsmnrQGbTwgkRAyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-zkBmN2hsmnrQGbTwgkRAyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 120ms
119ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 00:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 01:08:33 GMT

POST
H3 204 AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 133ms
133ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JoFkORu5HtnIULiNzUWuMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JoFkORu5HtnIULiNzUWuMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://groupda.link
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
20ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O-EK0wqZJ4WM4uVYduuhLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-O-EK0wqZJ4WM4uVYduuhLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://groupda.link
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
292 B 244ms
243ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://groupda.link
Date: Sun, 10 Dec 2023 01:04:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H3 204 AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 17ms
16ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r_ZXmCPszvM0YYYWk-Vhjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-r_ZXmCPszvM0YYYWk-Vhjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://groupda.link
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
20ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qfQnkWgTRLu8_iHrik4MWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qfQnkWgTRLu8_iHrik4MWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://groupda.link
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUIsNpG8QSdgmkNLDZkD8BiqipDHuzJTI1kjb-1l2lRXOgxX4iHSdbYT8LTgZ1SVfHMx0hk2PTLwEQKtH3glZ-T18q5AjFL-SxRZgDMBVAGw608UjKdV6Lgm3Wy1k6cSqrz4-9mDA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 38ms
37ms Script
application/javascript 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIsNpG8QSdgmkNLDZkD8BiqipDHuzJTI1kjb-1l2lRXOgxX4iHSdbYT8LTgZ1SVfHMx0hk2PTLwEQKtH3glZ-T18q5AjFL-SxRZgDMBVAGw608UjKdV6Lgm3Wy1k6cSqrz4-9mDA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMTcwMjc5LDI2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9ncm91cGRhLmxpbmsvYWRkLyIsbnVsbCxbWzgsIlE3cWs4YVctS2trIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb2869741c5c66344240939b552d68750acd6aca27607c348ffc192106dde14d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-D7PMuqkZafLhFr7PzPJ3Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-D7PMuqkZafLhFr7PzPJ3Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX4VfqNKGMokRWh_gEHTuG2dRwWFK6vbfkBKqdsoCBbCR31oIc7xe16T99VQo8WouMatBmDJCttqLu7Ndwk9v9YMxrNoeDTMEfl5etKL6M9aK9cgUCHOBo-U9gs2zAL27VuRHnccQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 15ms
15ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX4VfqNKGMokRWh_gEHTuG2dRwWFK6vbfkBKqdsoCBbCR31oIc7xe16T99VQo8WouMatBmDJCttqLu7Ndwk9v9YMxrNoeDTMEfl5etKL6M9aK9cgUCHOBo-U9gs2zAL27VuRHnccQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-onjozS8IS066Li7Kw4rMEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-onjozS8IS066Li7Kw4rMEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://groupda.link
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 21ms
20ms XHR
text/html 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSEBLT6M_l8UnKgbw0yTTCv-GdMiiW6L8mElv-XpehinsArobjJSCXrxTXDwSswDPirU8UzMj61CF88_7cnP8fuOkOaZ36X9d36bChBbaIuMT-j_X1SNh-mFyUhmqrrfTC_U9Kbg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2bv8hQj4At4jJnZjdgLMmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 01:04:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2bv8hQj4At4jJnZjdgLMmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://groupda.link
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
groupda.link/	1970-01-20 16:49:37	Name: groupda Value: ad695b0788432dd786ee057fa5fe4cbf39b0f047
