groupda.link Open in urlscan Pro
172.104.56.139 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://groupda.link/
Effective URL:
https://groupda.link/add/
Submission: On November 04 via api (November 4th 2023, 8:12:26 pm UTC) from US — Scanned from SG

Summary HTTP 113 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 27 domains to perform 113 HTTP transactions. The main IP is 172.104.56.139, located in Singapore, Singapore and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is groupda.link.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time groupda.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 21	172.104.56.139 172.104.56.139	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
14	2404:6800:400... 2404:6800:4003:c0f::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c03::61	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c1c::71	15169 (GOOGLE) (GOOGLE)
2 8	2404:6800:400... 2404:6800:4003:c01::9c	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c11::9b	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::70 2620:1ec:46::70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2404:6800:400... 2404:6800:4003:c01::5e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9b	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f20... 2a03:2880:f20c:3c1:face:b00c:0:167	32934 (FACEBOOK) (FACEBOOK)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
13	2404:6800:400... 2404:6800:4003:c02::84	15169 (GOOGLE) (GOOGLE)
1 4	2404:6800:400... 2404:6800:4003:c0f::69	15169 (GOOGLE) (GOOGLE)
1 1	139.162.40.113 139.162.40.113	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 13	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1 1	18.177.11.95 18.177.11.95	16509 (AMAZON-02) (AMAZON-02)
2	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1 1	35.73.149.224 35.73.149.224	16509 (AMAZON-02) (AMAZON-02)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1 1	23.59.80.153 23.59.80.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	35.247.47.28 35.247.47.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	54.209.88.56 54.209.88.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	150.95.47.242 150.95.47.242	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	183.79.248.252 183.79.248.252	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
4	74.125.130.157 74.125.130.157	15169 (GOOGLE) (GOOGLE)
1 2	20.125.62.241 20.125.62.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
113	23

21 172.104.56.139 (Singapore, Singapore) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: vsrv506.armadaservers.com

groupda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4003:c0f::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c1c::71 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c01::9c (Singapore, Singapore) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c11::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::70 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c01::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f20c:3c1:face:b00c:0:167 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

pps.whatsapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.whatsapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c11::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c02::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c0f::69 (Singapore, Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.40.113 (Singapore, Singapore) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1453-113.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 74.125.24.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.11.95 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.73.149.224 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-149-224.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.80.153 (Singapore, Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-80-153.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.247.47.28 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.88.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-88-56.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.242 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.248.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Ulyanovsk, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.62.241 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	388 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	94 KB
21	groupda.link 2 redirects groupda.link	164 KB
9	whatsapp.net pps.whatsapp.net — Cisco Umbrella Rank: 3884 static.whatsapp.net — Cisco Umbrella Rank: 2100	259 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	137 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 r.clarity.ms — Cisco Umbrella Rank: 7598 c.clarity.ms — Cisco Umbrella Rank: 1405	27 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com — Cisco Umbrella Rank: 145	602 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	711 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5085	998 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	2 KB
2	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7594	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	119 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	148 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	762 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3754	623 B
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 12094	451 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	759 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	1 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 904	498 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13528	576 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 27875	570 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 98389	736 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 15453	644 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	32 KB
113	27

	Domain	Requested by
21	groupda.link	2 redirects groupda.link
14	pagead2.googlesyndication.com	groupda.link pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pps.whatsapp.net	groupda.link
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	groupda.link fonts.googleapis.com
4	www.googleadservices.com
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	an.yandex.ru	2 redirects
3	r.clarity.ms	www.clarity.ms
3	fonts.googleapis.com	groupda.link googleads.g.doubleclick.net
2	c.clarity.ms	1 redirects
2	x.bidswitch.net	2 redirects
2	aid.send.microad.jp	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.clarity.ms	groupda.link www.clarity.ms
2	www.googletagmanager.com	groupda.link www.googletagmanager.com
1	c.bing.com	1 redirects
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	sync.dsp.reemo-ad.jp	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	um.simpli.fi	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	trace.mediago.io	1 redirects
1	im.bluevoox.com	1 redirects
1	ds.uncn.jp	1 redirects
1	cs.r-ad.ne.jp	1 redirects
1	a.c.appier.net	1 redirects
1	static.whatsapp.net	groupda.link
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	code.jquery.com	groupda.link
113	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
groupda.link R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.whatsapp.net DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-11-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-07-28` - `2024-08-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://groupda.link/add/
Frame ID: F483A6AA7FD32E5D96823D312FE5DCAA
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: B157CEABFF968E27B661202421223C25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974419705489132&output=html&adk=1812271804&adf=3025194257&lmt=1699128740&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740125&bpp=541&bdt=82&idt=542&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=1069805171&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=570
Frame ID: F7F3B27CFEF7A498A66F82E3F263F132
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9
Frame ID: 25F381E89DD7D368A431F7FB173BD414
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740756&bpp=3&bdt=712&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7297206741101&frm=20&pv=1&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=IhF5DuPT2F&p=https%3A//groupda.link&dtd=8
Frame ID: A6E82E19D72C92947F4C18B0962C90B5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EFCAEE160553DE10778EC06B9A6FDC64
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DBB8B619AC52CCBD294EA4AD380AE335
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7CA3F38E0386CDE87D0D0E5435EC0491
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js
Frame ID: CF47969179F1BD822B5C9AE5F7982EB5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js
Frame ID: 24A2C54160798B70D83732011FA93104
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92E8F4EBED03941929E02A41D04F3D6A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35759B5BF5CC5A92D9A00056D5274F58
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Groupda Link Whatsapp Group Link Join 2023 - Groupda.link

Page URL History Show full URLs

http://groupda.link/ HTTP 301
https://groupda.link/ HTTP 301
https://groupda.link/add/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

113
Requests

88 %
HTTPS

48 %
IPv6

27
Domains

35
Subdomains

23
IPs

4
Countries

1394 kB
Transfer

3143 kB
Size

44
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/DmqhDsLU8SFBfgYMC49gKd

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/DmqhDsLU8SFBfgYMC49gKd

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/KEqs87C3isEBi9Oi2eaWey

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/KEqs87C3isEBi9Oi2eaWey

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/Dzlauab1zHBD3YSmakcmSz

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/Dzlauab1zHBD3YSmakcmSz

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/Bo5uNpT8hT75y1jdAYaWx3

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/Bo5uNpT8hT75y1jdAYaWx3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/JRdgiLYLzZT1RewYtLagNL

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/JRdgiLYLzZT1RewYtLagNL

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/CO066FX23OY4IfwB55FEm3

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/CO066FX23OY4IfwB55FEm3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/J5tVn2F022IKFVJ93Whuyt

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/J5tVn2F022IKFVJ93Whuyt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/CC2EJ1yWFQr0V9I0c6WZeB

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/CC2EJ1yWFQr0V9I0c6WZeB

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/H7pNy8tgljZ4kEanaPMZTf

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/H7pNy8tgljZ4kEanaPMZTf

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://groupda.link/add/group/invite/HUhXPczOQvgI4R2hV5IxRZ

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Follow%20this%20link%20to%20Join%20my%20Whatsapp%20group%20:%20&url=https://groupda.link/add/group/invite/HUhXPczOQvgI4R2hV5IxRZ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://groupda.link/ HTTP 301
https://groupda.link/ HTTP 301
https://groupda.link/add/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://a.c.appier.net/gcm?google_gid=CAESEAFavFIvxRv_mAJHR8p90Mw&google_cver=1&google_push=AXcoOmRnHj_REVv3X6lPBcP7UdszMF5AyNnSe0WPDr6YytZiOUotNUekrbU65J-e02YmqUlbaywi1pqCcys3HCN1uasADUxhIKETFdBayPXqSQXtn_Gx-ZzDIbdu0tKxDuNIJf8sq0ke9sEPTi5bzqj3_mE-gg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UHoyUWlPMHZCcEM4VTdfSXBhVkdaUQ%3D%3D&google_push=AXcoOmRnHj_REVv3X6lPBcP7UdszMF5AyNnSe0WPDr6YytZiOUotNUekrbU65J-e02YmqUlbaywi1pqCcys3HCN1uasADUxhIKETFdBayPXqSQXtn_Gx-ZzDIbdu0tKxDuNIJf8sq0ke9sEPTi5bzqj3_mE-gg

Request Chain 75

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEFDsizJtl2E7SraFktRUPJI&google_cver=1&google_push=AXcoOmQbBHjHQfwbSJ1Z8lEbHyixHb_XgTbk1yK8SVNM7rc5FL7IGS0XJ0oXGgkndyslcD2sGqI-AqWmb-oKB-4264nkOMTkI99QnAYesIaJU8xXc4rEZJCeEaDiaWSAJxrxgemVpjRzt9zo4qEUFsvnW1Yg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQbBHjHQfwbSJ1Z8lEbHyixHb_XgTbk1yK8SVNM7rc5FL7IGS0XJ0oXGgkndyslcD2sGqI-AqWmb-oKB-4264nkOMTkI99QnAYesIaJU8xXc4rEZJCeEaDiaWSAJxrxgemVpjRzt9zo4qEUFsvnW1Yg&google_hm=NTdCS0NMMDBLQkRHYTAwN0FhUXo

