detiklife.com Open in urlscan Pro
128.199.144.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://detiklife.com/
Effective URL:
https://detiklife.com/
Submission: On March 07 via api (March 7th 2023, 6:26:07 pm UTC) from US — Scanned from SG

Summary HTTP 104 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 29 domains to perform 104 HTTP transactions. The main IP is 128.199.144.56, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is detiklife.com.
TLS certificate: Issued by R3 on February 1st 2023. Valid for: 3 months.

This is the only time detiklife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	128.199.144.56 128.199.144.56	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2404:6800:400... 2404:6800:4003:c03::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:4529	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:23d... 2600:9000:23d2:1600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223b:3200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
10	2404:6800:400... 2404:6800:4003:c03::9d	15169 (GOOGLE) (GOOGLE)
2	18.155.68.13 18.155.68.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c03::9b	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c0f::84	15169 (GOOGLE) (GOOGLE)
17	2404:6800:400... 2404:6800:4003:c04::9d	15169 (GOOGLE) (GOOGLE)
1	64.58.116.142 64.58.116.142	7979 (SERVERS-COM) (SERVERS-COM)
11	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c06::93	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
4 11	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
3 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	104.254.148.252 104.254.148.252	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2404:6800:400... 2404:6800:4003:c01::5f	15169 (GOOGLE) (GOOGLE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
1	2406:2600:7:1... 2406:2600:7:100::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	18.181.21.138 18.181.21.138	16509 (AMAZON-02) (AMAZON-02)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	67.199.150.81 67.199.150.81	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2404:6800:400... 2404:6800:4003:c06::65	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:1e::9	15169 (GOOGLE) (GOOGLE)
2	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
104	36

6 128.199.144.56 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: detik.detiklife.com

detiklife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c03::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:4529 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23d2:1600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223b:3200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c0f::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4003:c03::9d (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.68.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-13.sin52.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c0f::84 (Singapore)

ASN15169 (GOOGLE, US)

8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2404:6800:4003:c04::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.142 (United States)

ASN7979 (SERVERS-COM, US)

c.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::93 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

video.seenthis.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.194.157 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.254.148.252 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::5f (Singapore)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.181.21.138 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-21-138.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.81 (Singapore) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c06::65 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:1e::9 (Singapore)

ASN15169 (GOOGLE, US)

r4---sn-npoe7ns6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	175 KB
20	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 bid.g.doubleclick.net — Cisco Umbrella Rank: 703	220 KB
8	gstatic.com fonts.gstatic.com csi.gstatic.com	122 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 442	135 KB
6	detiklife.com detiklife.com	134 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	5 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 714 gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719	7 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1090 r4---sn-npoe7ns6.c.2mdn.net — Cisco Umbrella Rank: 229601	2 MB
3	wp.com stats.wp.com — Cisco Umbrella Rank: 2729 pixel.wp.com — Cisco Umbrella Rank: 2533 i0.wp.com — Cisco Umbrella Rank: 3089	7 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 51210 get.optad360.io — Cisco Umbrella Rank: 35738	213 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	58 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	869 B
2	seenthis.se video.seenthis.se — Cisco Umbrella Rank: 28553	11 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 26706	696 B
2	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 56260	6 KB
2	siteswithcontent.com cdn.siteswithcontent.com — Cisco Umbrella Rank: 173323 c.siteswithcontent.com — Cisco Umbrella Rank: 40729	2 KB
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6288	233 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 19747	358 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4937	654 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 918	821 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5972	176 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	49 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	2 KB
1	mgid.com cm.mgid.com — Cisco Umbrella Rank: 1313	631 B
104	29

	Domain	Requested by
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
6	detiklife.com	detiklife.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net get.optad360.io
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	detiklife.com 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
3	8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	get.optad360.io static.criteo.net
2	r4---sn-npoe7ns6.c.2mdn.net
2	image6.pubmatic.com	2 redirects
2	x.bidswitch.net	2 redirects
2	imasdk.googleapis.com	8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
2	video.seenthis.se	8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com video.seenthis.se
2	googleads.g.doubleclick.net	8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.com.sg	securepubads.g.doubleclick.net
2	optad360.mgr.consensu.org	detiklife.com get.optad360.io
2	get.optad360.io	detiklife.com get.optad360.io
1	mug.criteo.com
1	gcdn.2mdn.net	1 redirects
1	rtb2-useast.e-volution.ai	8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
1	v9999.adv.admeme.net	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	bidder.criteo.com	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	prebid-eu.creativecdn.com	get.optad360.io
1	www.googletagservices.com	8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
1	c.siteswithcontent.com
1	cdn.jsdelivr.net	get.optad360.io
1	i0.wp.com	detiklife.com
1	pixel.wp.com	detiklife.com
1	cm.mgid.com	cdn.siteswithcontent.com
1	stats.wp.com	detiklife.com
1	cmp.optad360.io	detiklife.com
1	cdn.siteswithcontent.com	detiklife.com
104	46

This site contains links to these domains. Also see Links.

Domain
en.optad360.com
wordpress.org

Subject Issuer	Validity	Valid
detiklife.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-02-22` - `2023-06-21`	4 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
siteswithcontent.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.seenthis.se R3	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-21` - `2023-05-02`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://detiklife.com/
Frame ID: B2A8B214F40EA8827399C397EFD5F86B
Requests: 43 HTTP requests in this frame

Frame: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3ACCC165A6483E9945614AA428045E5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E7CD4BF269835D03409E0A8BBFCCAAB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B7EA9DE135CF0CC01671B0DAF3408BC
Requests: 2 HTTP requests in this frame

Frame: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 818F597F0C7F0B6453E3F07CE92FB18D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLzVRDt1vS1BBj6qfbiATAB&v=APEucNWgrPqz72lGT_HHmACcXhMKshd37H-7cP60d1pSJNrh4v-RXMmHvrZY6WiT9i36tmsoC6KiO213HVGHGzBYtN2lkM897w
Frame ID: B58415E46D1347610C3026FE3D5BD12F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD635E33B81FEE0908F53E5008790D98
Requests: 3 HTTP requests in this frame

Frame: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B1DD89B66D61341B0A95C196AF52BF0
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68AE33836F1AD71333BF3B6863DFADBA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E70F06E9572B1F792183AE5F117E2495
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=detiklife.com
Frame ID: FDD7A3F80B7949E1C0B3DE025DB62547
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

detikLife | Memperkaya Hidup Dengan Kumpulan Informasi BermanfaatdetikLife | Memperkaya Hidup Dengan Kumpulan Informasi Bermanfaat

Page URL History Show full URLs

http://detiklife.com/ HTTP 307
https://detiklife.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

104
Requests

88 %
HTTPS

55 %
IPv6

29
Domains

46
Subdomains

36
IPs

5
Countries

3054 kB
Transfer

5151 kB
Size

32
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://en.optad360.com/?utm_source=branding&utm_medium=display&utm_campaign=detiklife.com

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Diberdayakan penuh kebanggaan oleh WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://detiklife.com/ HTTP 307
https://detiklife.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1&C=1

Request Chain 46

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAeBu6vN-cLivY9l5nYKBQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELtU0ltqZXY8Km4OWhk2_II&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtU0ltqZXY8Km4OWhk2_II%26google_cver%3D1

Request Chain 48

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MjAyODE0NDg4MDM0NjMz

Request Chain 85

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGaKCKMO8qUkItuyhiygImg&google_cver=1&google_push=Aa02lx-HxCyQxM2UMQHowymZKd8cMybJoujw5NWXSfJmln-IUrQppNi0d-sOCGt3PrHoNvk0HuDcXkWT6xW08kw_dDKZviCujnXDVwd2SALVgFlcZxCvJJW_wFFI_Qq5IThpOEJVQdzhupPdBY2C6IutlVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkxMjA3MTYxODM0MzUyODA4Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGaKCKMO8qUkItuyhiygImg&google_cver=1

Request Chain 86

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBi-eqTlDmtZztxuai4Cqp4&google_cver=1&google_push=Aa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBi-eqTlDmtZztxuai4Cqp4&google_cver=1&google_push=Aa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 87

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESELEcMuRPW2mFlP6O6LqERMo&google_cver=1&google_push=Aa02lx-2buAUbzUAtCLyUV-0uHRcUmI0OZIbcQ0FrvXJtCpHvCLk9I-XXWnJ07uZQ9Y4JPMdLL0ALAazgBPfTD5q-joG6k96kpD2N0eoGizJGbwBP4mhccNP2N2BKR6xpEKQ8wo0-7cnPxJK2iZmp489sA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx-2buAUbzUAtCLyUV-0uHRcUmI0OZIbcQ0FrvXJtCpHvCLk9I-XXWnJ07uZQ9Y4JPMdLL0ALAazgBPfTD5q-joG6k96kpD2N0eoGizJGbwBP4mhccNP2N2BKR6xpEKQ8wo0-7cnPxJK2iZmp489sA&google_hm=UgqBomQ3QNK5ab8IHCBZ5Mw

Request Chain 88

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEN1GyFXuclHQzBUwFyrcyK8&google_cver=1&google_push=Aa02lx-7gyOsVPYS9MjkmBjrxxuAmGuqALbYzhaPgSgcTxLH_WuHIt7kJZj908ogEPndgcuMNDqWjZ_jjRQlVxpn-OpvXdtbukvQDg1xPihHEE9iEDcsdqp1pJwjOoMQ_zzDV324bKppqzMjdCuk7AlgaEs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=Aa02lx-7gyOsVPYS9MjkmBjrxxuAmGuqALbYzhaPgSgcTxLH_WuHIt7kJZj908ogEPndgcuMNDqWjZ_jjRQlVxpn-OpvXdtbukvQDg1xPihHEE9iEDcsdqp1pJwjOoMQ_zzDV324bKppqzMjdCuk7AlgaEs

Request Chain 89

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEGRt-DRHPRipgN2qWBZi0WA&google_cver=1&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIfwg7at5KOdRV1kL55IvDzImd4-6bqA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEGRt-DRHPRipgN2qWBZi0WA&google_cver=1&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIfwg7at5KOdRV1kL55IvDzImd4-6bqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIfwg7at5KOdRV1kL55IvDzImd4-6bqA&google_hm=wKpO1kapQ3K6yCW8uOiLjg==

Request Chain 90

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI6f4GUHKcA97OjW5PkZWmk&google_cver=1&google_push=Aa02lx-UOo9WbDNcC2zXnQRrq-xGiKXmO8TtYfHbXn4Rpfi28U4hPuuK9C7fnUOe01HPWLTb92B0B719iym7-WfP5xYe33bTntAd9sLP6EprWME4FKA5NUBzNjXIDXmq438f6I9nK3a_l9PGfWldI1Jz0-w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI6f4GUHKcA97OjW5PkZWmk&google_cver=1&google_push=Aa02lx-UOo9WbDNcC2zXnQRrq-xGiKXmO8TtYfHbXn4Rpfi28U4hPuuK9C7fnUOe01HPWLTb92B0B719iym7-WfP5xYe33bTntAd9sLP6EprWME4FKA5NUBzNjXIDXmq438f6I9nK3a_l9PGfWldI1Jz0-w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UolZY8hgQ5qXkyfKaKSymw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-UOo9WbDNcC2zXnQRrq-xGiKXmO8TtYfHbXn4Rpfi28U4hPuuK9C7fnUOe01HPWLTb92B0B719iym7-WfP5xYe33bTntAd9sLP6EprWME4FKA5NUBzNjXIDXmq438f6I9nK3a_l9PGfWldI1Jz0-w

Request Chain 95

https://gcdn.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4C320A70F868CF4B9D5CEF829B96F7A6E27880CC.061D0B2FEE492A434D0D3F37DF5DE6B569BB0347/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-npoe7ns6.c.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34522BCD57DEDB6E8704D1135D368D3D2A7C96CD.1FC66AE1753CB28E86F71725B208F0734ACD0735/key/cms1/cms_redirect/yes/mh/-1/mip/2001:df1:800:a004:1::4/mm/42/mn/sn-npoe7ns6/ms/onc/mt/1678212539/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertag&domain=detiklife.com&sn=ChromeSyncframe&so=0&topUrl=detiklife.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pdI-HXxlN0REc3pHVlVmcEpBQXRzejg5ajJLUldNRkNMUEpSaDFJeVRaVm9Za2o0S1ZxTEZnb09iVm5pdjkwdm1UdlVhQWRpemRZZXVEcnQ2REd1R1RwQVdJTEM1TkREQWZBQlVSUlFiK1RiUkNOMnNEUHhSRWlSOHNqTTYyV0hyd3pUMklYaGw5K0tpK3UyZ1htUVdybTRSRytHQ2Y1VXZJM3EvdlF6S0VheGlsbkZIVHpmSUVka2txWWJqUDhQZTR4QUJ1Z0VKODRHWWJLQVRUdVcwQnZMYnE5TTgzczg4VWZURklKcEQyaVRyM3VLWllWdWxORWZDc253eFdtcWdhdzkwQVVINW45aUQ0Z0VnV2htZDd6SlRYQT09fA&cppv=2