.groupda.link/	1970-01-21 02:25:30	Name: _ga_WHXR5KXXMB Value: GS1.1.1702170277.1.0.1702170277.0.0.0
.groupda.link/	1970-01-21 02:25:30	Name: _ga Value: GA1.2.364457086.1702170277
.groupda.link/	1970-01-20 16:50:56	Name: _gid Value: GA1.2.1431588057.1702170277
.groupda.link/	1970-01-20 16:49:30	Name: _gat_gtag_UA_133706520_1 Value: 1
.groupda.link/	1970-01-21 02:11:06	Name: __gads Value: ID=0e5dc6cb8be77b1f:T=1702170277:RT=1702170277:S=ALNI_Ma_lfLSqHn_FOkAacsSq2xvE0CgcA
.groupda.link/	1970-01-21 02:11:06	Name: __gpi Value: UID=00000ca892657fc1:T=1702170277:RT=1702170277:S=ALNI_MYe5u8P4lNlAo60p4dHXH0EjFOhTQ
.doubleclick.net/	1970-01-21 02:25:30	Name: IDE Value: AHWqTUmDyMKkt5om_u5uUYdj0XHIQqqdbPS9ZDX-d-BrNFCqwHXt9ApHdNxcyR0bp70
www.clarity.ms/	1970-01-21 01:35:06	Name: CLID Value: 3d4721fe210542aea69f8b417b6497c4.20231210.20241209
.groupda.link/	1970-01-21 01:35:06	Name: _clck Value: 1iqmo13%7C2%7Cfhf%7C0%7C1439
.bing.com/	1970-01-21 02:11:06	Name: MUID Value: 2E399F229D6367D715508CC19C6266D4
.c.bing.com/	1970-01-20 16:59:35	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:11:06	Name: SRM_B Value: 2E399F229D6367D715508CC19C6266D4
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:11:06	Name: MUID Value: 2E399F229D6367D715508CC19C6266D4
.c.clarity.ms/	1970-01-20 16:59:35	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:49:30	Name: ANONCHK Value: 0
.groupda.link/	1970-01-20 16:50:56	Name: _clsk Value: 1l9xwga%7C1702170279245%7C1%7C1%7Cs.clarity.ms%2Fcollect
.groupda.link/	1970-01-21 01:35:06	Name: FCNEC Value: %5B%5B%22AKsRol-H5nKYyc3sDXee-eqgMZ2IzN9ZAXSEy1MFIj5VhO_V9xivsQuui-HQta5qib-M_L3KONMu7T7zn-aKUDhl8jJaZG6jU_5VtzB0fyBSX8BSs5tf2MJa-nkFXpgblvB8b8KT0PIDzEif8yx7OSjvuQNx8IgUzg%3D%3D%22%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&adk=1812271804&adf=3025194257&lmt=1702170277&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277084&bpp=5&bdt=214&idt=90&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7940671970702&frm=20&pv=2&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=131 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277089&bpp=2&bdt=219&idt=147&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=155 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277107&bpp=2&bdt=237&idt=150&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=154 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7358138091441515&output=html&h=90&adk=1815799839&adf=2415722585&pi=t.aa~a.2889029677~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1702170277&rafmt=1&to=qs&pwprc=2399385140&format=1200x90&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702170277354&bpp=1&bdt=484&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e5dc6cb8be77b1f%3AT%3D1702170277%3ART%3D1702170277%3AS%3DALNI_Ma_lfLSqHn_FOkAacsSq2xvE0CgcA&gpic=UID%3D00000ca892657fc1%3AT%3D1702170277%3ART%3D1702170277%3AS%3DALNI_MYe5u8P4lNlAo60p4dHXH0EjFOhTQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=2&correlator=7940671970702&frm=20&pv=1&ga_vid=364457086.1702170277&ga_sid=1702170277&ga_hid=1171454490&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2304&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C31080036%2C95320869%2C95320884&oid=2&pvsid=319049403695484&tmod=1908670618&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=50 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
groupda.link
pagead2.googlesyndication.com
pps.whatsapp.net
s.clarity.ms
static.whatsapp.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
172.104.56.139
20.205.115.81
23.96.124.68
2404:6800:4003:c00::5e
2404:6800:4003:c00::61
2404:6800:4003:c00::84
2404:6800:4003:c02::63
2404:6800:4003:c04::5f
2404:6800:4003:c04::9a
2404:6800:4003:c04::9c
2404:6800:4003:c1c::8a
2404:6800:4003:c1c::9b
2620:1ec:46::59
2620:1ec:c11::200
2a03:2880:f20c:3c1:face:b00c:0:167
2a04:4e42:600::649
02f50ffe1ca6fdf4663b8854c6ec643f13a18b4eca14b31a262d881924caa150