Request Chain 77

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEH2-jExPHqVdJp40wCSTpGQ&google_cver=1&google_push=AXcoOmQOufMUGDhqysrORTbUWBunKDtl_C_u3GiQfgohrSW8pXAXl8ebyKOPm8cqTmj22OISPOS2AkHjzIyF-QkPsIpBc1h-LaCag39-PRFcbxUgSXC364b-3RDpU0OkJwTEzTRwDDnOxOaN-OEOp1i42QfXfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQOufMUGDhqysrORTbUWBunKDtl_C_u3GiQfgohrSW8pXAXl8ebyKOPm8cqTmj22OISPOS2AkHjzIyF-QkPsIpBc1h-LaCag39-PRFcbxUgSXC364b-3RDpU0OkJwTEzTRwDDnOxOaN-OEOp1i42QfXfg&google_hm=AQOEFkxkRUyAkacj1xQ9sJ8

Request Chain 78

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKownLwOjTYy5U-4QDGNYy4&google_cver=1&google_push=AXcoOmQv6PeFS1xRD3q7bjRghhiPRjYocgRPjDFw_4s0ZdYKW9NSlXeQ_sx71govLoxUpYA4ZhAmudvgt_CDEZzYJ8GEHYvA_zPyMAO8MXbFITy93DHNjkBpgikxARWQQKUwABM_H3Nh_KuMYG2y1_KGlmS4z9c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQv6PeFS1xRD3q7bjRghhiPRjYocgRPjDFw_4s0ZdYKW9NSlXeQ_sx71govLoxUpYA4ZhAmudvgt_CDEZzYJ8GEHYvA_zPyMAO8MXbFITy93DHNjkBpgikxARWQQKUwABM_H3Nh_KuMYG2y1_KGlmS4z9c&google_hm=QlMuNGY5Yy01ODNlLTQ1OTUtYWZmZg==

Request Chain 79

https://trace.mediago.io/cs/google?google_gid=CAESEOAGPvSCJTAd0tJ9ZQjB69A&google_cver=1&google_push=AXcoOmTSVnzWO_hNttr_fKPI2g_fHuMTZOwscvw754ZyurL2n6q1u-UgRZDz01J696u7IZj_wUMGznJNkmkZ1V6RF0BbKhboDPtidmdEkSc_aFHGdQoPb-qIusnDS2WoSxYyLmqDBFBDSX5xm-UAmkg1a2skecg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTSVnzWO_hNttr_fKPI2g_fHuMTZOwscvw754ZyurL2n6q1u-UgRZDz01J696u7IZj_wUMGznJNkmkZ1V6RF0BbKhboDPtidmdEkSc_aFHGdQoPb-qIusnDS2WoSxYyLmqDBFBDSX5xm-UAmkg1a2skecg&google_hm=adc68e3ee7ea9cdd1umqq500lokhds07

Request Chain 80

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEM8GAvviVEQzL0fo040ALYk&google_cver=1&google_push=AXcoOmQMy4g6dj0MILFRci1RGuIp6Nt2_IfaxIK_4JI0HQd-pTKVE2DTWrWxz_0Cnc0367wxX5dSSPFacqhwP-d_x_UEG3S4TRekeQT1zzqJfuKyP7OeTJ0Own2YLJxxjhYgRosgd3xA6gvw2QHsZTKWANiY66A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQMy4g6dj0MILFRci1RGuIp6Nt2_IfaxIK_4JI0HQd-pTKVE2DTWrWxz_0Cnc0367wxX5dSSPFacqhwP-d_x_UEG3S4TRekeQT1zzqJfuKyP7OeTJ0Own2YLJxxjhYgRosgd3xA6gvw2QHsZTKWANiY66A

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://um.simpli.fi/gp_match?google_gid=CAESEDEAq2cbGhDEOVijI1-ua3o&google_cver=1&google_push=AXcoOmQvat2saHvSHo_0WzpcJvDKp00YtIXw1bOYY_AMohU1dp9brJ8EUEpEAkaHUbDEgHHN7suHBJV_joSYbtuHR8n48AQPnHTlxDEYBKEHbIJYW0Iv7pGqx6u8bsbvLWm8kRzQHb4EqSuGRnMyVRAOJYv6gQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F54FCCA820C42DFA51FD0816FB9B24F&google_push=AXcoOmQvat2saHvSHo_0WzpcJvDKp00YtIXw1bOYY_AMohU1dp9brJ8EUEpEAkaHUbDEgHHN7suHBJV_joSYbtuHR8n48AQPnHTlxDEYBKEHbIJYW0Iv7pGqx6u8bsbvLWm8kRzQHb4EqSuGRnMyVRAOJYv6gQ

Request Chain 84

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESENThdCEZtqz1O6WU8NiJvlk&google_cver=1&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJRACANwtXQ8mfVwsy9OdV22T8VJ0mszuINQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESENThdCEZtqz1O6WU8NiJvlk&google_cver=1&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJRACANwtXQ8mfVwsy9OdV22T8VJ0mszuINQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJRACANwtXQ8mfVwsy9OdV22T8VJ0mszuINQ&google_hm=YgUNo5H8T9COS_aowMXG_Q==

Request Chain 86

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECvre-4fV-3_NN5Tq3MWmq0&google_cver=1&google_push=AXcoOmTVfCfQdNmXOopZjvtyt-JF_2aT3EuO0HIY8Kehu2voHRej0oD6hqdECPGLxpHTIbRfK0uQO457E2MSQbGyFm0fBsP5uxRfw2elD-_z4V2WKVio_oyJZKxfmXQNt9rht2KR4TXfM9h9SDFw-HI6XHx6sA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PhKh_5jIX_1lqVwJbwS_32f-mc4&google_push=AXcoOmTVfCfQdNmXOopZjvtyt-JF_2aT3EuO0HIY8Kehu2voHRej0oD6hqdECPGLxpHTIbRfK0uQO457E2MSQbGyFm0fBsP5uxRfw2elD-_z4V2WKVio_oyJZKxfmXQNt9rht2KR4TXfM9h9SDFw-HI6XHx6sA

Request Chain 87

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEP1oDVm43Jh5YN4IVRn5QQM&google_cver=1&google_push=AXcoOmR4JOu2ynHCw12xJf6pg4Xu1IPPFtSyW1f6zJVea7gMcL841kuDMGPKGvJFSaBo4ETvlYJ53LHTBom8WbiXFeNf7oWNmt9aFNmxfKifgzMMFODSos-mL-Zu9Z-b591KCBCfgUDr7rDWkWqWXqaVAqAWgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmR4JOu2ynHCw12xJf6pg4Xu1IPPFtSyW1f6zJVea7gMcL841kuDMGPKGvJFSaBo4ETvlYJ53LHTBom8WbiXFeNf7oWNmt9aFNmxfKifgzMMFODSos-mL-Zu9Z-b591KCBCfgUDr7rDWkWqWXqaVAqAWgQ

Request Chain 89

https://an.yandex.ru/mapuid/google/CAESEC2mbtrLk3YR9onrQSIOffY?ext-param=AXcoOmSenSscTr9pNKBYYz8_k2L0caO2Kzv0L4kk5RzJ6FrR-7xjU5o74Ce2gMcKH2qH-rB5us-XFjpEs50nN88FpDPAwY6ubSIly4BnX2dSWeeNbfKo7EWfOXzj2gBZeH9Y0FVynGisHtvoB0UaMNI-4Xs0pbE&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEC2mbtrLk3YR9onrQSIOffY?redir-setuniq=1&ext-param=AXcoOmSenSscTr9pNKBYYz8_k2L0caO2Kzv0L4kk5RzJ6FrR-7xjU5o74Ce2gMcKH2qH-rB5us-XFjpEs50nN88FpDPAwY6ubSIly4BnX2dSWeeNbfKo7EWfOXzj2gBZeH9Y0FVynGisHtvoB0UaMNI-4Xs0pbE&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEC2mbtrLk3YR9onrQSIOffY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=C26eupKVGZYDqL8amssUPsqeeoATbl8D7c5ez6o3IEou_94voOhABIM-Ayy1gwQWgAeXajcopyAEBqQIq3HRoEwGyPqgDAcgDywSqBPABT9BGx6z44-8-1qrfzJqt8IRl6GBBVUwIrz0adSLuuEmJVyyXT0Pfma7cpyYXXYCSXZcTSg_rA5kMARwJg5D-Mg5A7I8IHpBGJI_C8NvmsNEiIoTBATRnOVE1AdJSSwFZnq1UNAeFt70Ag8RcPeEmc0_VMwRzcrHvM-9HoPXrLHld8VYMepy4HN7g8UbfmnOnxf94_ZUnevoHwXrYfnEe-Db8WahrzYGyLertZxEU7KcgDBzRwakoKr7Sptg7ltdJy5YqW8Zx7-uIhBxubVEufT6FPnWI27EKZX7TciFV9vVlWuTo97MjLijlD3fKCZDkwAT9p_jpsASIBcmejdJLkgUECAQYAZIFBAgFGASAB-WS3qkEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5_gB0ggUCIBhEAEYHzICigI6AoBASL39wTqaCSNodHRwczovL25ld3MtZ3B0Lm9yZy9tZXNzZW5nZXItZW52MYAKAcgLAaIMECoOCgy1uLEC5LSxAu61sQLaDBEKCxDwjp7s04mth44BEgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MzU4MTM4MDkxNDQxNTE1GAA&sigh=eliHLtWWVD0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNP7y38xk4guZbjjI8-DuE9EroEdiHEFC_mxuXRgE0QlpMjzgqA88oMwuN4tMwT8-GGC2zy6PNixgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x982556808f42da470000000000000000%22,%222%22:%220x3e9700656fb146d10000000000000000%22,%223%22:%220xa2bca30a8fd584ca0000000000000000%22,%224%22:%220xb67d319a2759f98c0000000000000000%22,%225%22:%220x6021c3518ca54bb00000000000000000%22},%22debug_key%22:%2214037671096838684149%22,%22debug_reporting%22:true,%22destination%22:%22https://news-gpt.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211161267557%22],%224%22:[%2211-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228887697808618989649%22}&andc=true