104 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
detiklife.com/
Redirect Chain

http://detiklife.com/
https://detiklife.com/

51 KB
14 KB

506ms
483ms

Document
text/html

128.199.144.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://detiklife.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.144.56 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

detik.detiklife.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

8bbc25cd08ef0fa3c8fce180f4070275e76f05b43125d7e254038fc6a62c302c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: none
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 13245
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Mar 2023 18:26:01 GMT
Keep-Alive: timeout=5, max=100
Link: <https://detiklife.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/6MpUs>; rel=shortlink
Pragma: no-cache
Server: Apache/2.4.18 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.13.35.2-0
X-UA-Compatible: IE=Edge,chrome=1
X-XSS-Protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://detiklife.com/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK autoptimize_44ba3486d1323be5646e1b6cd2b196e1.css
detiklife.com/wp-content/cache/autoptimize/css/ 306 KB
75 KB 78ms
77ms Stylesheet
text/css 128.199.144.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://detiklife.com/wp-content/cache/autoptimize/css/autoptimize_44ba3486d1323be5646e1b6cd2b196e1.css

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.144.56 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

detik.detiklife.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

0dd5c7cbe25fb86e09667c6b1b133322bcd603decada02c531507c3b758a27b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:26:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2023 08:11:49 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Cookie
Content-Type: text/css
Transfer-Encoding: chunked
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=5, max=99
X-XSS-Protection: 1; mode=block
Expires: Sun, 25 Feb 2024 18:26:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
658 B 20ms
8ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67d8f00d442f5c27bc4a9cd4d9a9414a7fc888124c49b78bee26719ecf92ce52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 18:26:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 18ms
6ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2506dbc742800f1ab10510050c2032e00d295642673cc9bdc7ca35984fc84207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 17:11:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
523 B 18ms
7ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Mono&subset=latin%2Clatin-ext

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4832a8317442bde5fb0b6d3190b8ec7416f341ef56a07a7b1d8e06ea302b164b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 18:26:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H2 200 subscribe.js Show response
cdn.siteswithcontent.com/js/push/ 5 KB
2 KB 35ms
15ms Script
application/javascript 2606:4700:3032::6815:4529
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siteswithcontent.com/js/push/subscribe.js?v=1.1.0
Requested by: Host: detiklife.com
URL: https://detiklife.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4529 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-id: sg1-up-gc61
date: Tue, 07 Mar 2023 18:26:02 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TDT8ATXZSATVYGDG
age: 5170
x-cached-since: 2023-03-02T12:46:57+00:00
x-nginx: nginx-be
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EKM1g0GX+3ICSAuKo092YcySbCfgPFHnMF4R2yI7+Pl08BxQeFxBKpw1i5E85TICfx/riHZqZ5U=
last-modified: Wed, 30 Mar 2022 12:06:36 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1648641987/ctime:1648641987/gid:0/gname:root/md5:531a7e657aea171bbfa47a0c45adfede/mode:33206/mtime:1648641987/uid:0/uname:root
etag: W/"531a7e657aea171bbfa47a0c45adfede"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDKAeBuNYpsvkF9uK6XmkKclkof0tUlWIIMtBQ9GcTLeL2JusUIzokKYEETR3RqpH7mt7RT8XwyShTqOel0zjlxA%2Fyyoi09f%2FLZqIdNRKCotjtkiMD7el%2FtHBbs5Ovu2fwF07K8cmh4ZzuTNTtASv%2BBYGUnFDT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 7a44e26b2b7f3e50-SIN

GET
H2 200 126bff4a-5f6d-4cd0-a1ac-cffd6e4a9c3e.min.js Show response
cmp.optad360.io/items/ 497 B
833 B 41ms
4ms Script
application/javascript 2600:9000:23d2:1600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/126bff4a-5f6d-4cd0-a1ac-cffd6e4a9c3e.min.js
Requested by: Host: detiklife.com
URL: https://detiklife.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:1600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 18:53:45 GMT
via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 84737
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 497
x-amz-cf-id: UbC20rleQ2mVfC3sv9Z7gwcC_u5oJg7w4C4dAD5GzbIB42QmwlTDag==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/b7e4276a-f498-11e8-940c-06048607e8f8/ 265 KB
57 KB 41ms
5ms Script
application/javascript 2600:9000:223b:3200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/b7e4276a-f498-11e8-940c-06048607e8f8/plugin.min.js
Requested by: Host: detiklife.com
URL: https://detiklife.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:3200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e75286dd17c2f55dcb3cb2da68988c6cb79437cc0a0c591ad9aecd20e566d0b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 04:17:19 GMT
content-encoding: gzip
via: 1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 13:43:44 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 223724
etag: W/"928e91743d61e16f62fcbfda057b024a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-cf-id: 5DHJOdV84twAfBr4Zmxf03PoGwGKuUO07FgSZBSoOc_0_UdLd3rXVw==

GET
H2 200 e-202310.js Show response
stats.wp.com/ 9 KB
3 KB 12ms
2ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202310.js
Requested by: Host: detiklife.com
URL: https://detiklife.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc: HIT sin
date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
server: nginx
etag: W/"61adb0c2-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 24 Feb 2024 10:08:32 GMT

GET
H/1.1 200
OK autoptimize_6a2d651935bb105946b0d1ec0d9a5a0a.js Show response
detiklife.com/wp-content/cache/autoptimize/js/ 128 KB
42 KB 20ms
20ms Script
application/x-javascript 128.199.144.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://detiklife.com/wp-content/cache/autoptimize/js/autoptimize_6a2d651935bb105946b0d1ec0d9a5a0a.js

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.144.56 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

detik.detiklife.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

34559a296b0f9cdd8f06a7a1a68a1bca2dec8ad64521736bfb379b716116d8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:26:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2023 08:17:36 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,Cookie
Content-Type: application/x-javascript
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=5, max=98
Content-Length: 42834
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Mar 2024 18:26:02 GMT

GET
H2 200 js-cookie-muidn Show response
cm.mgid.com/ 65 B
631 B 253ms
234ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/js-cookie-muidn
Requested by: Host: cdn.siteswithcontent.com
URL: https://cdn.siteswithcontent.com/js/push/subscribe.js?v=1.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3da9a8e006803d5569cb268ee2b8e79fd6fc82a77c616be674b4bf8d21d5f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7a44e26bbe371918-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 1.JiBnMqyl6S.gif
detiklife.com/pagespeed_static/ 53 B
354 B 17ms
5ms Image
image/gif 128.199.144.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://detiklife.com/pagespeed_static/1.JiBnMqyl6S.gif

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.144.56 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

detik.detiklife.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:26:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Mar 2023 18:26:02 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 53

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 18ms
4ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://detiklife.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:34:33 GMT
x-content-type-options: nosniff
age: 600689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 19:34:33 GMT

GET
H/1.1 200
OK edincon.woff
detiklife.com/wp-content/themes/edin-wpcom/font/ 1 KB
2 KB 9ms
6ms Font
application/font-woff 128.199.144.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://detiklife.com/wp-content/themes/edin-wpcom/font/edincon.woff?-yw7mjc

Requested by

Host: detiklife.com
URL: https://detiklife.com/wp-content/cache/autoptimize/css/autoptimize_44ba3486d1323be5646e1b6cd2b196e1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.144.56 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

detik.detiklife.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

d96ec630bc042285017e44862ae2c662d543d36e26b3f1cc5def9372b1185d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://detiklife.com/wp-content/cache/autoptimize/css/autoptimize_44ba3486d1323be5646e1b6cd2b196e1.css
Origin: https://detiklife.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:26:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 08 Mar 2018 11:43:45 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4ec-566e53028aec7"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1260
X-XSS-Protection: 1; mode=block
Expires: Thu, 09 Mar 2023 18:26:02 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 22ms
9ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://detiklife.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:45:47 GMT
x-content-type-options: nosniff
age: 560415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 06:45:47 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 5ms
2ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=100197360&post=0&tz=7&srv=detiklife.com&j=1%3A11.5.1&host=detiklife.com&ref=&fcp=0&rand=0.48996694921946427
Requested by: Host: detiklife.com
URL: https://detiklife.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Mar 2023 18:26:02 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 detiklife-logo.png
i0.wp.com/detiklife.com/wp-content/uploads/2017/06/ 3 KB
4 KB 14ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/detiklife.com/wp-content/uploads/2017/06/detiklife-logo.png?w=316&ssl=1

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

34c7cdcbdedffdb995624a957de5af1ca82775b7db5e453889971c5a5415f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nc: HIT sin 4
date: Tue, 07 Mar 2023 18:26:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 10:29:10 GMT
server: nginx
etag: "ad112fb808f754c2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://detiklife.com/wp-content/uploads/2017/06/detiklife-logo.png>; rel="canonical"
content-length: 3406
expires: Sat, 27 Jul 2024 22:29:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 24ms
5ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/b7e4276a-f498-11e8-940c-06048607e8f8/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d2710aeb5a90d21b5819209290a4bebed88523974caa2ef833ce3424dcbc0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27144
x-xss-protection: 0
server: sffe
etag: "1503 / 43 of 1000 / last-modified: 1678191042"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H2 200 prebid7.17.0.js Show response
get.optad360.io/sf/ 492 KB
155 KB 4ms
4ms Script
application/javascript 2600:9000:223b:3200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.17.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/b7e4276a-f498-11e8-940c-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:3200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:11:32 GMT
content-encoding: gzip
via: 1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 13248871
etag: W/"840fa482840c0b1f014b3c14f6e0ab2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: TcubO9ICkDqSDGXKor-Y67SOf6AArua9Or_9gFMx9dT9cut1_RCpzw==

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 32ms
4ms Image
image/svg+xml 18.155.68.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: detiklife.com
URL: https://detiklife.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-13.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 16:06:02 GMT
content-encoding: gzip
via: 1.1 d4555cc532101371fed7b03db24c29be.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 8401
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: mLkV4tAUGwo4ePcOMoLQ8l6JHTV_IJ5Q0OsCYuIDH63PO_BP1FCJNg==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 19ms
10ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230307

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfe70b53ab429e19700d2c67f17bf3322245d736721e40f0cc1b472d33b27e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://detiklife.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8706
x-jsd-version: 1.0.1639
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4530-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"637-cJkIy+g//pINTayyZdjcN4VsB1o"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2dgKcdA6LoNGY3l%2BIBHTwYlA%2FH9vwEm3xaOLn%2BfXlPd0TUBeSfhUa9M9%2BTV%2FujEi2Swv4hTpNE8rNTcicIc2miDjpO8FWp4%2BgouM6uZMK6mvJGAgdESQVIbVVS4vwGh6ZU7ZMOl%2FyNAniePR2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a44e26d0c02496f-SIN

GET
H2 200 pubads_impl_2023030201.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133088
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 09:36:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 11:51:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 82 B
89 B 17ms
7ms XHR
application/json 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=detiklife.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8bd4c7d8cc6a69b3929b481fcf073dbb8df9c3df05d0ce6af3bad364650c0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64
x-xss-protection: 0
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 34ms
8ms Script
application/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=detiklife.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 32ms
7ms Script
application/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=detiklife.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 224ms
219ms XHR
text/plain 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4322375392365731&correlator=3794700956018797&eid=44761478%2C44785063&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=121764058%3A22530287535%2Cdetiklife.com_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C970x300%7C1200x300&ifi=1&adks=2597575736&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678213562495&lmt=1678213562&dlt=1678213562077&idt=374&adxs=315&adys=168&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdetiklife.com%2F&frm=20&vis=1&psz=0x-1&msz=970x-1&fws=132&ohw=1600&ga_vid=1856821047.1678213563&ga_sid=1678213563&ga_hid=197343775&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60cbb6a77e1a86740af6eb5d1978fc37e199abe8e2ac08cac1a609d237cec5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7919
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://detiklife.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3ACC 6 KB
3 KB 38ms
5ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://detiklife.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:26:02 GMT
expires: Wed, 06 Mar 2024 18:26:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content mod_pagespeed_beacon Show response
detiklife.com/ 0
345 B 5ms
5ms XHR
text/plain 128.199.144.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://detiklife.com/mod_pagespeed_beacon?url=https%3A%2F%2Fdetiklife.com%2F

Requested by

Host: detiklife.com
URL: https://detiklife.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.144.56 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

detik.detiklife.com

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://detiklife.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 07 Mar 2023 18:26:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: Apache/2.4.18 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=0, no-cache, max-age=172800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 09 Mar 2023 18:26:02 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 20ms
10ms XHR
application/json 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44c8e11da0a49d471a7db7e26b14a269f0135efe923a8c158d3cdad73720a62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11217
x-xss-protection: 0

GET
H2 200 push-event-counter
c.siteswithcontent.com/ 43 B
239 B 644ms
209ms Image
image/gif 64.58.116.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.siteswithcontent.com/push-event-counter?permission=default&domain=detiklife.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.142 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://detiklife.com
date: Tue, 07 Mar 2023 18:26:03 GMT
x-mg-request-uuid: 6a609781-d0b5-461a-abab-22ee27ccec86
server: nginx
access-control-allow-headers: *
access-control-allow-methods: POST, OPTIONS
content-type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 17ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E7CD 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://detiklife.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 567278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 04:51:24 GMT
expires: Thu, 29 Feb 2024 04:51:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7B7E 783 B
1 KB 50ms
31ms Document
text/html 2404:6800:4003:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb3ce2d7b526ca5f936bcb6f88b2e0d4144988d8740aec131cc138e1b14a9310