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
104515628827654ced82d8581bd946047099345d1f39696f09e09de49abf0362
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31dd57a98b3edc2cfc2d95cfb1c51a1b70e9ac818a2eb969b2ad21b0cd38c47a
349a7240c0abfd251be71a66e1c58a3424076da4598d9be9afb354efcbe061c8
382feb98c34c8fa575596585667f991fe5176a9a7597e15d16a4e521cd89258e
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
43aa7b0b0fb0de97c8f74a26998b29b35bde1c2364f4ad21582b547338211da1
43b87f1078435cd4d011b4f71bcce112f187835e8ab102c51722b73c740c1e15
442ae75e727cd9f2f200830b5ff457d274363ff02987a6b6000090c0e512c9ab
47681fb95f8ecd4a9c04b6ccd88cd36e7ac2d33a9dbc5d96bba57e67f3185912
5033899daea22c45c22b457247bf1445b5e44dc75d9c796ab50809be0b98b240
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563196df5a1a645801df9dec9d58b447b2e2a493396ef2686aa73679bd0288ea
607007014d9837aa57a9d2288ca0ed2bcbd7b8709d3160aa85df3f0f68120199
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6370062939ee130178126ed011ea03a31bae236a1c337cfc2e94617505af1a09
65d47fed43704255959d18f70708a442e3deb6e644d1def288661adf38d46d31
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0e1ab684a8742419ebc4bfcf5dc7c4f1a508457139b32af0c98457ed9a9973
7263dc2c64c87b9847f52e8a6e35447c968a144fc7940084fe3ca89003e8fbb1
832abce2196b530e06acf17e8b5567ac6c85313057dbc72376637c4d0e39dcf6
90b02bddab24fab5a763ac9f6b659a62654171084b93cc0df94cdb5f1c595ca9
98a88b14a99806a3e109d0a7cab8f5ab9a5a58335a3c4e59db489d13dac2d2f6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aefef8280cb3adeffa00fc8dc36603443592d70adba346ed6d6a0e1607f4262
9b5770079ac1923ecd9e578a91769af472c297416af70ec12cc980d36d839ab3
a805b8db590cc0ce99beb8a465c0e475b97b770fce7305e1910db9cda5a7bfaa
aec9daa9ad915ae4dca1b21fc82668beb3e40dac015fb4f7eda8d0d9a9e5df13
b5f5cca06b6579f9623a8c59b9f02c19fc09d2d15dbcbdf65ee773792bf7cb91
bea45a652702db616c3f4edf7be402cdfff5643ee0e152f6053a22f2a01cb093
c29586383cf2b09e88ad1082e081d8abe8f821f3e745db55ea4b6da5cdc37440
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4ff230478a948e709c6e7766ba45b7b7bc99a41daaeda79d72a2ea52b49d09f
cb37723ec133e12d735970ea9bfbabadf1a7601853162d57188cc64c6109e469
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cfcf9d61204ed3ba598120ea04c34d22e86369f3b0e2d460a484114d01d3eb8e
d6832684dc34252ac44d2576145f34d02cc81de2114917a02c7a8b8fe2912b75
d82ca0699739ff332a0764450dc1b5e5191878ffa8ae33eed1a6a0cc8853ac31
da4af7ed9e7daeb9952e87aff4d50b3084038f207bd8c7160479671ee9d35b47
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e39f7502356ae556f1cd8d10e53d719cd0b883231e666d81c55388e504694488
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1aa263dd0d7ed4996b3cbad2fe66e00e55a557c20b5bfed57f7b1dab52491
ec5cc03e306ccf49c8be29bd258d48765c6aa1444f5baa3dbda85b8538fc28f3
eded282c4ab15d9bd1d6ec78a114429e3fcaf29a5b9ccdb660cb420fc7732251
ee55026eec5ab6d5daa68a601f3e076801a745b1ad7800a2bb9547a2effa4d3e
f3540afcf09d5a83319752d4bcebad95dbc9f0c873b1b84afc5013472eadee29
f57e891f138d0e99f02cc17a625f183cb0325297bee61c3709a8e7f60ed698f2
f605e0617edfaa51b83e023d5a8937f08f8093fa72041c90c197ddc856f9a809
f82dfa6f75e15558d7bec0f7dd602760d885a49e33241dfff0de768701576b4d
f9991001b115391757a30f4cd7070c6b97705acad6b2bf91394a9ae66d473f30
fb2869741c5c66344240939b552d68750acd6aca27607c348ffc192106dde14d
fb4d6e13f4dd6fc5e54198f73debbb923455f80c5e6d9faf6da6a386f9ea5650

groupda.link Open in urlscan Pro 172.104.56.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

81 %IPv6

12 Domains

18 Subdomains

15 IPs

3 Countries

1127 kBTransfer

2314 kBSize

19 Cookies

20 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

groupda.link Open in urlscan Pro
172.104.56.139 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

81 %
IPv6

12
Domains

18
Subdomains

15
IPs

3
Countries

1127 kB
Transfer

2314 kB
Size

19
Cookies

75 HTTP transactions
0 data transactions