Request Chain 96

https://googleads.g.doubleclick.net/pagead/adview?ai=CgK31pKVGZdrRLsSFoQP_y7fgB8Dg5-JzydKf9pESZBABIM-Ayy1gwQWgAZvSjb0pyAEJqQIPAdkqsnKCPqgDAcgDywSqBOkBT9AScTGlJuUbZHijU9BfRYMqKexYUPcycH0rMnaHfNRqCrew_SNZbITbjesFiioY2fKCFEughCr0LfpM8Ge2vVTSIjs2pM2b5Mx4FqKADPHbXgCbbNSQvIqxJs7ZG1IgRlCQQFUZYj7Z_MDvye4csCjlQjUNF2ycMMHs5c7TLTxgFoMTEHq9w5NF6NHlenhY2t3tDaPg-1uHxWn6SwvRYm-c7ChzAMhSRVCeoE0TwG1qBIqeI0aTY195p2DsrK-7Ikq-7uYpbkfnkgxeGlUHONZVtF7Ou4HtfvFnNgnOu0Z0zM-5CPUAXCTABNne2KfGBIgFqLeVi02SBQQIBBgBkgUECAUYBKAGLoAHm4renASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD7yQPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJkgFodHRwczovL3d3dy5jb29ob20uY29tL3B1Yi9hY3Rpdml0aWVzL0JsYWNrRnJpZGF5MjAyMz91dG1fc291cmNlPWdvb2dsZWFkJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1CMkNfRGlzcGxheV9STUtUX1B1cmNoYXNlX0dsb2JhbF9FTl8yMDIzMTAyM4AKAcgLAaIMECoOCgy1uLEC5LSxAu61sQLaDBAKChDQrJSAwfnonkkSAgEDuBPkA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MzU4MTM4MDkxNDQxNTE1GAA&sigh=Ek-4Fg7v5UA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNS-ipg0uY2FKI8-BF8PzN2etGHQkOsBZzWuEpu1OLAJVRFFKTJ-M0YBf7MKQFj6deaP5Wb81pGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa325fda52af23bac0000000000000000%22,%222%22:%220x7ccb2ea6c79a65850000000000000000%22,%223%22:%220xef0109f5176c0feb0000000000000000%22,%224%22:%220x3b7e3ba93f2458a10000000000000000%22,%225%22:%220xd0103e311ca7d8c10000000000000000%22},%22debug_key%22:%2218021089314683285305%22,%22debug_reporting%22:true,%22destination%22:%22https://coohom.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211134003483%22],%224%22:[%2211-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221231884290689252065%22}&andc=true

Request Chain 98

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=548BC01A53094F0AA615B0D4467BB3C6&RedC=c.clarity.ms&MXFR=0EFE9DF7F7CC6DF7355A8E48F3CC637D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=548BC01A53094F0AA615B0D4467BB3C6&MUID=1DF649755B206E8A27745ACA5A216F5F

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
groupda.link/add/
Redirect Chain

http://groupda.link/
https://groupda.link/
https://groupda.link/add/

23 KB
7 KB

1419ms
1418ms

Document
text/html

172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

7eb6f94532a44579fd3f100322d038a1efb6298fde4791ca46b04396a718ea95

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 04 Nov 2023 20:12:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 04 Nov 2023 20:12:18 GMT
expires: Sat, 04 Nov 2023 20:39:27 GMT
location: https://groupda.link/add/
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-litespeed-tag: c11_HTTP.301,c11_HTTP.301
x-nginx-upstream-cache-status: HIT
x-redirect-by: redirection
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 36ms
16ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7974419705489132

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5144414adc98d918807d5200fdc30933d86f5ff076344cfb6e2dbd52137f8047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Origin: https://groupda.link
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51901
x-xss-protection: 0
server: cafe
etag: 2237573109800708235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:12:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 25ms
8ms Script
application/javascript 2404:6800:4003:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-133706520-1

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9316148af3b5982db65c8c5de81d269e7df7ff800b11d56ecaff3d2818cb70bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68895
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Nov 2023 20:12:20 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
32 KB 529ms
174ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4326540
x-cache: HIT, HIT
content-length: 32788
x-served-by: cache-lga13622-LGA, cache-maa10222-MAA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699128740.418946,VS0,VE0
etag: W/"28feccc0-16bb3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 8, 61867

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 32ms
30ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7358138091441515

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406529ba05f26610ac014f2fe0c69cd4aee643f03c3ea6fa160a88b8584a4bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Origin: https://groupda.link
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52172
x-xss-protection: 0
server: cafe
etag: 11633308076965315342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:12:20 GMT

GET
H2 200 style.css
groupda.link/add/css/ 21 KB
4 KB 6ms
3ms Stylesheet
text/css 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/css/style.css

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

31dd57a98b3edc2cfc2d95cfb1c51a1b70e9ac818a2eb969b2ad21b0cd38c47a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 osd.js Show response
groupda.link/add/js/ 72 KB
27 KB 9ms
7ms Script
application/javascript 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/js/osd.js

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

65d47fed43704255959d18f70708a442e3deb6e644d1def288661adf38d46d31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 23ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

607007014d9837aa57a9d2288ca0ed2bcbd7b8709d3160aa85df3f0f68120199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 18:53:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Nov 2023 20:12:20 GMT

GET
H2 200 css.css
groupda.link/add/css/ 12 KB
1 KB 6ms
4ms Stylesheet
text/css 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/css/css.css

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

9b5770079ac1923ecd9e578a91769af472c297416af70ec12cc980d36d839ab3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 main.css
groupda.link/add/css/ 3 KB
1 KB 7ms
5ms Stylesheet
text/css 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/css/main.css

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

aec9daa9ad915ae4dca1b21fc82668beb3e40dac015fb4f7eda8d0d9a9e5df13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 jquery.js Show response
groupda.link/add/js/ 95 KB
34 KB 12ms
10ms Script
application/javascript 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/js/jquery.js

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 newlogo.png
groupda.link/add/img/ 7 KB
8 KB 14ms
12ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/newlogo.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f57e891f138d0e99f02cc17a625f183cb0325297bee61c3709a8e7f60ed698f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 08 Jun 2023 08:25:23 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7414
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 loader.gif
groupda.link/add/img/ 30 KB
31 KB 14ms
13ms Image
image/gif 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/loader.gif

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

7263dc2c64c87b9847f52e8a6e35447c968a144fc7940084fe3ca89003e8fbb1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 31057
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 jquery-1.js Show response
groupda.link/add/js/ 91 KB
33 KB 8ms
8ms Script
application/javascript 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/js/jquery-1.js

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 04 Dec 2023 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:48 GMT
server: nginx
x-server-powered-by: Engintron
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 13ms
12ms Script
application/javascript 2404:6800:4003:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WHXR5KXXMB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133706520-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8e45bf3814d6d8a73d11a8bfd863fd526907c86ef18dc70904a87e35580237e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Nov 2023 20:12:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 14ms
4ms Script
text/javascript 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-133706520-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Nov 2023 19:55:11 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1029
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 04 Nov 2023 21:55:11 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 40ms
31ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7974419705489132

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e44cf7ec2fcfb3d2ba0a0188ad2e9347088ef510eabbd77989c74d954ba39cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138215
x-xss-protection: 0
server: cafe
etag: 15155397477690905872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:12:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame B157 10 KB
5 KB 21ms
4ms Document
text/html 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7974419705489132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 53261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 05:24:39 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 05:24:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
160 B 6ms
4ms Ping
text/plain 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WHXR5KXXMB&gtm=45je3b11v9115751510&_p=1699128740067&gcd=11l1l1l1l1&cid=1402309844.1699128740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699128740&sct=1&seg=0&dl=https%3A%2F%2Fgroupda.link%2Fadd%2F&dt=Groupda%20Link%20Whatsapp%20Group%20Link%20Join%202023%20-%20Groupda.link&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHXR5KXXMB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 4ms
4ms XHR
text/plain 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=41067794&t=pageview&_s=1&dl=https%3A%2F%2Fgroupda.link%2Fadd%2F&ul=en-us&de=UTF-8&dt=Groupda%20Link%20Whatsapp%20Group%20Link%20Join%202023%20-%20Groupda.link&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=358568092&gjid=11331375&cid=1402309844.1699128740&tid=UA-133706520-1&_gid=1571379387.1699128740&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=1132008671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 20ms
6ms XHR
text/plain 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-133706520-1&cid=1402309844.1699128740&jid=358568092&gjid=11331375&_gid=1571379387.1699128740&_u=YADAAUAAAAAAACAAI~&z=482989842