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gf4bIdR6-fajZ9IM_xlbMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://detiklife.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Gf4bIdR6-fajZ9IM_xlbMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:26:02 GMT
expires: Tue, 07 Mar 2023 18:26:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame E7CD 36 KB
14 KB 12ms
4ms Script
text/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 21:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 21:57:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7B7E 0
0 6ms
5ms Image
text/html 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030201&jk=4322375392365731&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E7CD 0
10 B 5ms
4ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?h1v3Gw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 818F 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://detiklife.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:26:02 GMT
expires: Wed, 06 Mar 2024 18:26:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B584 624 B
672 B 15ms
10ms Document
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLzVRDt1vS1BBj6qfbiATAB&v=APEucNWgrPqz72lGT_HHmACcXhMKshd37H-7cP60d1pSJNrh4v-RXMmHvrZY6WiT9i36tmsoC6KiO213HVGHGzBYtN2lkM897w

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:26:02 GMT
expires: Tue, 07 Mar 2023 18:26:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 818F 78 KB
27 KB 22ms
18ms Script
text/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 818F 42 B
63 B 11ms
8ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZd72ZTKHcm2OOVvzzH3zOebGu0Z7ZIRWUHFATFX2fVMXZF1YuuiiWQsW1nYAtJH0uo5-k6BEligKOOwnqmR6e99caWVvTCoN2kRYf75aaFixQz0s

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 818F 0
20 B 18ms
15ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17903662601260724524&x=1&ct=77

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
video.seenthis.se/public/tag-loader/2/ Frame 818F 29 KB
8 KB 33ms
3ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/public/tag-loader/2/loader.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

256a361ec392ca14cfc4694a06179f162e82bca34a5c27388f549a91869b0258

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: mwGKvB0uL8a8G3WCtP7S5fQ0WyRW8J9k
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 07 Mar 2023 18:26:02 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 534RZAPJ6YMMNR2E
age: 1652057
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
content-length: 7400
x-amz-id-2: Tv5+H5OKq8DSM2mJQtogUaOv2lN5mjsYfmG5z4mD50elOsaE+VhGD2ygjYQckY4ZWJLCAlPvI+Y=
x-served-by: cache-lcy-eglc8600036-LCY, cache-qpg1250-QPG
last-modified: Wed, 15 Jun 2022 08:10:32 GMT
server: AmazonS3
x-timer: S1678213563.804060,VS0,VE0
etag: "cca2e355750cfcb1433827b134974a8b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 9, 66916

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 818F 3 KB
1 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 04:37:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 818F 20 KB
8 KB 9ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 21:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 21:11:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 818F 158 KB
49 KB 7ms
4ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 18:26:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B584
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1&C=1

43 B
632 B

37ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLzVRDt1vS1BBj6qfbiATAB&v=APEucNWgrPqz72lGT_HHmACcXhMKshd37H-7cP60d1pSJNrh4v-RXMmHvrZY6WiT9i36tmsoC6KiO213HVGHGzBYtN2lkM897w
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B584
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAeBu6vN-cLivY9l5nYKBQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1

43 B
632 B

36ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLzVRDt1vS1BBj6qfbiATAB&v=APEucNWgrPqz72lGT_HHmACcXhMKshd37H-7cP60d1pSJNrh4v-RXMmHvrZY6WiT9i36tmsoC6KiO213HVGHGzBYtN2lkM897w
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHFGpm1zfI6I9fAjafThUA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame B584
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELtU0ltqZXY8Km4OWhk2_II&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtU0ltqZXY8Km4OWhk2_II%26google_cver%3D1

43 B
1 KB

223ms
223ms

Image
image/gif

104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtU0ltqZXY8Km4OWhk2_II%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLzVRDt1vS1BBj6qfbiATAB&v=APEucNWgrPqz72lGT_HHmACcXhMKshd37H-7cP60d1pSJNrh4v-RXMmHvrZY6WiT9i36tmsoC6KiO213HVGHGzBYtN2lkM897w

Protocol

HTTP/1.1

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:03 GMT
AN-X-Request-Uuid: a767f545-7b76-4a55-a792-512e50b1bed7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:03 GMT
AN-X-Request-Uuid: f528d6cf-d846-4aae-a8f3-4710e83b7910
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtU0ltqZXY8Km4OWhk2_II%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B584
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MjAyODE0NDg4MDM0NjMz

170 B
188 B

9ms
8ms

Image
image/png

172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MjAyODE0NDg4MDM0NjMz

Requested by

Protocol

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 07 Mar 2023 18:26:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bfabd95c-bb62-4e8a-b831-0a3df858cb3e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3MjAyODE0NDg4MDM0NjMz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 818F 0
20 B 5ms
5ms Ping
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=793857569444&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 818F 0
20 B 7ms
6ms Ping
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=793857569444&version=m202301230201&ct=77&x=1&cor=17903662601260724000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 818F 15 KB
11 KB 27ms
26ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AMK6_HUfPPDxg6_Mw1spz15g-2FDcg5HS8jVqgkwEu30eRnO8h28WficACZ5FDYTAA-SOy9iR3y2KpYgyPyYO6ongUqNXQAUBmZQeD3SK3mRz_-r3QB6GMIBsP0GOYGslaMgOiDg3qc7Dj5zCHag6TX5SzgOm_PmrOLmWsJQljlzP33Fg&cry=1&dbm_d=AKAmf-ALiBJBDRCC700ch3bPNS09g-91LKGvRMDnGNOFup2rPNAxtm9FGA8UUby_sMLEkRRB8gy83O5ePV6y4P-Q7pKDxB7LcvT98FKes8bt4ncIERSE_VmA0nJP5Lr-emS8wIbqfVY2qvhFdKIqpqa1cLvnWgU2ihYwOQHDpHIQCNlHXLQh7APk422sFH1OH-tFBdCVOdMy8Zr8KGD0GfbwfPhnr7z4Vxgk8TMH58YqbdAwKxBYjBJzyo9K4o7lMKDgyp-bUKy_BoUTmod3KJEG0BCqYWYB3Nr5HWliTYcN62jJcGSKrBu-VwfFzdxH7aUgx7tG4tecL1oPftpol0GsdrtKe7SggEiiUf60ccIWSXw5kL3u4O3kmnTOg-EeQoBqhlwFPjETozyxzD11jaQElg4aPcUOUjbaiKKDyX8UbZphFyo1ok29FaGxE7nmlcaZGjqwRxVxLuSi7yd0UkHXoc0unZfjuoT_zZq-CPV1IZjMLRk9VKiMZcpGrP6j8q-3rcYc4fsPveRUZdN64brL0NsvRpUKvauZ9aV-gMY6u9TrXyg9BOiUYuiD78K9arCaivUjP86Po_AuQrhsW23gtjDvExDwAM96w4tFhBpZfn_-JIQRhC7gUvo16SRtd09qZVNVF_TaME68OeP-xBhDCsSk8ri4Iajzr_EUjzK8AMhz8rEP-B4bktl_QD0Q9xxOn_KGcFj57H-JV4nERsWm2_-454I6CHkNzIhg_9CJo7vht6cIxZxvNQadeY6tH1rjy4CmYODjE1-Td1Lt9cdKORApOMv-ZPBPEFzcL6sF9G4OaZR1135KGhL05V_RgABOSllxEUKuTBEiEdU9Fpqw8TkqkEkR1ZQslcaE9W2EId5wej5gQRxuhYXklgiwGFOoa9wUYKGOy1gl7b8wPtV1q8Wrd1SEyE0MytDuLsitKXEcgNSHpbLoSwpOfY9pCPa1SmrTlEVFcdfti2JU_iWQ3Ll65PetmscaK994xHfmTh3ybStDauxxcn55xQEuR5TG2YUM16YAF0s0Wnj2UDZ3XNpMmsQHX8nU3npmLQl0_UxJVfJJpSORzlKhP44FPelEDiTWiVAAv9dLfN7YWVYViARFpmPLa36B09-9_2v2CEMvdlcMMYcfYricL2JVY7leIZR3zdNSH2tAdEgOp-uWLmWI4Klo7VrMOdvCAYWppJCze3Ig5Crveu8I59YjxFP75YZFPCsUgMBOTLbgYa3ecafN64uMYZIYrgcVJYPpXofjFZ33Y_Yd1kSLxVUPPw87zLdc055DM_hLe54-2dZh97Vny_2abVmuXsQBLZJ-GAnwiwJ8LrMLAM2-sALu7fLvOHvQqwvGRz2HEciCh6TsKQpS41fC3QFWKUQgq75ufmxWvAkGMnBk5nik9GhQWUh3ntVCXofCLTYHELklJGOjBEgwIN232aSVle2MOvLKtkBlAuemZaH3_EZyvLgexTFUZJA9kkoblV3dFcj5_0GExQXPS4HaAxfRqOBewhqXk6AskHCSQ3bJ452gawukhaR1tyFJ2VbpdSGOu8pzsgFIXOq_a3a4XhxuZ3f6PBHXbdAspXDI2ZsfN8qjXKSGFCP9BVE040cqnkb5u8n1sbArEL6krtMRKkJJaM-vLsOY_BhKiu2557tnP-kHMVtWibGPBweEd0Vo6vcElSWONCdhl7EASwUJdu2hVwJqs5Ptq30nWoHOhRElcLUUI88qVEkURfuTL-2tq8Oaaav8ZGoN51vv0wNP3aLTiVgZ2xXh0gyzWiLp_8uAKSSwvO7CWSbmePokAJWT_Zm-cbLlXImZR1sUKzeTHUhcP7BvQ1vq8yIW_u3THwRTkqDupL18QEoLi_4ShvtsaULBiCBlxZgXfror2FasB1-e0XW6h6AhUiX805zXbo2iTD7wpu8edI18J5nypkCUqTaalpsM3IRf1YUNJiNIl8u1BdztkRNeDYiyR3CpURt6WCJAYtNN656TrUf3AQgEbUH2Hc9uAQofWuRQTjHHdqSFuxaTzQmkobd_2zmjTZOgJ4l0QmE9bprsy9myPGAj1R2x4sN93pE3948Zz6cGS9AQhh8HLDN5-Glyty_cME76gItRiNet7LB_tvzKwB1WGTuaGHHres_6COOfeYB4Ku5Lip0fd5DH67eo0UaKX80mhS0Caq8kSISyCDVab5PcPmXdMVLcXXB7qp857_v3hXrmFQLglYOosPVliJ-2U4B8uHCfklBIVotACKPygKqdSWDz6D87kGQE7teKmqOUaHlKipeLs_3nQSZjbuiycYdpQ2FhKz3ApyN3vleoG0CZxBwIo8XKMHxEaxWfxLEzfFAQsw7JzNcaDIBBBmiBzrPBKXu2TFGhu3WIoQqCJY-GsHXdRccb7HzOw3eQP9V8QTMQaGD_eDNZsrra9FL_HWc5ohTfP3mVAOTxddhOhtLXIxYVUN5RiHGhlXfwfHdCdGuFsFlFShXXZVcuU1HjaFIQW2UZi-H7wbFM3fMjine2X5I7NoMabRtoUjqcK_Gz2T5irmBFxrnX9hDnKpJ24vdScb4y1BMoISClMiKiA3re6s7GSKWY18m4yfdbnEy6WcoxCNH8FTMXlYl1wLPSywa1Dh5vJxu1d0-ovfwnCrLUgXFihr7jlku8jrWcpa7OT797YyRiUbA6KKtqHU4PYsDGYcuxzmegB7u_4kTr-ciit9JV5yh9tzyWiGyHepXNZyKEzCzK8espEG8a4E5G2cEDsUge5Q9GJKWDFIezh0a-WiYXTSZZatqE5iEtAYDDP8ri5boDpGSTmDwexPS8IuefQ78LZPCEmRyYM8FCTdyGZcdxI946LBY7uXjdEIaY0fwCRFkO3TfA35UrtVs37_y_L7AV1AcMrPQsMTzCQqPAyEWUPjtT8T59t1uVFfgH9UCQmPFHHoKxjZP-FE4UY81s7j6oClGoHIDcNld1fO2UNwnHjlakmv8TQ_X4kzGQ2G8uLIlrtznPxC-JhQ54JdPzzHi0qvMvDmxohxItJOuWEi0YpMO1aeB5JN-UcovWtd0Y5Y6NrtNsYPtU2yk4XeFucapCDB86DS3AmutlWmNdr28-XkPCj-0IVAHZLxGQi3iFltDJNkVGjKDTpZUyD6wSIuHnBTdcd9HsVITDHlcxwVJ9F-7saK7j9G_T4e1XlWazhupCeEsu3GdA9tGz7F_eyRCaLA0Iy50tcmhM7vcEUJusPKJWZXJd-ay38h5Hx1MMt__lSDQL1y760UilsjIM8xdNlkLhzn-J-v873NWfLFjj23zrnJ1m_CypP330C-F-dx2_KAbqbBsjddMzYnDvQg51LxmKa1WuwzXUbyKs1pUmSTQZ2s4S6pLBk1p_CskUGQarjzxT0QmRWMrHWEpynq7bhvZT1e9ARoW9CcxNkRLDbi-U-gk3pnswETFm635ZiVTtzNrwui3ZtF0-PCcD3Aj2f5E5902NoYyFg50DQTqZX4UhYssXXNFxDT3xvTIGgUEnewQa5ENs___oh2FmZnynZaFEl9miu4QTm-4X4qMYQ_yQIKxzukmFJSAarLaXyRYNHrE_W-WT-pWuUt7t4jnC2h8rOQ6qVwey8aVVZcobTVzjeMokr24optaYxOLbnC_8uddFa0gw4y2cO4lIjic-06U9ktHVCkKlgcoIrkRDPsniXXQawi4cMcuM98m8bweJJhIf2IohRNOL-NuEVrCOcvm6lyewb6BKDllrepJMAwvcdAOXwf1OZvxKVQ&cid=CAQSTADUE5ymuWQI8ShboBVL7Ft6wd0RRvWq27ANWr268V9JBP5KBo9YPcsWjFa-1sUJQ6Q-f1eE2pIubCNCJ3M_fB-fz7WhWSQtH5R-uJ8YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fdetiklife.com%2F&ds=l&xdt=1&iif=1&cor=17903662601260724000&adk=250412560&idt=29&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4890820a861bae31d7753cd93e7a8e1693e2cbaa81fcd9c342447de9618440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 818F 41 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AMK6_HUfPPDxg6_Mw1spz15g-2FDcg5HS8jVqgkwEu30eRnO8h28WficACZ5FDYTAA-SOy9iR3y2KpYgyPyYO6ongUqNXQAUBmZQeD3SK3mRz_-r3QB6GMIBsP0GOYGslaMgOiDg3qc7Dj5zCHag6TX5SzgOm_PmrOLmWsJQljlzP33Fg&cry=1&dbm_d=AKAmf-ALiBJBDRCC700ch3bPNS09g-91LKGvRMDnGNOFup2rPNAxtm9FGA8UUby_sMLEkRRB8gy83O5ePV6y4P-Q7pKDxB7LcvT98FKes8bt4ncIERSE_VmA0nJP5Lr-emS8wIbqfVY2qvhFdKIqpqa1cLvnWgU2ihYwOQHDpHIQCNlHXLQh7APk422sFH1OH-tFBdCVOdMy8Zr8KGD0GfbwfPhnr7z4Vxgk8TMH58YqbdAwKxBYjBJzyo9K4o7lMKDgyp-bUKy_BoUTmod3KJEG0BCqYWYB3Nr5HWliTYcN62jJcGSKrBu-VwfFzdxH7aUgx7tG4tecL1oPftpol0GsdrtKe7SggEiiUf60ccIWSXw5kL3u4O3kmnTOg-EeQoBqhlwFPjETozyxzD11jaQElg4aPcUOUjbaiKKDyX8UbZphFyo1ok29FaGxE7nmlcaZGjqwRxVxLuSi7yd0UkHXoc0unZfjuoT_zZq-CPV1IZjMLRk9VKiMZcpGrP6j8q-3rcYc4fsPveRUZdN64brL0NsvRpUKvauZ9aV-gMY6u9TrXyg9BOiUYuiD78K9arCaivUjP86Po_AuQrhsW23gtjDvExDwAM96w4tFhBpZfn_-JIQRhC7gUvo16SRtd09qZVNVF_TaME68OeP-xBhDCsSk8ri4Iajzr_EUjzK8AMhz8rEP-B4bktl_QD0Q9xxOn_KGcFj57H-JV4nERsWm2_-454I6CHkNzIhg_9CJo7vht6cIxZxvNQadeY6tH1rjy4CmYODjE1-Td1Lt9cdKORApOMv-ZPBPEFzcL6sF9G4OaZR1135KGhL05V_RgABOSllxEUKuTBEiEdU9Fpqw8TkqkEkR1ZQslcaE9W2EId5wej5gQRxuhYXklgiwGFOoa9wUYKGOy1gl7b8wPtV1q8Wrd1SEyE0MytDuLsitKXEcgNSHpbLoSwpOfY9pCPa1SmrTlEVFcdfti2JU_iWQ3Ll65PetmscaK994xHfmTh3ybStDauxxcn55xQEuR5TG2YUM16YAF0s0Wnj2UDZ3XNpMmsQHX8nU3npmLQl0_UxJVfJJpSORzlKhP44FPelEDiTWiVAAv9dLfN7YWVYViARFpmPLa36B09-9_2v2CEMvdlcMMYcfYricL2JVY7leIZR3zdNSH2tAdEgOp-uWLmWI4Klo7VrMOdvCAYWppJCze3Ig5Crveu8I59YjxFP75YZFPCsUgMBOTLbgYa3ecafN64uMYZIYrgcVJYPpXofjFZ33Y_Yd1kSLxVUPPw87zLdc055DM_hLe54-2dZh97Vny_2abVmuXsQBLZJ-GAnwiwJ8LrMLAM2-sALu7fLvOHvQqwvGRz2HEciCh6TsKQpS41fC3QFWKUQgq75ufmxWvAkGMnBk5nik9GhQWUh3ntVCXofCLTYHELklJGOjBEgwIN232aSVle2MOvLKtkBlAuemZaH3_EZyvLgexTFUZJA9kkoblV3dFcj5_0GExQXPS4HaAxfRqOBewhqXk6AskHCSQ3bJ452gawukhaR1tyFJ2VbpdSGOu8pzsgFIXOq_a3a4XhxuZ3f6PBHXbdAspXDI2ZsfN8qjXKSGFCP9BVE040cqnkb5u8n1sbArEL6krtMRKkJJaM-vLsOY_BhKiu2557tnP-kHMVtWibGPBweEd0Vo6vcElSWONCdhl7EASwUJdu2hVwJqs5Ptq30nWoHOhRElcLUUI88qVEkURfuTL-2tq8Oaaav8ZGoN51vv0wNP3aLTiVgZ2xXh0gyzWiLp_8uAKSSwvO7CWSbmePokAJWT_Zm-cbLlXImZR1sUKzeTHUhcP7BvQ1vq8yIW_u3THwRTkqDupL18QEoLi_4ShvtsaULBiCBlxZgXfror2FasB1-e0XW6h6AhUiX805zXbo2iTD7wpu8edI18J5nypkCUqTaalpsM3IRf1YUNJiNIl8u1BdztkRNeDYiyR3CpURt6WCJAYtNN656TrUf3AQgEbUH2Hc9uAQofWuRQTjHHdqSFuxaTzQmkobd_2zmjTZOgJ4l0QmE9bprsy9myPGAj1R2x4sN93pE3948Zz6cGS9AQhh8HLDN5-Glyty_cME76gItRiNet7LB_tvzKwB1WGTuaGHHres_6COOfeYB4Ku5Lip0fd5DH67eo0UaKX80mhS0Caq8kSISyCDVab5PcPmXdMVLcXXB7qp857_v3hXrmFQLglYOosPVliJ-2U4B8uHCfklBIVotACKPygKqdSWDz6D87kGQE7teKmqOUaHlKipeLs_3nQSZjbuiycYdpQ2FhKz3ApyN3vleoG0CZxBwIo8XKMHxEaxWfxLEzfFAQsw7JzNcaDIBBBmiBzrPBKXu2TFGhu3WIoQqCJY-GsHXdRccb7HzOw3eQP9V8QTMQaGD_eDNZsrra9FL_HWc5ohTfP3mVAOTxddhOhtLXIxYVUN5RiHGhlXfwfHdCdGuFsFlFShXXZVcuU1HjaFIQW2UZi-H7wbFM3fMjine2X5I7NoMabRtoUjqcK_Gz2T5irmBFxrnX9hDnKpJ24vdScb4y1BMoISClMiKiA3re6s7GSKWY18m4yfdbnEy6WcoxCNH8FTMXlYl1wLPSywa1Dh5vJxu1d0-ovfwnCrLUgXFihr7jlku8jrWcpa7OT797YyRiUbA6KKtqHU4PYsDGYcuxzmegB7u_4kTr-ciit9JV5yh9tzyWiGyHepXNZyKEzCzK8espEG8a4E5G2cEDsUge5Q9GJKWDFIezh0a-WiYXTSZZatqE5iEtAYDDP8ri5boDpGSTmDwexPS8IuefQ78LZPCEmRyYM8FCTdyGZcdxI946LBY7uXjdEIaY0fwCRFkO3TfA35UrtVs37_y_L7AV1AcMrPQsMTzCQqPAyEWUPjtT8T59t1uVFfgH9UCQmPFHHoKxjZP-FE4UY81s7j6oClGoHIDcNld1fO2UNwnHjlakmv8TQ_X4kzGQ2G8uLIlrtznPxC-JhQ54JdPzzHi0qvMvDmxohxItJOuWEi0YpMO1aeB5JN-UcovWtd0Y5Y6NrtNsYPtU2yk4XeFucapCDB86DS3AmutlWmNdr28-XkPCj-0IVAHZLxGQi3iFltDJNkVGjKDTpZUyD6wSIuHnBTdcd9HsVITDHlcxwVJ9F-7saK7j9G_T4e1XlWazhupCeEsu3GdA9tGz7F_eyRCaLA0Iy50tcmhM7vcEUJusPKJWZXJd-ay38h5Hx1MMt__lSDQL1y760UilsjIM8xdNlkLhzn-J-v873NWfLFjj23zrnJ1m_CypP330C-F-dx2_KAbqbBsjddMzYnDvQg51LxmKa1WuwzXUbyKs1pUmSTQZ2s4S6pLBk1p_CskUGQarjzxT0QmRWMrHWEpynq7bhvZT1e9ARoW9CcxNkRLDbi-U-gk3pnswETFm635ZiVTtzNrwui3ZtF0-PCcD3Aj2f5E5902NoYyFg50DQTqZX4UhYssXXNFxDT3xvTIGgUEnewQa5ENs___oh2FmZnynZaFEl9miu4QTm-4X4qMYQ_yQIKxzukmFJSAarLaXyRYNHrE_W-WT-pWuUt7t4jnC2h8rOQ6qVwey8aVVZcobTVzjeMokr24optaYxOLbnC_8uddFa0gw4y2cO4lIjic-06U9ktHVCkKlgcoIrkRDPsniXXQawi4cMcuM98m8bweJJhIf2IohRNOL-NuEVrCOcvm6lyewb6BKDllrepJMAwvcdAOXwf1OZvxKVQ&cid=CAQSTADUE5ymuWQI8ShboBVL7Ft6wd0RRvWq27ANWr268V9JBP5KBo9YPcsWjFa-1sUJQ6Q-f1eE2pIubCNCJ3M_fB-fz7WhWSQtH5R-uJ8YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fdetiklife.com%2F&ds=l&xdt=1&iif=1&cor=17903662601260724000&adk=250412560&idt=29&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 22:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 22:32:00 GMT

GET
H2 200 index.html Show response
video.seenthis.se/v2/builds/gW3nQxzoY1r/ Frame 818F 8 KB
4 KB 10ms
3ms Fetch
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://video.seenthis.se/v2/builds/gW3nQxzoY1r/index.html

Requested by

Host: video.seenthis.se
URL: https://video.seenthis.se/public/tag-loader/2/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

176f0a6db16da47398e3edc4ef7bc6102e77f349f4ada23fd488e716d8bd2425

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 34KANxd36QrMN.oHN0dvqd75xxoVPYrA
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 07 Mar 2023 18:26:02 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: G6DW9XDM66B1ERX5
age: 48436
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: HIT, HIT
content-length: 3291
x-amz-id-2: NK2pCtjMaQxb7PxfycMGzTw4yvYI9qo61jeqXEuqh9dF6Pv3wIXTME891MjjNmOBGq921f9t8B0=
x-served-by: cache-lcy-eglc8600057-LCY, cache-qpg1245-QPG
last-modified: Mon, 06 Mar 2023 07:36:20 GMT
server: AmazonS3
x-timer: S1678213563.859833,VS0,VE0
etag: "b178fb5072542e45bf56fb70496723f2"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 4, 2

GET
DATA 200
OK truncated
/ Frame 818F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8e56803ea1ceb68f7e294695b5922fb18d21bbf7b41cf739d9f79ae3b5b8784