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Nov 2023 20:12:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 idm08vks22 Show response
www.clarity.ms/tag/ 650 B
1013 B 255ms
222ms Script
application/x-javascript 2620:1ec:46::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/idm08vks22
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 196b65086a14064941aa9d24d13519662ce5fd6f8aa4ea85035d59c524ef8a60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
date: Sat, 04 Nov 2023 20:12:20 GMT
x-azure-ref: 20231104T201220Z-307k8ddrx50dpba53mzzrwmt3c00000000ug000000001ek0
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 nav-icon.png
groupda.link/add/img/ 666 B
1021 B 8ms
7ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/nav-icon.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

d82ca0699739ff332a0764450dc1b5e5191878ffa8ae33eed1a6a0cc8853ac31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 666
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 close2.png
groupda.link/add/img/ 1018 B
1 KB 9ms
8ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/close2.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f3540afcf09d5a83319752d4bcebad95dbc9f0c873b1b84afc5013472eadee29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1018
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 15ms
4ms Font
font/woff2 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Origin: https://groupda.link
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 01:56:49 GMT
x-content-type-options: nosniff
age: 152131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14048
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 01:56:49 GMT

GET
H2 200 search-icon.png
groupda.link/add/img/ 657 B
1012 B 5ms
5ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/search-icon.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

fb4d6e13f4dd6fc5e54198f73debbb923455f80c5e6d9faf6da6a386f9ea5650

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:20:16 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 657
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 24ms
6ms Script
text/javascript 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=groupda.link&callback=_gfp_s_&client=ca-pub-7974419705489132

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fecb8439c20d8a7de0f37543648ab20cc15ef0d014984345b2daae7f33cdb75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7F3 603 B
218 B 23ms
22ms Document
text/html 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974419705489132&output=html&adk=1812271804&adf=3025194257&lmt=1699128740&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740125&bpp=541&bdt=82&idt=542&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=1069805171&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=570

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:12:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 6ms
6ms Image
image/gif 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25F3 123 KB
42 KB 423ms
423ms Document
text/html 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74289296cd30c63c7fa939f64a3f9df7fb2bf7d522cee905e3ee512af7f0ca1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42690
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:12:21 GMT
expires: Sat, 04 Nov 2023 20:12:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6E8 131 KB
44 KB 355ms
354ms Document
text/html 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740756&bpp=3&bdt=712&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7297206741101&frm=20&pv=1&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=IhF5DuPT2F&p=https%3A//groupda.link&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e248be56b760c05376e698db864d2f3cd856ac8427f32cc12a3c9f0ce4504f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:12:21 GMT
expires: Sat, 04 Nov 2023 20:12:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 loadresult Show response
groupda.link/add/group/ 33 KB
4 KB 26ms
25ms XHR
text/html 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://groupda.link/add/group/loadresult

Requested by

Host: groupda.link
URL: https://groupda.link/add/js/jquery-1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

ff45d1fe50d5aaded15e44117329798dc18419a7b10f5a2f4a4d5b3bfa2cac5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://groupda.link/add/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
server: nginx
x-server-powered-by: Engintron
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 370855779_867523441624504_7927124109203632374_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 27 KB
27 KB 188ms
164ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/370855779_867523441624504_7927124109203632374_n.jpg?ccb=11-4&oh=01_AdQAwi0S4Yt2ha6BlSA8UTTZaALehoawjpzQ7ghaU6QvGw&oe=6553A1F0&_nc_sid=e6ed6c&_nc_cat=109
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b29306dfbd9c54776c205780522b289d319197a42c770c3e78c017cd674aaa05

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 29 Aug 2023 10:25:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1544534614
thrift_fmhk: GBDjxX4A1loAEDiNtaWQRz3iFfarm9sDAA==
cache-control: public; max-age=460800
x-fb-edge-debug: FlCjNQvCfzkBoscSjfKg4JA80FhxBNj5glf2GgpJQmWKeJjGU93IUPL-zcr0ZAo7sm5wpQLK6-59e6NmKBmelTShH_pZRENaac9gDpqv55wzbPf1Qw2S7fQZZSrowCbf
x-needle-checksum: 1544534614
access-control-expose-headers: x-wa-metadata
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 27264

GET
H2 200 category.png
groupda.link/add/img/ 2 KB
2 KB 10ms
6ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/category.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

442ae75e727cd9f2f200830b5ff457d274363ff02987a6b6000090c0e512c9ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1609
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 country.png
groupda.link/add/img/ 2 KB
2 KB 10ms
7ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/country.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

d6832684dc34252ac44d2576145f34d02cc81de2114917a02c7a8b8fe2912b75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1570
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 language.png
groupda.link/add/img/ 993 B
1 KB 11ms
8ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/language.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

f605e0617edfaa51b83e023d5a8937f08f8093fa72041c90c197ddc856f9a809

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 993
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 facebook.jpg
groupda.link/add/img/ 1 KB
2 KB 11ms
8ms Image
image/jpeg 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/facebook.jpg

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

5033899daea22c45c22b457247bf1445b5e44dc75d9c796ab50809be0b98b240

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1290
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 whatsapp.png
groupda.link/add/img/ 2 KB
2 KB 12ms
9ms Image
image/png 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/whatsapp.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

bea45a652702db616c3f4edf7be402cdfff5643ee0e152f6053a22f2a01cb093

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1779
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 twitter.jpg
groupda.link/add/img/ 1 KB
2 KB 12ms
10ms Image
image/jpeg 172.104.56.139
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://groupda.link/add/img/twitter.jpg

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.56.139 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

vsrv506.armadaservers.com

Software

nginx /

Resource Hash

a805b8db590cc0ce99beb8a465c0e475b97b770fce7305e1910db9cda5a7bfaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/add/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 20:12:20 GMT
date: Sat, 04 Nov 2023 20:12:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Mar 2023 18:19:49 GMT
server: nginx
x-server-powered-by: Engintron
content-type: image/jpeg
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1459
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 J5gK5AgJ_L5.png
static.whatsapp.net/rsrc.php/v3/yo/r/ 6 KB
6 KB 25ms
3ms Image
image/png 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.whatsapp.net/rsrc.php/v3/yo/r/J5gK5AgJ_L5.png

Requested by

Host: groupda.link
URL: https://groupda.link/add/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5b1aa263dd0d7ed4996b3cbad2fe66e00e55a557c20b5bfed57f7b1dab52491

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-content-type-options: nosniff
content-md5: TjDbtmsh4Nj2+3mKJ8TRRQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5932
reporting-endpoints
x-fb-debug: Ud681YXHlZyV11K4K31l8OJroqwVKrNkAGxkLKpd0nx4KGzkOtLOhs7b/nc5LPBlCZ4ajN/vWEUy2h/uRagAhA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Oct 2024 21:42:29 GMT

GET
H2 200 393877780_1072787837064064_2376429725319885964_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 38 KB
38 KB 39ms
17ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/393877780_1072787837064064_2376429725319885964_n.jpg?ccb=11-4&oh=01_AdRZ8ewmCtQ6UrgxulmBSowZK3oGC79ovN8yrXoIgeZTVA&oe=655388F7&_nc_sid=e6ed6c&_nc_cat=104
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e7118d90e397c93cf35813b66dfdfc133b4a73b6a58755c9723366c52db7a070

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 04 Nov 2023 17:36:01 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1568953872
thrift_fmhk: GBBllVBmhXVoHNCmO0sXAebaFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 1568953872
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 38843

GET
H2 200 390222393_280632844936050_5614026590890573010_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 27 KB
27 KB 38ms
15ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/390222393_280632844936050_5614026590890573010_n.jpg?ccb=11-4&oh=01_AdTjq4H_wyarbk1yVejeVYKq0o2tp-FtXmbOLs5rN72cmw&oe=65539E8A&_nc_sid=e6ed6c&_nc_cat=105
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 057eb01d3869993ea0da0e5d785c5e7728e5aaf5388bf4e72e146133ad4a8d72

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 22 Oct 2023 13:44:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3252400780
thrift_fmhk: GBAKwui49izj/DHvRq/9iikxFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 3252400780
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 27902

GET
H2 200 397779596_315291004583275_8951839769224296668_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 29 KB
29 KB 28ms
6ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/397779596_315291004583275_8951839769224296668_n.jpg?ccb=11-4&oh=01_AdRZHDdaUTnecqm4JerVPxNuzozi9ZvcmG0nbSuVGIdFhw&oe=655376E1&_nc_sid=e6ed6c&_nc_cat=104
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 97283010d86394149e03ecedbc518303aa2f9f69fe88efd937ba39a6ce025d77

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 04 Nov 2023 17:10:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1229574967
thrift_fmhk: GBBX6NqfvI0HPzPw4fnODdRgFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 1229574967
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 29586

GET
H2 200 386433545_1286210132029241_6161091439677333975_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 14 KB
14 KB 31ms
10ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/386433545_1286210132029241_6161091439677333975_n.jpg?ccb=11-4&oh=01_AdTymZl_f6sbxNQW4zJq4oPJOir_gPi72koJCL7JGfL-QQ&oe=6553905D&_nc_sid=e6ed6c&_nc_cat=102
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dfd980e6c960d670a7036c580e05e49fd5c2e1886f959c373d8465519fedafca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 04 Nov 2023 15:52:24 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=769281055
thrift_fmhk: GBCQ3Ib3evWHEte6cBYTS/XpFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 769281055
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 14612

GET
H2 200 328109950_844391050717493_8766883670374178115_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 57 KB
57 KB 31ms
9ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/328109950_844391050717493_8766883670374178115_n.jpg?ccb=11-4&oh=01_AdTiL6nAx0ARUQvOtHfvrvmj8PVu-Tgpg-GwvzWALeJlUQ&oe=65539346&_nc_sid=e6ed6c&_nc_cat=107
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4528c1771cfc7455463ec6591775fb8f46ccd3f5799a1e18ea787018d318027b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 04 Nov 2023 17:03:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3934963975
thrift_fmhk: GBCY3ofsSCYH10FJNsToEwukFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 3934963975
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 57921

GET
H2 200 386468027_838465864946862_6574637793280616088_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 43 KB
44 KB 14ms
14ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/386468027_838465864946862_6574637793280616088_n.jpg?ccb=11-4&oh=01_AdRkNZ-Nrp65z8c4a61PASS73wcobYYzjFljv5Si3d64bg&oe=65538FEF&_nc_sid=e6ed6c&_nc_cat=101
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0686d45632b4a1076d8e9bbec9428990009ea4d3988644813b86bbdd80cea0f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 04 Nov 2023 15:11:27 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1217319452
thrift_fmhk: GBAtEnyORGoL3wXCySyP0jRaFfarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 1217319452
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 44484

GET
H2 200 383390711_886344866344895_6590695590794964435_n.jpg
pps.whatsapp.net/v/t61.24694-24/ 16 KB
16 KB 13ms
13ms Image
image/jpeg 2a03:2880:f20c:3c1:face:b00c:0:167
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pps.whatsapp.net/v/t61.24694-24/383390711_886344866344895_6590695590794964435_n.jpg?ccb=11-4&oh=01_AdQwmGAQ09NKM6DLZsCxkBJMuH6MNiOtJc7633-7rGZ6Gg&oe=655365ED&_nc_sid=e6ed6c&_nc_cat=100
Requested by: Host: groupda.link
URL: https://groupda.link/add/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20c:3c1:face:b00c:0:167 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55582084249469690fce58d32a8b3159ece09bbceca41506006501a3accf62f5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 04 Nov 2023 14:45:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=605778764
thrift_fmhk: GBDeXKhvv5Q1rso44MI+1lv+Ffarm9sDAA==
cache-control: public; max-age=460800
access-control-expose-headers: x-wa-metadata
x-needle-checksum: 605778764
x-fb-application-protocol: h2
alt-svc: h3=":443"; ma=86400
content-length: 16640

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.13/ 59 KB
25 KB 6ms
6ms Script
application/javascript 2620:1ec:46::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/idm08vks22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:20 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 11:58:02 GMT
etag: W/"0x8DBCF0850CC9F3D"
vary: Accept-Encoding
x-azure-ref: 20231104T201220Z-307k8ddrx50dpba53mzzrwmt3c00000000ug000000001ekx
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 142ccacf-501e-0016-1c00-0bd80c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
292 B 922ms
458ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://groupda.link
Date: Sat, 04 Nov 2023 20:12:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 8a6c58a25e971cfbc194f00dd2aa8ad4.js Show response
www.gstatic.com/mysidia/ Frame A6E8 9 KB
4 KB 16ms
4ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740756&bpp=3&bdt=712&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7297206741101&frm=20&pv=1&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=IhF5DuPT2F&p=https%3A//groupda.link&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 20:11:47 GMT

GET
H2 200 281c723aa683930efadfba50222cf93a.js Show response
www.gstatic.com/mysidia/ Frame A6E8 11 KB
5 KB 17ms
5ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/281c723aa683930efadfba50222cf93a.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4593
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 19:42:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 23:50:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A6E8 11 KB
1 KB 9ms
8ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e913a8990c885bd71ef289a424530af23b9aa3e431085874a2ed8681d93f95b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Nov 2023 20:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 19:34:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Nov 2023 20:12:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame A6E8 2 KB
879 B 6ms
5ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:37:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame A6E8 23 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:37:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame A6E8 3 KB
1 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:32:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame A6E8 20 KB
9 KB 22ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:32:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A6E8 0
0 61ms
49ms Image
text/html 2404:6800:4003:c0f::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyH0lF21D9aRbq7x9maBn4YKYNZTNjgP2E2fxQfEnTR0P_PipTRx_D23drTD_QfAkVhRONeBajsrfS-kWB0o9F4WlLNg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740756&bpp=3&bdt=712&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7297206741101&frm=20&pv=1&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=IhF5DuPT2F&p=https%3A//groupda.link&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::69 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6E8 189 KB
60 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:12:21 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame A6E8 36 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 09:19:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFCA 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1893563610&adf=62005579&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740756&bpp=3&bdt=712&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7297206741101&frm=20&pv=1&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=488&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=IhF5DuPT2F&p=https%3A//groupda.link&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 19:58:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DBB8 1 KB
643 B 4ms
4ms Document
text/html 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 37273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 09:51:08 GMT
etag: 48472445140208031
expires: Sun, 05 Nov 2023 09:51:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 25F3 4 KB
655 B 11ms
10ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Nov 2023 20:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 19:14:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Nov 2023 20:12:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 25F3 2 KB
825 B 5ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:37:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 25F3 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 20:37:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 25F3 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:32:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 25F3 20 KB
8 KB 6ms
4ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:32:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 25F3 0
0 50ms
49ms Image
text/html 2404:6800:4003:c0f::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCUmCOxNZMeX0fpREtaT5hULa-uh8_4F1Gyjxttjgcf6m2RFiacGNduYQXqKeZsFZs7iRGy5HRN2O7mMbM36n6mDUfVg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::69 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25F3 189 KB
59 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:12:21 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 25F3 36 KB
15 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 09:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 09:19:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7CA3 1 KB
643 B 5ms
4ms Document
text/html 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 37273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 09:51:08 GMT
etag: 48472445140208031
expires: Sun, 05 Nov 2023 09:51:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16521610657928882176/ Frame 25F3 31 KB
31 KB 63ms
62ms Image
image/jpeg 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16521610657928882176/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c317db70b242a2e7e90b50222224b9329aa98e4deadb4366630106f3ac92248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31434
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 04:24:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 20:12:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/474419727591788203/ Frame 25F3 3 KB
3 KB 4ms
4ms Image
image/jpeg 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/474419727591788203/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794ed77951fb5d8adb99c225a61512e158eecd8e196efb22d89085bde8368888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 05:10:46 GMT
x-content-type-options: nosniff
age: 54095
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2724
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 04:24:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 05:10:46 GMT

GET
DATA 200
OK truncated
/ Frame A6E8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f661476f28c291f3403a81854bcea72a8b264c9cb480a2620dfb9d4f671c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame A6E8 32 KB
32 KB 16ms
15ms Font
font/woff2 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:47:38 GMT
x-content-type-options: nosniff
age: 311083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 05:47:38 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A6E8 21 KB
21 KB 16ms
16ms Font
font/woff2 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 08:11:10 GMT
x-content-type-options: nosniff
age: 129671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 08:11:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBB8
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEAFavFIvxRv_mAJHR8p90Mw&google_cver=1&google_push=AXcoOmRnHj_REVv3X6lPBcP7UdszMF5AyNnSe0WPDr6YytZiOUotNUekrbU65J-e02YmqUlbaywi1pqCcys3HCN1uasADUxhIKETFdBay...
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UHoyUWlPMHZCcEM4VTdfSXBhVkdaUQ%3D%3D&google_push=AXcoOmRnHj_REVv3X6lPBcP7UdszMF5AyNnSe0WPDr6YytZiOUotNUekrbU65J-e02YmqUlbaywi1pqCcys3H...