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CD63 22 KB
8 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 601002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:29:20 GMT
expires: Wed, 28 Feb 2024 19:29:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame CD63 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 21:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 21:57:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD63 0
20 B 7ms
7ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bb3KJuoEHZNiiMryLssUPj5Gv6AoAAAAAOAHgBAI&bg=!hIelh9PNAAbv3-2Ez987ADkAdvg8Wpc0c5pdIbJC4nB_GxTE2TLi2f8fbjYs_vfKi-Vat5G0E5bfIkwjoHwImP8b8YWg7ybzTEMCAAAAQVIAAAACaAEHCgCOp5zjhvoiuiOvCmcoKoGnTN26sL1r-7jNr6FWBzVQM0Xrw_KvsDJ8r2ZSXgL-cIZ9AGvY9DdmqSKJWfv0he7-u9jlcjAXzzhoObWKn3k3aTLAKA1-GKgeBMI-FOX5XCNYMrb1MM7xnnrGOLRfRT2O7lG9-5kAsYoCvv4fUn5mcuEDdX6-PDnkYwWM-51UcJkC5GfyWgFOJiuOlmJSY3N6gqk2wNcmJ0dhagE85n_20TSyeqATKrHwYJpBe_dukdj9tH6BG6omX7XjsLCMyFJg6HlB1hAfvYE8tymzJ-kJCY4S8yX_eOj-cTsNaUutf_X47M8FTYBrKFbzgfUjO-GROvwDwmp1Rj7VPZaJg9vVd38JHQlYi_iIGvTLk-zjs6-XvKCdK5fsq3twens9yAcLYE6TUay41b9sPdfk06rpSTYY0a1Oih0Az4L8f8jZs_nZLHZ_cmYfK3x7v6r4ISmSlsKZg6ukjvx2DPZOs51RPo1Kc9EcJ8riaaBQCBBWoi0AfFp9qXwrw_Q5fvyR82SHAw5cxeubmw3sj66TRMMR_pL6RoC1L_kdHposKMXuyRQh-36xwtYeXSXVoBVeJrjoip-ZjfO5TRZ-_gWJOy2TkoYXE6Gh2GnvQn-Uuuj5FqP8wGwZ4Mj-mTAK5xBw2wHXNBiLAb5fvmGbywdKaTsdcHLA4uvu_yEviGOgvuPWHG1Bbc0helZwGDIQ2JwtsXduVbSOzcqVU-j-KuV0rkKsAJU8rJ44vi5u8-h5XAi9jvhXhVD9k6RDL65PbEYD4KpsEszF-OHFF5gWB6s6h_KA9-w9qidi5gIBDGdCWnPE7N8bEKXRzTOF7_cQwGvp5j_Jj90XFO33r66jBvn10muXGmYbW_2GAGikGftjy1JlvkvJYZ5gyIq7Ti9QyCmVA2owWyzoq9D60G-XHbrXRGRfObm7FZvo4I_TxB1Hrzuy-xVE0VqmKeorZrA9nz5lrNfZIri4Uhbdg61ETMYOqgyOVh4G2m42-uF1hwTT5HG8VDm07xnBHLOhtNJYG2MD2Jxz99hkD0ZDqgc2SmrkpYwrENnUZ4FQvuNIx0Wz46DaZc4olST3Cv1mYNMaC0oPLOQvV95V8f_SNCb-x29vDIABe5zwrleVHMngPgtc-z-UGae7oAeWK1eJiUtbk3n2f3aPBSF4yYc0

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 7ms
6ms Image
text/html 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030201&jk=4322375392365731&bg=!WlmlWQ3NAAbv3-2Ez987ADkAdvg8WtdHUbXapE3w3U3GmyhVO_9t7HoYT-rQdG4UCc9Dg-S26awAJWbkEOuBHdyYyxGK8xaLxaYCAAAAX1IAAAADaAEHCgCmR7lhmdoF-oQ5R0j2hAg5h8y1PFudlMYMfjtnkS-JhQHL0C1td493h6QmWAvPR5IlfACe_gklw4ZBljoyQ-IyiFJ5lF6FLsL7NXgB0ofCVi9BIkseVb0wLJDmNt863OEJaW27HitJhIimdlZ-z3H7WGs7qriIcq29wi9B4pgZRjLpWtTT97qTBfEDKxfcLQlrXDSfrfxePVlnem-L9JPk4tbnF58FSpkCnhV3y1lODStA75CceDmO3QvR27C9nH_ebMWhB4WrQS5LsvoKLNZNWn8co_WV0-W6pStZK8bIDgXQcvDaJQtmNSiw4ya6h3lXxwsSVpjyHELqbatMLVkyY_aHpZre2HXRjCVKpMJcCV46gacPrPMyTK7UrOxWgE2cDf_dGzgtu5xtZsYX7ttacNiqoeW5B4YK83dOJjbnOGuPBq2AULhinZehmS6ASDfw_deUVcKYVzDi6kHtzuIz0Gomu-ivuHiO039GeHjRZAlY7trgBvYiC0yEGvvfJpMFuKjdQC1MW0XSOzwKOS28_O9eZcGpbZSo3b1ZsVelNJIAM6SrxdiH6aJyOBuW28oOAC7_-DlSfzl6pESYWcdD47Fm15KRS1eJ08LNMRUQ3zuWeQ8ldHTeeSnJOsYVKlNAwo2BkfZWyD5oSoM_dDlyT2ypDRNDBCiAmdg1-fzwY_UgsAAHvYsZ5Ybpx4y_gK0jQCFHnJqws817TaNjTNuRJJjTmJne2K8oukAG1IQzhT_Zn4M5eGcOMksabO4kYQLYNBMgSTAGNSASRcgZC6-d7XWVK6TqsaZ_wCOSvObtPWoi6IKyOygLbk9Pbye3jcxGuS06_fGAosPiUB3QTElsV5Yim6x9vwFWNaPhrnTA1LaR7FU5b9p1OfczaiMKSU4wlmTBVpP8ECq1Lsl1_pMG6K4oIUtieY2-d8uX9Tt2onIXDMUe4OgLJXBwqcJBHFwe2YxEsCnUpicIrhchzVSsxwBAwJWy6NXH0VBCjbIHNGODCFxx7WvnyhBWdnGFRVakUd6UzeEkfqYWhdWl4R_bw94mFq-b-DNQTJv7HaRTS1kfOJg1crqszgnudyz6e69wQ8uamgQesvyKkqF87h4stFfFSnKrgPE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 branding-ads.svg
optad360.mgr.consensu.org/icons/ 7 KB
3 KB 10ms
9ms Image
image/svg+xml 18.155.68.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optad360.mgr.consensu.org/icons/branding-ads.svg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/b7e4276a-f498-11e8-940c-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-13.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 16:06:02 GMT
content-encoding: gzip
via: 1.1 d4555cc532101371fed7b03db24c29be.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 8402
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: Jx6jjzG25jEbpRLOq5mzcgt12snEN9Ob0mPpX5C9he7iwMFRnrq5kA==

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 818F 42 B
174 B 12ms
11ms Fetch
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGG7vCTBkAoO4sSvLRPeEjNj5D0xixVfRk8iwOzCJ-HdpoFdMpDz9jAEdWiCRDVHVNy-CEoo4S-zG5px79Eu_MoCjLK35vv2Xl-lx_E6vRZkZGCnkL8UHCzyZH8dRyHt9deiU&sai=AMfl-YQ7I4IBH9hbtbGNj4LzVFrmsRiO0RVfZDRrHqLNpEqjlx52r0TK-l3oWMxBMPgC72tYx4rlrXgWJqgM0aI-EGcVxYjOPv38LjAsBlh5YpyGgtgI1InP9O61VHgah0miZiWTTx8xbkvSmnPtcg&sig=Cg0ArKJSzFz2Ks_UmA2_EAE&cid=CAQSTADUE5ymuWQI8ShboBVL7Ft6wd0RRvWq27ANWr268V9JBP5KBo9YPcsWjFa-1sUJQ6Q-f1eE2pIubCNCJ3M_fB-fz7WhWSQtH5R-uJ8YAQ&id=lidar2&mcvt=1014&p=150,315,404,1285&mtos=0,1014,1014,1014,1014&tos=0,1014,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2597575736&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678213562748&rpt=135&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 17ms
14ms Script
application/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=detiklife.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
13ms Script
application/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=detiklife.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 79 KB
25 KB 334ms
333ms XHR
text/plain 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4322375392365731&correlator=3794700956018797&eid=44761478%2C44785063&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=121764058%3A22530287535%2Cdetiklife.com_am_S2&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C360x300%7C640x180%7C640x190&ifi=2&adks=4077998006&sfv=1-0-40&sc=1&cookie=ID%3De6a34e8f6608a099%3AT%3D1678213562%3AS%3DALNI_MY9XTYLZt4v7uid-w3_hBHQPTCeQQ&gpic=UID%3D00000bd461b37f13%3AT%3D1678213562%3ART%3D1678213562%3AS%3DALNI_MbUZimTPO19TXqe0MBwSH-WRjpyqw&abxe=1&dt=1678213563917&lmt=1678213563&dlt=1678213562077&idt=374&adxs=464&adys=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdetiklife.com%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=132&ohw=1600&ga_vid=1856821047.1678213563&ga_sid=1678213563&ga_hid=197343775&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29411bc8f92a8dd46115b92aa002583b676360ed15e8d269cd99ce82c37b07b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25565
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://detiklife.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 314 B
163 B 399ms
398ms XHR
text/plain 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4322375392365731&correlator=3794700956018797&eid=44761478%2C44785063&output=ldjh&gdfp_req=1&vrg=2023030201&ptt=17&impl=fif&iu_parts=121764058%3A22530287535%2Cdetiklife.com_am_S1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C360x300%7C640x180%7C640x190&ifi=3&adks=4192259623&sfv=1-0-40&sc=1&cookie=ID%3De6a34e8f6608a099%3AT%3D1678213562%3AS%3DALNI_MY9XTYLZt4v7uid-w3_hBHQPTCeQQ&gpic=UID%3D00000bd461b37f13%3AT%3D1678213562%3ART%3D1678213562%3AS%3DALNI_MbUZimTPO19TXqe0MBwSH-WRjpyqw&abxe=1&dt=1678213563936&lmt=1678213563&dlt=1678213562077&idt=374&adxs=464&adys=698&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdetiklife.com%2F&frm=20&vis=1&psz=0x-1&msz=336x-1&fws=132&ohw=1600&ga_vid=1856821047.1678213563&ga_sid=1678213563&ga_hid=197343775&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b80ed77bc4bb8c0d4d0a262d46b962901dedad1c1e054e8d8ed029c759419bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://detiklife.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B1D 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://detiklife.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:26:02 GMT
expires: Wed, 06 Mar 2024 18:26:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 9B1D 22 KB
9 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 21:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 21:29:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B1D 8 KB
812 B 11ms
7ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Mar 2023 18:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 16:45:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Mar 2023 18:26:04 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 9B1D 14 KB
3 KB 27ms
4ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 12:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 12:54:59 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 9B1D 376 KB
128 KB 28ms
5ms Script
text/javascript 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 16:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:52:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 9B1D 20 KB
8 KB 9ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 21:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 21:11:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9B1D 0
0 50ms
49ms Image
text/html 2404:6800:4003:c06::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEVSeRXOfiBFb6SHhG4pGH2SR4-G03LnJqCqvqhY-aGK3QUzczZVJdoNswI9K9cIBLxHHayF0i5mki0VpRWiWRIdLzEQ
Requested by: Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c06::93 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 331ms
331ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9140a1f486fb57565f86b1e32fcf49fe9724963d85ab1efdce3d9b910bfb6921

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://detiklife.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:04 GMT
AN-X-Request-Uuid: 62a2633f-7051-4e91-a622-a9792950c784
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://detiklife.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 726ms
240ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://detiklife.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://detiklife.com
date: Tue, 07 Mar 2023 18:26:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 c Show response
prebid.a-mo.net/a/ 486 B
821 B 681ms
219ms XHR
application/json 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 033fe020020d8228dcae6dce88ba11420a8c1f50e96f89cc2852e11dcd4bd5b9

Request headers

Referer: https://detiklife.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Mar 2023 18:26:04 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://detiklife.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 260

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 111ms
38ms XHR
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=16059714965&lsavail=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://detiklife.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Mar 2023 18:26:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://detiklife.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 csi
csi.gstatic.com/ Frame 9B1D 0
234 B 320ms
4ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~leyl0xql&c=3416182227868&slotId=1708091113934&qqid=CI782dq4yv0CFQMVcgodsH8GYA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44731965%2C44752538%2C44776384%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B1D 15 KB
16 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 03:45:53 GMT
x-content-type-options: nosniff
age: 571211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 03:45:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B1D 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 06:46:05 GMT
x-content-type-options: nosniff
age: 560399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 06:46:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B1D 0
20 B 6ms
6ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CLfNRu4EHZM6yO4OqyAOw_5mABtP99N9upPWGud4QvPnJhrM5EAEgqoDDImC_BcgBBagDAcgDmwSqBJ0CT9DLNBg0K2Zjf0R66OqxDWhTeDWRXJJzM4O-INpBRMMKLKLDDFBAoeXy6rqefobr_iPe1E_Y230XiIw1nokEeZXXfGCq6bugE2fyxpitXgknb6ApOU-gXHUeI8ty8jUZlu5PwBSn56wU94Bfiq8jbou0safa8fX2R281HglHA9-JZOU4-sfofvuZq8Rs6o0qFHXNtfJVkZbyYGeKcQeivNXln0QVgLRCPjrgMrTAHgHCipcWREyLoQdJpj3KrOr_OP2SmKG8vg2zxTSzrgU7-K8vEUOesxK6KRdh1eLcN74bSThKZpnLynnV6c8buw2HFD7iHcw15vWO2INjoQY17EjnR5N7wSRA_0jDHLQqs1WfInUSI_t4A2JANaqzwAT-ipeumATgBAOQBgGgBnaAB4qwzWeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi03MjM2MTI3Mzg1NDQxMTAzgAoDyAsB4AsBgAwBsBPp77oSyBOy1N_hA9ATANgTCogUBdgUAdAVAfgWAYAXAegXAw&eventType=clickstring&clientTime=1678213564376&ai=CLfNRu4EHZM6yO4OqyAOw_5mABtP99N9upPWGud4QvPnJhrM5EAEgqoDDImC_BcgBBagDAcgDmwSqBJ0CT9DLNBg0K2Zjf0R66OqxDWhTeDWRXJJzM4O-INpBRMMKLKLDDFBAoeXy6rqefobr_iPe1E_Y230XiIw1nokEeZXXfGCq6bugE2fyxpitXgknb6ApOU-gXHUeI8ty8jUZlu5PwBSn56wU94Bfiq8jbou0safa8fX2R281HglHA9-JZOU4-sfofvuZq8Rs6o0qFHXNtfJVkZbyYGeKcQeivNXln0QVgLRCPjrgMrTAHgHCipcWREyLoQdJpj3KrOr_OP2SmKG8vg2zxTSzrgU7-K8vEUOesxK6KRdh1eLcN74bSThKZpnLynnV6c8buw2HFD7iHcw15vWO2INjoQY17EjnR5N7wSRA_0jDHLQqs1WfInUSI_t4A2JANaqzwAT-ipeumATgBAOQBgGgBnaAB4qwzWeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi03MjM2MTI3Mzg1NDQxMTAzgAoDyAsB4AsBgAwBsBPp77oSyBOy1N_hA9ATANgTCogUBdgUAdAVAfgWAYAXAegXAw

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9B1D 0
54 B 306ms
5ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~leyl0xqy&c=3416182227868&slotId=1708091113934&qqid=CI782dq4yv0CFQMVcgodsH8GYA&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9B1D 31 KB
16 KB 89ms
80ms XHR
text/xml 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DpLnTZ0_7UjiIpNTPBQSGf9HdrxTb9AkUPprPgpB-xmgYGOwOn9DjY8rZVx-ISO4WoJjFH0osgDWB3J59MmrmPHtWBZA&cry=1&dbm_d=AKAmf-Dr_Y3X9rxb19EjldNHum6IBjHY34hvapglLKrJGePHy__DLSHNIxTOPxDoGcd-lryQffb7NqWwb107Enhg8TGE-nZ_ME4Q2c_DFHLIwVGAIzHATh3vk3C-rnQNuA-g6ig2QfPafKGsdpNZGhdAMbuJq9vBhhn99MkKzStkqZAm3KsX5bA694ffrTpNOq9NgwvPXwNGUDJUzMahne1iM0Bn3aTcsEINsUp82gB8i1IyPJjNaNJZ4lKDwRPdZwQ1QD2NSP4h6Ym86vtasRTOQYS2skcfGc40Q4FKZ1KztTnWli1eB6BFiSOyKwMnKr1U2jEVvDmGRMsoEQCyvw7U-W1_ztAUaKos_iZvtW6hNxzisHTPhMh8TFQ1-Oyqjd7ukyKQCkJeVOeaNX2gGRrf1YiY1aJC3i2sI6oncKhk-Usm_spgS-VSjyD-LVcMv0y3Tium7N8QndnHY1Q-_P4U66WMiGWmYbBDWkyiUbFGwSySMGZOfRb12QzCsSToHgsme4c7TZuN3_Q2ITyaHDEtnVVLgHONdgg1XfzHYEiGkWM_lBkpebp7l22gMEb1GhUon-D-dx12h3HvKuQgX3RLKFz5MsyWJGL55zSZdmWrkttqqFp3-XmmxU0o268GCyVgn9O6H-mKribeY7ThghpIx2UOD0iQgpZYMf17cCfmjwPLcNKVx1OUly-HgyAY446WaV4dbnmfCg-5tUkVBt7CAtZHjGVD7yl539jHAPaTOGAtsRtMweqzdKeR0-YyGbDSkDyltENuqMjsXrWWfHTmeqNslzfk5G_DjKMUTewSpNaZp0XOqq4ALc5M1Ta2EULSyGXf0Ln8Dm3bLGK5YoSX4Zu7LVIJtNSYURE1JisA8p3N0RumizTukRMfu4_z4sE4wrC8LEobPkI0DAbEPDx_sjNeKYpBrJiExeG-vh27rRQAL-pPoy8kShCFwoaOJR0hrSQr_cvys7mM4XguXnMc5bRP8DLDt2ad2xjkvS0YzI5M-02ppZJ8OWdaNmh-PhvzsGhXdjBVw3Cb3z3OC0DOpavKm2Hr8rqXCrB3dC1N4bs-dhf2QojytbFvr972X7kHvmsQUkHrFfOKbp6QyT0jqRZWz-c7OBesJcplsgMdskKgUYLi27xqQhRkfIb8vQy8np_53bIheNEVEQjDU4QgThUjqple1cAT-GCMpXjMC_rJSnXn-sFJJjuXc5tvV-adlbme2lijIk-xpFA4a56X0i-5Kt-LnbiZVaFE0_oJ_rNxj2s8_ItZXs7EgHCpOkamPaAa-pQrlpJv_TVW6Hf19rG-9jUTG_PIVhbQxnGPQJFZiRX39xTbLO5G617aQMtertsTbzAHBhJQGGD9F1lbTJkUX3KzrL6YxJSKF0XBE-tro5TcNxVSIT81NuPkjapsF2Bhg185ixmvqsOSW4tz91rF-iV3KbyceD_J3JooctVLY2OOxEwG5ZqpfoTeTmj4MByGoek43H3tveMVrRqEF54K2ztjdgI2MZTfg5ExYmU7q9346DebewJh9v-Xx5FGU7BXttE44Rqntnj6Pj1aCnoTa27KZTllnLhth1S-9oGS6p1pedMV7H4EayzzROCfKkZOcJKpNCpN8K8QtpuIBgVv_Mrr6SGbX_wHwU61C0b9Y0NDI5kAuUFf5Z9Jp-xjuo7RDlAqXCYKWqGcl-u9oOJssr2f8hM3frLrYFfHR8H0yxKC5qWI2EfWLSbml-c_0pFSxMxCgmu8Rg3h7WYq3w7RLu_xY-YMYYcKfDRacPdxzZGnQcXu4lRMeZ7yZvWSPX-6l26Hfgx4GsnMQiUP0ZflaPRCEQYgkogKLmEE6FSKXe8xNJ5k48xfpt1tmiY5TkPAUkfb2vg_vOT5yamPmtzemZP6YnfUkSqZaamD8HHyeTQqJAOZdNRsm0YmeDONOZjYlE-RxAvbHYt85hQPoNTWmHOjIrU7Sws4_BaG6It6VcksldwmZCIsOLZLnJUCXE9bn4u7Zr-VIsANSO1H9Ko-Z4s9NF65mkwFZvWjtK7mGlZ5JlCc9Y9oEBUmOHTEuTi9iWW4mfck4ec6HGTKs7tc-mipoq2L_rWvFAqyWcd3MgL7FIsLEvhxELhzVMfMuo54lVoEvXsyK4c2oJw8kJHzJ573qi8uXOFHKYbQe59uI7r4eZZW_wEYqNqd_JaDU4-zukvKKdBX9tr_aW8VNtU7I-NzTIMHk8070gSzet7FP4ycmANCp5rE5DhVRO04aqqXdQ5SFNNZ1AYdK7R3prFfsUedSlyC_1MQifBNFb0k63U-jQnn7T36y5Pp8v9AY3YBC-WFM3nOrMnti4M3R7qV-zGD0SbJu0KKm1rIKM2_ywbEG5_ksJHoRtcdxppLiwNhGqtwUr44HI1m239RDonaOobkDVyUQCGHC5i45weN6Sxd7LTMFWFD1s8Eyo5uYrHCl_nvA1RFOtsOWp54yz8PbR1C1TQH9eIg7ryUu63mst06FK9TYgL-e9BlEKJu-EHAeN3ldSrbkeTPzcXlhXWIJ0JXC4iUsHjB1H7CzTtMtt63NRCW3FSUpQ2iysE8cB2aDsnPYd2SGGoSKH62NirDWDGlvv4i3007sJUK1NyDAWJHSyAHWjbqSNppWxuzY_jCPDP3M7u0KGhnBngRR8IUXoHoQN1iQOOOLzi2VXf-vFNqRLEIaGJ0dZvf4XVmpKoerIWkXsVJ6COtWd-HXqyRMy-H-lOjS4Msyqz4OJbMEUubvSbqiPfUfYroSFWSarT78WiJ6_SDN63o5evvPlakN-8h8o19a43ZM8N5_8jKzX-iDkBSLM3575fQvp-uBD_2Cfo8i3JBscNjvfm1yqGl8eMqmO4dnqXNyl8g7ZzEl9eIZD1KVoYynHN3R6HkUFlwNs3kewHBEURs2fU4EGgCuK-qZ82vVBPhIfVzMuKsDBUNExOEBBoUwxAJT68bWKI8vSa7sr5llmnlDXaRJnz33eR3-HvoUPBzh1wRv3QPWonFdmaJE2gSjmx81fF8-JxpTnJFW1Ima6V9GelNK5M_jfPgEYRc0XyTO0hA34UFoVGJUJotX_HuyFynaMC946a5X0dvAHfW74VSlL2FS9Zr5my9R69w7KaPO9HqN_4AG7JmvLfcRHaDb6xAsefFfK2Tfp1kQiq0wcOKg0L_vxF2FU4kjgk2mV0zvlwG9HiBvHsveSNlkU40_OH7z5cl7W-xzq7bz0RACkXJbssx4jsxe9NsPuAUNs4zXxLEnFmGblblTW6h5Z75WPXsa5NB33GYkavPsBgPlKAzeqWai0KK24xv_LHpS9iyncks9eoAMYymI9etzQcIITDuXeU8SeGkLlTFfg0O-P2sR2xsukcjNn6MjedcRTHSDa86SO27oImm8kLLG31pFRXyU3QC0n3_uc-b7jpLeghDPUSMSgBUPQU5bec8IEdp-gcMyYj6Oa96IYKCdB09WyYeGp2JDRGvxXUVNjbbLuhfbSwgAaSaeknU98m4ov7PE0_KQbWNxbWbL3uHd6ptWqaMhBFpTsvI1btw72IrgBFPnL2V9-40PVyKEWvklf_D61RAH8J2qFh9PJK4s-oRDcXcpAk5sdS8uoUGfpqxTMfYCnVmPxHtwWkzKg&cid=CAQSPADUE5ymT7PFiDOb0XTd6eXRkCFgu8cZzCjMbuoE9Ipd-taER8mntw8CweCxWcUy8oNZA9vx0yDk3GymmRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

b64afbfae0d19876559093bfe8bd1ec9e9db3fd40d272f1b31fcae3199f02240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16415
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9B1D 0
0 9ms
8ms Fetch
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUDvEu4EHZM6yO4OqyAOw_5mABtP99N9upPWGud4QvPnJhrM5EAEgqoDDImC_BcgBBagDAaoEmgJP0Ms0GDQrZmN_RHro6rENaFN4NZFcknMzg74g2kFEwwososMMUECh5fLqup5-huv-I97UT9jbfReIjDWeiQR5ldd8YKrpu6ATZ_LGmK1eCSdvoCk5T6BcdR4jy3LyNRmW7k_AFKfnrBT3gF-KryNui7Sxp9rx9fZHbzUeCUcD34lk5Tj6x-h--5mrxGzqjSoUdc218lWRlvJgZ4pxB6K81eWfRBWAtEI-OuAytMAeAcKKlxZETIuhB0mmPcqs6v84_ZKYoby-DbPFNLOuBTv4ry8RQ56zEropFznUeCmkLF3bj-X12kVZCjYLxchZFzzuFlnPoRbsJYfxm_Y75B1XkFptvWNE0br1mwOTngar4AWpNpxFEtZOBsbABP6Kl66YBOAEA4gFhY7T-UiSBQYIAxACGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4qwzWeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCY7wgYi6rf3gHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTcyMzYxMjczODU0NDExMDOACgPICwGwE-nvuhLIE7LU3-ED0BMA2BMKiBQF2BQB0BUBgBcBshceChwIABIUcHViLTIzODIwMTI1MjI5NzkxMDgYku8h6BcD&sigh=ZvQ8Uf2lsbw&uach_m=[UACH]&cid=CAQSPADUE5ymT7PFiDOb0XTd6eXRkCFgu8cZzCjMbuoE9Ipd-taER8mntw8CweCxWcUy8oNZA9vx0yDk3GymmRgB&vt=10
Requested by: Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 68AE 1 KB
643 B 4ms
4ms Document
text/html 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 57956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 02:20:08 GMT
etag: 48472445140208031
expires: Wed, 08 Mar 2023 02:20:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9B1D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93f680a68ec3ffe1ca8dc0430b6d03f049dd697d93617931df028303eb78bdbc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 68AE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGaKCKMO8qUkItuyhiygImg&google_cver=1&google_push=Aa02lx-HxCyQxM2UMQHowymZKd8cMybJoujw5NWXSfJmln-IUrQppNi0d-sOCGt3PrHoNvk0HuDcXkWT6xW08kw_dDKZviCujnXDV...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkxMjA3MTYxODM0MzUyODA4Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGaKCKMO8qUkItuyhiygImg&google_cver=1

43 B
398 B

1479ms
34ms

Image
image/gif

2001:df2:a300:bbbb::135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGaKCKMO8qUkItuyhiygImg&google_cver=1
Protocol: H2
Server: 2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Mar 2023 18:26:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGaKCKMO8qUkItuyhiygImg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 68AE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBi-eqTlDmtZztxuai4Cqp4&google_cver=1&google_push=Aa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBi-eqTlDmtZztxuai4Cqp4&google_cver=1&google_push=Aa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka...