170 B
188 B

8ms
7ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UHoyUWlPMHZCcEM4VTdfSXBhVkdaUQ%3D%3D&google_push=AXcoOmRnHj_REVv3X6lPBcP7UdszMF5AyNnSe0WPDr6YytZiOUotNUekrbU65J-e02YmqUlbaywi1pqCcys3HCN1uasADUxhIKETFdBayPXqSQXtn_Gx-ZzDIbdu0tKxDuNIJf8sq0ke9sEPTi5bzqj3_mE-gg

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Nov 2023 20:12:21 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UHoyUWlPMHZCcEM4VTdfSXBhVkdaUQ%3D%3D&google_push=AXcoOmRnHj_REVv3X6lPBcP7UdszMF5AyNnSe0WPDr6YytZiOUotNUekrbU65J-e02YmqUlbaywi1pqCcys3HCN1uasADUxhIKETFdBayPXqSQXtn_Gx-ZzDIbdu0tKxDuNIJf8sq0ke9sEPTi5bzqj3_mE-gg
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 301

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBB8
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEFDsizJtl2E7SraFktRUPJI&google_cver=1&google_push=AXcoOmQbBHjHQfwbSJ1Z8lEbHyixHb_XgTbk1yK8SVNM7rc5FL7IGS0XJ0oXGgkndyslcD2sGqI-AqWmb-oKB-4264nkOMTkI99QnAYes...
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQbBHjHQfwbSJ1Z8lEbHyixHb_XgTbk1yK8SVNM7rc5FL7IGS0XJ0oXGgkndyslcD2sGqI-AqWmb-oKB-4264nkOMTkI99QnAYesIaJU8xXc4rEZJCeEaDiaWSAJxrxge...

170 B
188 B

7ms
7ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQbBHjHQfwbSJ1Z8lEbHyixHb_XgTbk1yK8SVNM7rc5FL7IGS0XJ0oXGgkndyslcD2sGqI-AqWmb-oKB-4264nkOMTkI99QnAYesIaJU8xXc4rEZJCeEaDiaWSAJxrxgemVpjRzt9zo4qEUFsvnW1Yg&google_hm=NTdCS0NMMDBLQkRHYTAwN0FhUXo

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Sat, 04 Nov 2023 20:12:21 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQbBHjHQfwbSJ1Z8lEbHyixHb_XgTbk1yK8SVNM7rc5FL7IGS0XJ0oXGgkndyslcD2sGqI-AqWmb-oKB-4264nkOMTkI99QnAYesIaJU8xXc4rEZJCeEaDiaWSAJxrxgemVpjRzt9zo4qEUFsvnW1Yg&google_hm=NTdCS0NMMDBLQkRHYTAwN0FhUXo
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame DBB8 43 B
641 B 335ms
69ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEEI-OW70vNAdSfYrK7DT1p4&google_cver=1&google_push=AXcoOmQ9Jn8-MNNyf4E10jVbl13oLlaaaEIqVTr5O9HT_LcOQm8kezZ__1scAq6pU7Ov0hbFfdWxHDtgxi63yCQDaJ96jIIP2P4XpFVkWzcdOI4OtDsrrKM1WJybeV-z366kXp3gau0k8CwW8JFzvTX-0TTv

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Sat, 04 Nov 2023 20:12:21 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBB8
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEH2-jExPHqVdJp40wCSTpGQ&google_cver=1&google_push=AXcoOmQOufMUGDhqysrORTbUWBunKDtl_C_u3GiQfgohrSW8pXAXl8ebyKOPm8cqTmj22OISPOS2AkHjzIyF-QkPs...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQOufMUGDhqysrORTbUWBunKDtl_C_u3GiQfgohrSW8pXAXl8ebyKOPm8cqTmj22OISPOS2AkHjzIyF-QkPsIpBc1h-LaCag39-PRFcbxUgSXC364b-3RDpU0OkJwT...

170 B
188 B

9ms
9ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQOufMUGDhqysrORTbUWBunKDtl_C_u3GiQfgohrSW8pXAXl8ebyKOPm8cqTmj22OISPOS2AkHjzIyF-QkPsIpBc1h-LaCag39-PRFcbxUgSXC364b-3RDpU0OkJwTEzTRwDDnOxOaN-OEOp1i42QfXfg&google_hm=AQOEFkxkRUyAkacj1xQ9sJ8

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQOufMUGDhqysrORTbUWBunKDtl_C_u3GiQfgohrSW8pXAXl8ebyKOPm8cqTmj22OISPOS2AkHjzIyF-QkPsIpBc1h-LaCag39-PRFcbxUgSXC364b-3RDpU0OkJwTEzTRwDDnOxOaN-OEOp1i42QfXfg&google_hm=AQOEFkxkRUyAkacj1xQ9sJ8
Date: Sat, 04 Nov 2023 20:12:21 GMT
Server: Apache
Connection: keep-alive
Content-Length: 289
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBB8
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKownLwOjTYy5U-4QDGNYy4&google_cver=1&google_push=AXcoOmQv6PeFS1xRD3q7bjRghhiPRjYocgRPjDFw_4s0ZdYKW9NSlXeQ_...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQv6PeFS1xRD3q7bjRghhiPRjYocgRPjDFw_4s0ZdYKW9NSlXeQ_sx71govLoxUpYA4ZhAmudvgt_CDEZzYJ8GEHYvA_zPyMAO8MXbFITy93DHNjkBpgikxARWQQ...

170 B
188 B

7ms
7ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQv6PeFS1xRD3q7bjRghhiPRjYocgRPjDFw_4s0ZdYKW9NSlXeQ_sx71govLoxUpYA4ZhAmudvgt_CDEZzYJ8GEHYvA_zPyMAO8MXbFITy93DHNjkBpgikxARWQQKUwABM_H3Nh_KuMYG2y1_KGlmS4z9c&google_hm=QlMuNGY5Yy01ODNlLTQ1OTUtYWZmZg==

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQv6PeFS1xRD3q7bjRghhiPRjYocgRPjDFw_4s0ZdYKW9NSlXeQ_sx71govLoxUpYA4ZhAmudvgt_CDEZzYJ8GEHYvA_zPyMAO8MXbFITy93DHNjkBpgikxARWQQKUwABM_H3Nh_KuMYG2y1_KGlmS4z9c&google_hm=QlMuNGY5Yy01ODNlLTQ1OTUtYWZmZg==
Date: Sat, 04 Nov 2023 20:12:22 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBB8
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEOAGPvSCJTAd0tJ9ZQjB69A&google_cver=1&google_push=AXcoOmTSVnzWO_hNttr_fKPI2g_fHuMTZOwscvw754ZyurL2n6q1u-UgRZDz01J696u7IZj_wUMGznJNkmkZ1V6RF0BbKhboD...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTSVnzWO_hNttr_fKPI2g_fHuMTZOwscvw754ZyurL2n6q1u-UgRZDz01J696u7IZj_wUMGznJNkmkZ1V6RF0BbKhboDPtidmdEkSc_aFHGdQoPb-qIusnDS...

170 B
188 B

7ms
7ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTSVnzWO_hNttr_fKPI2g_fHuMTZOwscvw754ZyurL2n6q1u-UgRZDz01J696u7IZj_wUMGznJNkmkZ1V6RF0BbKhboDPtidmdEkSc_aFHGdQoPb-qIusnDS2WoSxYyLmqDBFBDSX5xm-UAmkg1a2skecg&google_hm=adc68e3ee7ea9cdd1umqq500lokhds07

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTSVnzWO_hNttr_fKPI2g_fHuMTZOwscvw754ZyurL2n6q1u-UgRZDz01J696u7IZj_wUMGznJNkmkZ1V6RF0BbKhboDPtidmdEkSc_aFHGdQoPb-qIusnDS2WoSxYyLmqDBFBDSX5xm-UAmkg1a2skecg&google_hm=adc68e3ee7ea9cdd1umqq500lokhds07
date: Sat, 04 Nov 2023 20:12:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
content-type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBB8
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEM8GAvviVEQzL0fo040ALYk&google_cver=1&google_push=AXcoOmQMy4g6dj0MILFRci1RGuIp6Nt2_IfaxIK_4JI0HQd-pTKVE2DTWrWxz_0Cnc0...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQMy4g6dj0MILFRci1RGuIp6Nt2_IfaxIK_4JI0HQd-pTKVE2DTWrWxz_0Cnc0367wxX5dSSPFacqhwP-d_x_UEG3S4TRekeQT1zzqJfuKyP7OeTJ0Own2YLJx...