43 B
418 B

198ms
188ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBi-eqTlDmtZztxuai4Cqp4&google_cver=1&google_push=Aa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a44e27b1de0409e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 616
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBi-eqTlDmtZztxuai4Cqp4&google_cver=1&google_push=Aa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-IGMIa15X6UZw7NKpAK3vfDUVNB1OJfCAksP7vDVbx0bjRoPHl0CYbUcRSNK-c3FYJHgKYcvDRomjSrfkQ4hGakWANJka0Z5m9n0zDKLNBgZL3pFrxp6K40n5MH-JTuYkgLksun4mJfy4f_t9S6K0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a44e279dd06409e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68AE
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESELEcMuRPW2mFlP6O6LqERMo&google_cver=1&google_push=Aa02lx-2buAUbzUAtCLyUV-0uHRcUmI0OZIbcQ0FrvXJtCpHvCLk9I-XXWnJ07uZQ9Y4JPMdLL0ALAa...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx-2buAUbzUAtCLyUV-0uHRcUmI0OZIbcQ0FrvXJtCpHvCLk9I-XXWnJ07uZQ9Y4JPMdLL0ALAazgBPfTD5q-joG6k96kpD2N0eoGizJGbwBP4mhccNP2N2BKR6x...

170 B
188 B

8ms
8ms

Image
image/png

172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx-2buAUbzUAtCLyUV-0uHRcUmI0OZIbcQ0FrvXJtCpHvCLk9I-XXWnJ07uZQ9Y4JPMdLL0ALAazgBPfTD5q-joG6k96kpD2N0eoGizJGbwBP4mhccNP2N2BKR6xpEKQ8wo0-7cnPxJK2iZmp489sA&google_hm=UgqBomQ3QNK5ab8IHCBZ5Mw

Protocol

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aa02lx-2buAUbzUAtCLyUV-0uHRcUmI0OZIbcQ0FrvXJtCpHvCLk9I-XXWnJ07uZQ9Y4JPMdLL0ALAazgBPfTD5q-joG6k96kpD2N0eoGizJGbwBP4mhccNP2N2BKR6xpEKQ8wo0-7cnPxJK2iZmp489sA&google_hm=UgqBomQ3QNK5ab8IHCBZ5Mw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68AE
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEN1GyFXuclHQzBUwFyrcyK8&google_cver=1&google_push=Aa02lx-7gyOsVPYS9MjkmBjrxxuAmGuqALbYzhaPgSgcTxLH_WuHIt7kJZj908ogEPndgcuMNDqWjZ_jjRQlVxpn-OpvXdtb...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=Aa02lx-7gyOsVPYS9MjkmBjrxxuAmGuqALbYzhaPgSgcTxLH_WuHIt7kJZj908ogEPndgcuMNDqWjZ_jjRQlVxpn-OpvXdtbukvQDg1xPihHEE9iEDcsdqp1pJwjOoMQ_zzDV3...

170 B
188 B

9ms
9ms

Image
image/png

172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=Aa02lx-7gyOsVPYS9MjkmBjrxxuAmGuqALbYzhaPgSgcTxLH_WuHIt7kJZj908ogEPndgcuMNDqWjZ_jjRQlVxpn-OpvXdtbukvQDg1xPihHEE9iEDcsdqp1pJwjOoMQ_zzDV324bKppqzMjdCuk7AlgaEs

Protocol

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=Aa02lx-7gyOsVPYS9MjkmBjrxxuAmGuqALbYzhaPgSgcTxLH_WuHIt7kJZj908ogEPndgcuMNDqWjZ_jjRQlVxpn-OpvXdtbukvQDg1xPihHEE9iEDcsdqp1pJwjOoMQ_zzDV324bKppqzMjdCuk7AlgaEs
Date: Tue, 07 Mar 2023 18:26:04 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEGRt-DRHPRipgN2qWBZi0WA&google_cver=1&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEGRt-DRHPRipgN2qWBZi0WA&google_cver=1&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZA...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIf...

170 B
188 B

9ms
9ms

Image
image/png

172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIfwg7at5KOdRV1kL55IvDzImd4-6bqA&google_hm=wKpO1kapQ3K6yCW8uOiLjg==

Protocol

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIfwg7at5KOdRV1kL55IvDzImd4-6bqA&google_hm=wKpO1kapQ3K6yCW8uOiLjg==
Date: Tue, 07 Mar 2023 18:26:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68AE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UolZY8hgQ5qXkyfKaKSymw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

11ms
8ms

Image
image/png

172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UolZY8hgQ5qXkyfKaKSymw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-UOo9WbDNcC2zXnQRrq-xGiKXmO8TtYfHbXn4Rpfi28U4hPuuK9C7fnUOe01HPWLTb92B0B719iym7-WfP5xYe33bTntAd9sLP6EprWME4FKA5NUBzNjXIDXmq438f6I9nK3a_l9PGfWldI1Jz0-w

Protocol

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UolZY8hgQ5qXkyfKaKSymw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-UOo9WbDNcC2zXnQRrq-xGiKXmO8TtYfHbXn4Rpfi28U4hPuuK9C7fnUOe01HPWLTb92B0B719iym7-WfP5xYe33bTntAd9sLP6EprWME4FKA5NUBzNjXIDXmq438f6I9nK3a_l9PGfWldI1Jz0-w
date: Tue, 07 Mar 2023 18:26:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 68AE 42 B
233 B 735ms
240ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEE5UyCei0MTxXZHVuSX7H3w&google_cver=1&google_push=Aa02lx8UNa7bvViSMp5aRfgNnaDOe5gVZk7X8KcSlQa_9l4EX4B5rBqyLFuOjZ4AIsQ_1nEFKOWo54GN6g37cepfPe-KFRTDKP1BeSf9hpHoEms4r3vc0Fz0bSuxqJuiYZHY7rwRqUBzCgfA6ZtA6sqcd5A
Requested by: Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Mar 2023 18:26:05 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 68AE 0
12 B 10ms
6ms Image
text/html 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1OVbNIxRGogdXMrzsQMxwCDiciEjOM04Q3hrSC7EF9uqAv6Dq615skp2xPgI4uAfHU93Slw

Requested by

Host: 8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
URL: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 9B1D 0
54 B 211ms
5ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~leyl0xrd&c=3416182227868&slotId=1708091113934&qqid=CI782dq4yv0CFQMVcgodsH8GYA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B1D 41 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 01:09:31 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-npoe7ns6.c.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9B1D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-npoe7ns6.c.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

35ms
4ms

Fetch
video/mp4

2404:6800:4003:1e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-npoe7ns6.c.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34522BCD57DEDB6E8704D1135D368D3D2A7C96CD.1FC66AE1753CB28E86F71725B208F0734ACD0735/key/cms1/cms_redirect/yes/mh/-1/mip/2001:df1:800:a004:1::4/mm/42/mn/sn-npoe7ns6/ms/onc/mt/1678212539/mv/u/mvi/4/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2404:6800:4003:1e::9 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 07 Mar 2023 18:26:04 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1951244
Last-Modified: Tue, 17 Jan 2023 18:06:33 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 07 Mar 2023 18:26:04 GMT

Redirect headers

date: Tue, 07 Mar 2023 18:26:04 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
location: https://r4---sn-npoe7ns6.c.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/34522BCD57DEDB6E8704D1135D368D3D2A7C96CD.1FC66AE1753CB28E86F71725B208F0734ACD0735/key/cms1/cms_redirect/yes/mh/-1/mip/2001:df1:800:a004:1::4/mm/42/mn/sn-npoe7ns6/ms/onc/mt/1678212539/mv/u/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E70F 23 KB
9 KB 7ms
5ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 315262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Mar 2023 02:51:42 GMT
expires: Sun, 03 Mar 2024 02:51:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js Show response
pagead2.googlesyndication.com/bg/ Frame E70F 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 21:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 21:57:35 GMT

GET
H3 206 file.mp4
r4---sn-npoe7ns6.c.2mdn.net/videoplayback/id/0bbc7e98a809636c/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709749564/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9B1D 2 MB
2 MB 9ms
4ms Media
video/mp4 2404:6800:4003:1e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:1e::9 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b9a6e00b876da6552b01ddb38ed63f86b61e93881e0ff8d66a85a61aab6a32fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 07 Mar 2023 18:26:04 GMT
date: Tue, 07 Mar 2023 18:26:04 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1951243/1951244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1951244
last-modified: Tue, 17 Jan 2023 18:06:33 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E70F 0
20 B 11ms
10ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOYLcvIEHZPquHKSBrtoP_biFqA8AAAAAOAHgBAI&bg=!eHuley_NAAbv3-2Ez987ADkAdvg8Wo1FR6en8dU2-2KKTr_lNHz0pi7lPUD48a0Gs8pThFyLIcKG2DLbE8vGsgXBJqnfwEwtKEsCAAAAVlIAAAADaAEHCgBx_psEXjahSpe9W_Bl2EYCh_YUe30cAUO6JyBjKOc-1KDP1cyZGV1k3e8qJklSmPxbWrYecXkChQJLkiiftmgmrB7aAGHKIhljghvwx7mqbX4SNIhp1fXIHH26SbIY2_Ei8ISdn0MCbTd7K1HXHCBs0seZAucLV3CwI0Zw-nzwQw9fIs5FAvEUr4VklR07FU6rUMdxavrOM8pWu6fc3yydFJAMyZ_ivPIMYPl4YYX-vwWpyMPoCwFLrf_xAW3oF52JZWxjBzdwTTC4YD6GAv7YFuSpg1vLtamTt0GnaWnCJZuOUoLgEZ5PFDvC6kZcyoyNX0Z2vExHFP2dbB3VpJJnzIv-ZLL7nRfJqW7jyKR3M5lS1pYXUL217b1mQk76bcg0zJz2M2sOiQ92TNzPklXziAqA_R_jelKqZwO6_xHV7vlrot4pBNitMtoHFEiHfJqpTpTSAxFqWdsGJjhUoFNrH2SBhVXJTkcsPyF3eMNAt9zYA8adoUydqfBxhqLa3m-mfacnELjz9rYtJehpndYvmniRiFCokQGG9ssg4rmKpAaxXUQjIrZcoGjpXqe9y_4j_fV8zvp0CHA6PdPc-wP9j_iARsw9vv_2zovVvv6yrKEBXDgKyTjN2UXlLSrUrdJES3lFW_Bg5nvJH2qGPUw9KJ-WLrwaeFauiSnDGCCB6O3OFGJA2t4wOMO3_Mf34ae3r4gDxCD-oYdR-zd1wu8xjN-GTbG8Gp3ogow6Uj8b-x8L3MpFhFO4ckdbcd4t07wS3r9w8FYt-0852MMS9N-rT5DwUIaFwgBDGub2QtgGifYlit4QP9-gZ-OyWNyD5KGPYUs8vzx4HF2o9XUTKMlmpPE10tQ9bHAKS6KiNoS57FwIPEXwLMsGtcmDMnwdl7-7tIRigWVjxg6dpcm7H34MrNTuis31WcX9rNK13QZU7MagkSCRWPU3q1C4OBx6Z2057In0-p64j4nXZWUBGPsx1jduFyyMiDjOsA2aze3CdsUsWnKw3i-c5KfEC6_KH2isyFBUY5GKv-M9tVLXyfGZOGNWz61Ee9hhZ0D-X58AgFn2vf9rZmSrgkGIPgpkueWWVdvRxI5sdR0OdzcNjwmpbtValmKUDkvX9y_Kgsq20B3HoLnMoCHYwBSUUg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 818F 0
20 B 5ms
5ms Ping
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=793857569444&version=m202301230201&ct=77&x=1&cor=17903662601260724000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 17ms
4ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:26:05 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FDD7 15 KB
6 KB 104ms
35ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=detiklife.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://detiklife.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 18:26:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 354108
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 11ms
4ms XHR
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://detiklife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 18:26:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Mar 2023 18:26:05 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FDD7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=detiklife.com&sn=ChromeSyncframe&so=0&topUrl=detiklife.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=pdI-HXxlN0REc3pHVlVmcEpBQXRzejg5ajJLUldNRkNMUEpSaDFJeVRaVm9Za2o0S1ZxTEZnb09iVm5pdjkwdm1UdlVhQWRpemRZZXVEcnQ2REd1R1RwQVdJTEM1TkREQWZBQlVSUlFiK1RiUkNOMnNEUHhSRWlSOHNqTT...

412 B
644 B

20ms
6ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pdI-HXxlN0REc3pHVlVmcEpBQXRzejg5ajJLUldNRkNMUEpSaDFJeVRaVm9Za2o0S1ZxTEZnb09iVm5pdjkwdm1UdlVhQWRpemRZZXVEcnQ2REd1R1RwQVdJTEM1TkREQWZBQlVSUlFiK1RiUkNOMnNEUHhSRWlSOHNqTTYyV0hyd3pUMklYaGw5K0tpK3UyZ1htUVdybTRSRytHQ2Y1VXZJM3EvdlF6S0VheGlsbkZIVHpmSUVka2txWWJqUDhQZTR4QUJ1Z0VKODRHWWJLQVRUdVcwQnZMYnE5TTgzczg4VWZURklKcEQyaVRyM3VLWllWdWxORWZDc253eFdtcWdhdzkwQVVINW45aUQ0Z0VnV2htZDd6SlRYQT09fA&cppv=2

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

fcc1a32b223db9e7468f30acf6257fdd697f7726bfd341aa5afd72f5b4d51a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2112566
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pdI-HXxlN0REc3pHVlVmcEpBQXRzejg5ajJLUldNRkNMUEpSaDFJeVRaVm9Za2o0S1ZxTEZnb09iVm5pdjkwdm1UdlVhQWRpemRZZXVEcnQ2REd1R1RwQVdJTEM1TkREQWZBQlVSUlFiK1RiUkNOMnNEUHhSRWlSOHNqTTYyV0hyd3pUMklYaGw5K0tpK3UyZ1htUVdybTRSRytHQ2Y1VXZJM3EvdlF6S0VheGlsbkZIVHpmSUVka2txWWJqUDhQZTR4QUJ1Z0VKODRHWWJLQVRUdVcwQnZMYnE5TTgzczg4VWZURklKcEQyaVRyM3VLWllWdWxORWZDc253eFdtcWdhdzkwQVVINW45aUQ0Z0VnV2htZDd6SlRYQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 312434
content-length: 0
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 9B1D 0
54 B 5ms
4ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~leyl0xu1&c=3416182227868&slotId=1708091113934&qqid=CI782dq4yv0CFQMVcgodsH8GYA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=890&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 18:26:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
detiklife.com/	1970-01-20 10:20:18	Name: __oagr Value: true
detiklife.com/	1970-01-20 10:53:25	Name: _pbjs_userid_consent_data Value: 6683316680106290
.detiklife.com/	1970-01-20 18:55:49	Name: _sharedID Value: e5544c8c-bb3a-4a42-aef5-ed7ab99db207
.mgid.com/	1970-01-20 18:55:49	Name: muidn Value: n272Z-msegqa
cm.mgid.com/	1970-01-20 10:53:25	Name: mg_sync Value: {}
.mgid.com/	1970-01-20 10:10:15	Name: __cf_bm Value: inZ85vIF4x_puOaSMrtKQVRjDNV8yY_vrplRLTOo0A8-1678213562-0-ASOTQjTpvZr4wt39GH8o+sQfrV40upk3a4fDZf7jP5O3ZOc94+pk+IIpsFucJF0leVHffKzzWdjDUNkvpzTE2PI=
detiklife.com/	1970-01-20 19:46:13	Name: muidn Value: n272Z-msegqa
detiklife.com/	1969-12-31 23:59:59	Name: _GPSLSC Value:
.detiklife.com/	1970-01-20 19:31:49	Name: __gads Value: ID=e6a34e8f6608a099:T=1678213562:S=ALNI_MY9XTYLZt4v7uid-w3_hBHQPTCeQQ
.detiklife.com/	1970-01-20 19:31:49	Name: __gpi Value: UID=00000bd461b37f13:T=1678213562:RT=1678213562:S=ALNI_MbUZimTPO19TXqe0MBwSH-WRjpyqw
.doubleclick.net/	1970-01-20 19:46:13	Name: IDE Value: AHWqTUlNC4ijVu2mSZTYv6Ijo4M6DIMbDteoQYChBIffXlCljzXVZDTy2zbXOjXo
.casalemedia.com/	1970-01-20 18:55:49	Name: CMID Value: ZAeBu6vN-cLivY9l5nYKBQAA
.casalemedia.com/	1970-01-20 12:19:49	Name: CMPS Value: 4877
.casalemedia.com/	1970-01-20 12:19:49	Name: CMPRO Value: 4877
.adnxs.com/	1970-01-20 12:19:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImTH=n8!@wnfH8K6pQK`!5=E<L5?%L[/m-x:YgJ<Fida+ye)9D2lJ4v0?ifmDbIR-f%nugO%v4VB%nnT`*%gn#
.adnxs.com/	1970-01-20 12:19:49	Name: uuid2 Value: 3029704806332194896
.pubmatic.com/	1970-01-20 10:11:39	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:55:49	Name: KADUSERCOOKIE Value: 52895963-C860-439A-9793-27CA68A4B29B
.ctnsnet.com/	1970-01-20 18:55:49	Name: cid_520a81a2643740d2b969bf081c2059e4 Value: 1
.ctnsnet.com/	1970-01-20 18:55:49	Name: gid_CAESELEcMuRPW2mFlP6O6LqERMo Value: 1
.turn.com/	1970-01-20 14:29:25	Name: uid Value: 7912071618343528087
.bidswitch.net/	1970-01-20 18:55:49	Name: tuuid Value: c0aa4ed6-46a9-4372-bac8-25bcb8e88b8e
.bidswitch.net/	1970-01-20 18:55:49	Name: c Value: 1678213564
.bidswitch.net/	1970-01-20 18:55:49	Name: tuuid_lu Value: 1678213564
.adnxs.com/	1970-01-20 12:19:49	Name: icu Value: ChgInrpbEAoYASABKAEwvIOeoAY4AUABSAEQvIOeoAYYAA..
.bidswitch.net/	1970-01-20 10:10:13	Name: google_push Value: Aa02lx9ZVhiizVBlaMLzCQLY6OiKLeTXWBzKHji_ZuapetraNftOxHxIrWILkGIMvakujtcWQsma4WmJEZAnW4ml_k79muw5EYpoojKcXlnjmxAmLmKtUp3gmweIfwg7at5KOdRV1kL55IvDzImd4-6bqA
.tribalfusion.com/	1970-01-20 12:19:49	Name: ANON_ID Value: aPns6EwZcF1foXarpfrgP9nFVPLg8Zd12ofuUTiIWY6v6GbyUbt61JQZcZdZbAsScwl8ZclCKsn5DY77Zat7pG3oU3b
.prebid.a-mo.net/	1970-01-20 18:55:49	Name: __amc Value: 1_1678213564_1678213564
.a-mo.net/	1970-01-20 18:55:49	Name: amuid2 Value: f9332401-54c3-4eba-98cd-7bf885e2ea0e
.prebid.a-mo.net/	1970-01-20 18:55:49	Name: sd_amuid2 Value: f9332401-54c3-4eba-98cd-7bf885e2ea0e
.criteo.com/	1970-01-20 19:31:49	Name: uid Value: ce6ccc91-b56e-436a-a17e-ee9c7a4ab586
.detiklife.com/	1970-01-20 19:31:49	Name: cto_bundle Value: fUeziV9adDVEbmJZR3BiRlBIenZnVG9ma0lUOWl2MTlueHkxdFhyakVYTWpJNDJYbUd4QzVrdVhJZGdRY0k5S05WRGkyYXJTNG1leDFFZ0hLRXB4TXRGcUFHOWc0cHl5cnVjNTRCSW5tOTU3cGFKWlY5b1hreGZLYk0xTkJsWGRSR1J0V0Vkb09zcDRPY0lEcHNMZk1YelNjS3clM0QlM0Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a501b4184823442b25257b7b3fa9943.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.com.sg
bid.g.doubleclick.net
bidder.criteo.com
c.siteswithcontent.com
cdn.jsdelivr.net
cdn.siteswithcontent.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
csi.gstatic.com
detiklife.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
mug.criteo.com
optad360.mgr.consensu.org
pagead2.googlesyndication.com
pixel.wp.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.turn.com
r4---sn-npoe7ns6.c.2mdn.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
securepubads.g.doubleclick.net
static.criteo.net
stats.wp.com
tpc.googlesyndication.com
v9999.adv.admeme.net
video.seenthis.se
www.google.com
www.googletagservices.com
x.bidswitch.net
104.254.148.252
128.199.144.56
139.5.84.243
145.40.89.200
151.101.2.133
172.217.194.157
174.137.133.49
18.155.68.13
18.181.21.138
182.161.73.136
185.184.8.90
192.0.76.3
192.0.77.2
2001:df2:a300:bbbb::135
216.239.32.3
2404:6800:4003:1e::9
2404:6800:4003:c01::5f
2404:6800:4003:c03::5f
2404:6800:4003:c03::84
2404:6800:4003:c03::9b
2404:6800:4003:c03::9d
2404:6800:4003:c04::9a
2404:6800:4003:c04::9d
2404:6800:4003:c06::65
2404:6800:4003:c06::93
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::84
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2600:9000:223b:3200:11:a4de:2580:93a1
2600:9000:23d2:1600:6:b871:4f00:93a1
2606:4700:1::6813:884e
2606:4700:3032::6815:4529
2606:4700::6810:5514
2606:4700::6812:18ad
35.186.193.173
35.213.12.39
64.58.116.142
67.199.150.81
033fe020020d8228dcae6dce88ba11420a8c1f50e96f89cc2852e11dcd4bd5b9
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd5c7cbe25fb86e09667c6b1b133322bcd603decada02c531507c3b758a27b9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
176f0a6db16da47398e3edc4ef7bc6102e77f349f4ada23fd488e716d8bd2425
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2506dbc742800f1ab10510050c2032e00d295642673cc9bdc7ca35984fc84207
256a361ec392ca14cfc4694a06179f162e82bca34a5c27388f549a91869b0258
29411bc8f92a8dd46115b92aa002583b676360ed15e8d269cd99ce82c37b07b1
2f840763a07b5312fc63528256e33b2b0c49ba19d3ff5a2167d3496236f0afc7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34559a296b0f9cdd8f06a7a1a68a1bca2dec8ad64521736bfb379b716116d8b4
34c7cdcbdedffdb995624a957de5af1ca82775b7db5e453889971c5a5415f3fe
44c8e11da0a49d471a7db7e26b14a269f0135efe923a8c158d3cdad73720a62c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4832a8317442bde5fb0b6d3190b8ec7416f341ef56a07a7b1d8e06ea302b164b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60cbb6a77e1a86740af6eb5d1978fc37e199abe8e2ac08cac1a609d237cec5c9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67d8f00d442f5c27bc4a9cd4d9a9414a7fc888124c49b78bee26719ecf92ce52
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a4890820a861bae31d7753cd93e7a8e1693e2cbaa81fcd9c342447de9618440
6b80ed77bc4bb8c0d4d0a262d46b962901dedad1c1e054e8d8ed029c759419bd
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
7c598d6dc2f040f82c608cb1ef063629ad52ade976a354e578cfab5f2fbb428d
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
8bbc25cd08ef0fa3c8fce180f4070275e76f05b43125d7e254038fc6a62c302c
8e75286dd17c2f55dcb3cb2da68988c6cb79437cc0a0c591ad9aecd20e566d0b
9140a1f486fb57565f86b1e32fcf49fe9724963d85ab1efdce3d9b910bfb6921
93f680a68ec3ffe1ca8dc0430b6d03f049dd697d93617931df028303eb78bdbc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d2710aeb5a90d21b5819209290a4bebed88523974caa2ef833ce3424dcbc0c0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8bd4c7d8cc6a69b3929b481fcf073dbb8df9c3df05d0ce6af3bad364650c0e4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b64afbfae0d19876559093bfe8bd1ec9e9db3fd40d272f1b31fcae3199f02240
b8e56803ea1ceb68f7e294695b5922fb18d21bbf7b41cf739d9f79ae3b5b8784
b9a6e00b876da6552b01ddb38ed63f86b61e93881e0ff8d66a85a61aab6a32fa
bc3da9a8e006803d5569cb268ee2b8e79fd6fc82a77c616be674b4bf8d21d5f3
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bfe70b53ab429e19700d2c67f17bf3322245d736721e40f0cc1b472d33b27e07
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b
d96ec630bc042285017e44862ae2c662d543d36e26b3f1cc5def9372b1185d2e
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb3ce2d7b526ca5f936bcb6f88b2e0d4144988d8740aec131cc138e1b14a9310
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcc1a32b223db9e7468f30acf6257fdd697f7726bfd341aa5afd72f5b4d51a92

detiklife.com Open in urlscan Pro 128.199.144.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

88 %HTTPS

55 %IPv6

29 Domains

46 Subdomains

36 IPs

5 Countries

3054 kBTransfer

5151 kBSize

32 Cookies

2 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

detiklife.com Open in urlscan Pro
128.199.144.56 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

88 %
HTTPS

55 %
IPv6

29
Domains

46
Subdomains

36
IPs

5
Countries

3054 kB
Transfer

5151 kB
Size

32
Cookies

104 HTTP transactions
3 data transactions