170 B
329 B

8ms
7ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQMy4g6dj0MILFRci1RGuIp6Nt2_IfaxIK_4JI0HQd-pTKVE2DTWrWxz_0Cnc0367wxX5dSSPFacqhwP-d_x_UEG3S4TRekeQT1zzqJfuKyP7OeTJ0Own2YLJxxjhYgRosgd3xA6gvw2QHsZTKWANiY66A

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 4cab3e4a.aab80658
date: Sat, 04 Nov 2023 20:12:21 GMT
x-bytefaas-request-id: 202311042012219EDF1269D419B1B3DDF2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-59-80-149.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
x-parent-response-time: 239,23.59.80.149
server-timing: cdn-cache; desc=MISS, edge; dur=232, origin; dur=7, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311042012219EDF1269D419B1B3DDF2
x-cache-remote: TCP_MISS from a23-218-219-29.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQMy4g6dj0MILFRci1RGuIp6Nt2_IfaxIK_4JI0HQd-pTKVE2DTWrWxz_0Cnc0367wxX5dSSPFacqhwP-d_x_UEG3S4TRekeQT1zzqJfuKyP7OeTJ0Own2YLJxxjhYgRosgd3xA6gvw2QHsZTKWANiY66A
x-bytefaas-execution-duration: 3.41
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0141721bf65e892fe44e9ea21a254123924b35e91403821c33d641b97d1dbec015df7a2df31f1429996d7de445e28e038420194327f2ba58565ce1b4ed22933689d592d5e2c171a5a0a21e7d1d767c86ee91f9d66aeb2d526c87baede951231fabd6229364a0ae780f04c1ec3a171f3155
x-origin-response-time: 7,23.218.219.29
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Sat, 04 Nov 2023 20:12:21 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DBB8 0
130 B 37ms
7ms Image
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0QWKZlsbFs7wrUcHJVomvztjANFk4rNdagJPDn7qh9YB5TfCjqh6mR89iQ9jogJWmq1M8hgTN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFCA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

6ms
5ms

Document
text/html

2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:12:21 GMT
expires: Sat, 04 Nov 2023 20:12:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:12:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7CA3
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDEAq2cbGhDEOVijI1-ua3o&google_cver=1&google_push=AXcoOmQvat2saHvSHo_0WzpcJvDKp00YtIXw1bOYY_AMohU1dp9brJ8EUEpEAkaHUbDEgHHN7suHBJV_joSYbtuHR8n48AQPnHTlxD...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F54FCCA820C42DFA51FD0816FB9B24F&google_push=AXcoOmQvat2saHvSHo_0WzpcJvDKp00YtIXw1bOYY_AMohU1dp9brJ8EUEpEAkaHUbDEgHHN7suHBJV_joSYbtu...

170 B
188 B

7ms
7ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F54FCCA820C42DFA51FD0816FB9B24F&google_push=AXcoOmQvat2saHvSHo_0WzpcJvDKp00YtIXw1bOYY_AMohU1dp9brJ8EUEpEAkaHUbDEgHHN7suHBJV_joSYbtuHR8n48AQPnHTlxDEYBKEHbIJYW0Iv7pGqx6u8bsbvLWm8kRzQHb4EqSuGRnMyVRAOJYv6gQ

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Nov 2023 20:12:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1F54FCCA820C42DFA51FD0816FB9B24F&google_push=AXcoOmQvat2saHvSHo_0WzpcJvDKp00YtIXw1bOYY_AMohU1dp9brJ8EUEpEAkaHUbDEgHHN7suHBJV_joSYbtuHR8n48AQPnHTlxDEYBKEHbIJYW0Iv7pGqx6u8bsbvLWm8kRzQHb4EqSuGRnMyVRAOJYv6gQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 03 Nov 2023 20:12:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7CA3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESENThdCEZtqz1O6WU8NiJvlk&google_cver=1&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESENThdCEZtqz1O6WU8NiJvlk&google_cver=1&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJR...

170 B
188 B

9ms
8ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJRACANwtXQ8mfVwsy9OdV22T8VJ0mszuINQ&google_hm=YgUNo5H8T9COS_aowMXG_Q==

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJRACANwtXQ8mfVwsy9OdV22T8VJ0mszuINQ&google_hm=YgUNo5H8T9COS_aowMXG_Q==
Date: Sat, 04 Nov 2023 20:12:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 7CA3 43 B
641 B 313ms
70ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESELqJq7b_J-qC6f5xACnHxog&google_cver=1&google_push=AXcoOmQHzjlkBeflGJQzSO00CseBnwQj4CDlo4gx4z0Y4i4hePpBSm45YhW4GbMXUlzensshkWKg1uUXINFaExa_bmfqRVb2REtShR0RLRKR4QMFfuUYxw-35xsZj7qbcIIlsEQXcrx-pUVr_PMPx2f7jaLaiA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Sat, 04 Nov 2023 20:12:21 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7CA3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECvre-4fV-3_NN5Tq3MWmq0&google_cver=1&google_push=AXcoOmTVfCfQdNmXOopZjvtyt-JF_2aT3EuO0HIY8Kehu2voHRej0oD6hqdECPGLxpHTIbRfK0uQO457E2MSQbG...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PhKh_5jIX_1lqVwJbwS_32f-mc4&google_push=AXcoOmTVfCfQdNmXOopZjvtyt-JF_2aT3EuO0HIY8Kehu2voHRej0oD6hqdECPGLxpHTIbRfK0uQO457E2MSQb...

170 B
188 B

10ms
10ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PhKh_5jIX_1lqVwJbwS_32f-mc4&google_push=AXcoOmTVfCfQdNmXOopZjvtyt-JF_2aT3EuO0HIY8Kehu2voHRej0oD6hqdECPGLxpHTIbRfK0uQO457E2MSQbGyFm0fBsP5uxRfw2elD-_z4V2WKVio_oyJZKxfmXQNt9rht2KR4TXfM9h9SDFw-HI6XHx6sA

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=PhKh_5jIX_1lqVwJbwS_32f-mc4&google_push=AXcoOmTVfCfQdNmXOopZjvtyt-JF_2aT3EuO0HIY8Kehu2voHRej0oD6hqdECPGLxpHTIbRfK0uQO457E2MSQbGyFm0fBsP5uxRfw2elD-_z4V2WKVio_oyJZKxfmXQNt9rht2KR4TXfM9h9SDFw-HI6XHx6sA
Date: Sat, 04 Nov 2023 20:12:22 GMT
Connection: keep-alive
Content-Length: 300
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7CA3
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEP1oDVm43Jh5YN4IVRn5QQM&google_cver=1&google_push=AXcoOmR4JOu2ynHCw12xJf6pg4Xu1IPPFtSyW1f6zJVea7gMcL841kuDMGPKGvJFSaBo4ETvlYJ53LHTBom8WbiXFeNf...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmR4JOu2ynHCw12xJf6pg4Xu1IPPFtSyW1f6zJVea7gMcL841kuDMGPKGvJFSaBo4ETvlYJ53LHTBom8WbiXFeNf7oWNmt9aFNmxfKifgzMMFODSos-mL-...

170 B
188 B

8ms
8ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmR4JOu2ynHCw12xJf6pg4Xu1IPPFtSyW1f6zJVea7gMcL841kuDMGPKGvJFSaBo4ETvlYJ53LHTBom8WbiXFeNf7oWNmt9aFNmxfKifgzMMFODSos-mL-Zu9Z-b591KCBCfgUDr7rDWkWqWXqaVAqAWgQ

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmR4JOu2ynHCw12xJf6pg4Xu1IPPFtSyW1f6zJVea7gMcL841kuDMGPKGvJFSaBo4ETvlYJ53LHTBom8WbiXFeNf7oWNmt9aFNmxfKifgzMMFODSos-mL-Zu9Z-b591KCBCfgUDr7rDWkWqWXqaVAqAWgQ
date: Sat, 04 Nov 2023 20:12:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 7CA3 35 B
623 B 889ms
101ms Image
image/gif 183.79.248.252
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEGBb0frwyPKQ6NODtXnPvqs&google_cver=1&google_push=AXcoOmTelmnAOeJaF9cF3ocxbOulqk2DLEnmf5uHzXEH1jjFZzatAxBTJfOqO4I8ZPWdvQev7ewPN9QUq0hpWxGZIbSdQObYMV6YsckmwuONzTntmRnZbyrbVm3Pvy2c9BXVgxdWxICQyLsPezkWVLFXNrrkPhI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:22 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 7CA3
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEC2mbtrLk3YR9onrQSIOffY?ext-param=AXcoOmSenSscTr9pNKBYYz8_k2L0caO2Kzv0L4kk5RzJ6FrR-7xjU5o74Ce2gMcKH2qH-rB5us-XFjpEs50nN88FpDPAwY6ubSIly4BnX2dSWeeNbfKo7EWfOXzj...
https://an.yandex.ru/mapuid/google/CAESEC2mbtrLk3YR9onrQSIOffY?redir-setuniq=1&ext-param=AXcoOmSenSscTr9pNKBYYz8_k2L0caO2Kzv0L4kk5RzJ6FrR-7xjU5o74Ce2gMcKH2qH-rB5us-XFjpEs50nN88FpDPAwY6ubSIly4BnX2dS...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEC2mbtrLk3YR9onrQSIOffY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

212ms
212ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 19 Oct 2024 20:12:22 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7CA3 0
49 B 16ms
7ms Image
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpvHzH20_4xIwOGJh2Q3cG4vsz-Kv1cV0bR-rc-F5YTTOdfZTkmmstq1VxbLEy2DTT6xpPLqc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 25F3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fde4042c15414a4c91b5030437721d04be2f236a47a8f8ebccd7259e03223977

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A6E8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C26eupKVGZYDqL8amssUPsqeeoATbl8D7c5ez6o3IEou_94voOhABIM-Ayy1gwQWgAeXajcopyAEBqQIq3HRoEwGyPqgDAcgDywSqBPABT9BGx6z44-8-1qrfzJqt8IRl6GBBVUwIrz0adSL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x982556808f42da470000000000000000%22,%222%22:%220x3e9700656fb146d10000000000000000%22,%223%22:%220xa2bca3...

0
0

15ms
5ms

Fetch
text/css

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x982556808f42da470000000000000000%22,%222%22:%220x3e9700656fb146d10000000000000000%22,%223%22:%220xa2bca30a8fd584ca0000000000000000%22,%224%22:%220xb67d319a2759f98c0000000000000000%22,%225%22:%220x6021c3518ca54bb00000000000000000%22},%22debug_key%22:%2214037671096838684149%22,%22debug_reporting%22:true,%22destination%22:%22https://news-gpt.org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211161267557%22],%224%22:[%2211-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228887697808618989649%22}&andc=true

Protocol

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x982556808f42da470000000000000000","2":"0x3e9700656fb146d10000000000000000","3":"0xa2bca30a8fd584ca0000000000000000","4":"0xb67d319a2759f98c0000000000000000","5":"0x6021c3518ca54bb00000000000000000"},"debug_key":"14037671096838684149","debug_reporting":true,"destination":"https://news-gpt.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11161267557"],"4":["11-04"],"6":["true"]},"priority":"500","source_event_id":"8887697808618989649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Nov 2023 20:12:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Nov 2023 20:12:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x982556808f42da470000000000000000","2":"0x3e9700656fb146d10000000000000000","3":"0xa2bca30a8fd584ca0000000000000000","4":"0xb67d319a2759f98c0000000000000000","5":"0x6021c3518ca54bb00000000000000000"},"debug_key":"14037671096838684149","debug_reporting":true,"destination":"https://news-gpt.org","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11161267557"],"4":["11-04"],"6":["true"]},"priority":"500","source_event_id":"8887697808618989649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 25F3 16 KB
16 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:05:47 GMT
x-content-type-options: nosniff
age: 309994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 06:05:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 25F3 15 KB
15 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:14:48 GMT
x-content-type-options: nosniff
age: 309453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 06:14:48 GMT

GET
H3 200 FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response
pagead2.googlesyndication.com/bg/ Frame CF47 50 KB
19 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 20:55:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 25F3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CgK31pKVGZdrRLsSFoQP_y7fgB8Dg5-JzydKf9pESZBABIM-Ayy1gwQWgAZvSjb0pyAEJqQIPAdkqsnKCPqgDAcgDywSqBOkBT9AScTGlJuUbZHijU9BfRYMqKexYUPcycH0rMnaHfNRqCre...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa325fda52af23bac0000000000000000%22,%222%22:%220x7ccb2ea6c79a65850000000000000000%22,%223%22:%220xef0109...

0
0

7ms
5ms

Fetch
text/css

74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa325fda52af23bac0000000000000000%22,%222%22:%220x7ccb2ea6c79a65850000000000000000%22,%223%22:%220xef0109f5176c0feb0000000000000000%22,%224%22:%220x3b7e3ba93f2458a10000000000000000%22,%225%22:%220xd0103e311ca7d8c10000000000000000%22},%22debug_key%22:%2218021089314683285305%22,%22debug_reporting%22:true,%22destination%22:%22https://coohom.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211134003483%22],%224%22:[%2211-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221231884290689252065%22}&andc=true

Protocol

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa325fda52af23bac0000000000000000","2":"0x7ccb2ea6c79a65850000000000000000","3":"0xef0109f5176c0feb0000000000000000","4":"0x3b7e3ba93f2458a10000000000000000","5":"0xd0103e311ca7d8c10000000000000000"},"debug_key":"18021089314683285305","debug_reporting":true,"destination":"https://coohom.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11134003483"],"4":["11-04"],"6":["true"]},"priority":"500","source_event_id":"1231884290689252065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Nov 2023 20:12:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 04 Nov 2023 20:12:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa325fda52af23bac0000000000000000","2":"0x7ccb2ea6c79a65850000000000000000","3":"0xef0109f5176c0feb0000000000000000","4":"0x3b7e3ba93f2458a10000000000000000","5":"0xd0103e311ca7d8c10000000000000000"},"debug_key":"18021089314683285305","debug_reporting":true,"destination":"https://coohom.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11134003483"],"4":["11-04"],"6":["true"]},"priority":"500","source_event_id":"1231884290689252065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 13ms
13ms XHR
application/json 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67925300f6b44efbdcd549eb0d3828560feb7c89cc83237a6a0706f0158c1902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12129
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=548BC01A53094F0AA615B0D4467BB3C6&RedC=c.clarity.ms&MXFR=0EFE9DF7F7CC6DF7355A8E48F3CC637D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=548BC01A53094F0AA615B0D4467BB3C6&MUID=1DF649755B206E8A27745ACA5A216F5F

42 B
441 B

163ms
163ms

Image
image/gif

20.125.62.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=548BC01A53094F0AA615B0D4467BB3C6&MUID=1DF649755B206E8A27745ACA5A216F5F
Protocol: H2
Server: 20.125.62.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
last-modified: Wed, 30 Aug 2023 08:44:09 GMT
server: Microsoft-IIS/10.0
etag: "41be6e241edbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FC4782FA26E48CF933D08F08685265E Ref B: SIN30EDGE0308 Ref C: 2023-11-04T20:12:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=548BC01A53094F0AA615B0D4467BB3C6&MUID=1DF649755B206E8A27745ACA5A216F5F
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 19ms
4ms Preflight
text/html 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Nov 2023 20:12:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response
pagead2.googlesyndication.com/bg/ Frame 24A2 50 KB
19 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7358138091441515&output=html&h=280&slotname=1613696191&adk=1691536615&adf=950753814&pi=t.ma~as.1613696191&w=1200&fwrn=4&fwrnh=100&lmt=1699128740&rafmt=1&format=1200x280&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740738&bpp=3&bdt=694&idt=3&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=195668910&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=9DCiQHdT5A&p=https%3A//groupda.link&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 20:55:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:12:21 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 5ms
5ms Preflight
text/html 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Nov 2023 20:12:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 92E8 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 310557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 05:56:24 GMT
expires: Thu, 31 Oct 2024 05:56:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3575 829 B
560 B 10ms
10ms Document
text/html 2404:6800:4003:c0f::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::69 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d557886d2ea6521af16b9f1c0ca7148edc343750efd37a1181427e2805d40c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fIBlczKAmFQdMUc_fvYzIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://groupda.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fIBlczKAmFQdMUc_fvYzIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:12:21 GMT
expires: Sat, 04 Nov 2023 20:12:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3575 0
0 5ms
5ms Image
text/html 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=309385370782049&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 92E8 38 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 02:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 02:33:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 92E8 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c02::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5S8twA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:12:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
292 B 226ms
225ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://groupda.link
Date: Sat, 04 Nov 2023 20:12:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 8ms
7ms Image
text/html 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=309385370782049&bg=!o6CloO_NAAb4oU7C2KE7ADQBe5WfOO-5nh_AtUTXwyArwWBPigwRnts9ao_KlrxT3Y5XPNo84y_f1let4y9QbP_SxA_5AgAAAIVSAAAAC2gBBwoAtCfiD6TD3i36X_N-vd4eqia3HhsK2G0qG0g43wCYd4kU9KBr6rtktOYV_L9aoMOHFbQWZNz4JMGhmELhQEfFHcc3atWSR9MvsuB6qzDWPgL8EnS6qI0ZI0x6km5-3DsTX8AMJ-zJoCZz6K4SuZmOeKMEsZQcO1YFcAt1co132VDPF9suuqVwAQ-VuxIXI1-CqOsSIU6E7HEF3LEoFVpaFiACare6Lvs-Z15fRa0RrHGw_Ml9zJkC2Y3DjH9a2CSeEZ00OcuoA5tWjmiGkuWmG5KG31ZhPnWgNeSaTyBkKjVzieHxA8IIo6UXdzDon62JSsdx_sdRg8KERC3aDTp-cJWjxPkdza-zyN235A2nYYc7rRfF-dSO4L65XCnR7vrZCzZ4UsDD5QmSFwT7IBNe4KDHVoFlISl8z-BXhfO3-3ssl8cD15InAmrkPWdwTcu6mDE0uLjwjwMBcC5BZVSP_9PhtRy5ZzzF3Qdg8HLPUUNnRl-GUtKFwh0f277WT9fD5rOPw2xdf6NSILKsQDwno5HFAemz6lo5LM643MuuJ8VFRDJGH7DY3BFNmyIZjXdYdO2jGpZ7vjpM9QFw8eaZ2jw5CCVfUVLNEkjxm2xq7IXdn5BBG4V2DwuHGUlHjERTU8NIAcAAPm8uJhWpxl7yzCtXoYNlicrgjmp0OKOVGyGWPW3X3hvTNAeTS2Xp3Gs7i52EDi3HR7rz1rjwdTmX1Zb4cB5PU639gmmQ5eCatv-fauZA4mv4R5VwmXzOreoKMwD4J7-RMsZyeOnWaewgp_nksTIU3xhtT9cnQ0h-S9JLKjb0X9hezeSFLuGWbsGiuEz6BnvmzS3JoWfzVNNHECGonBV789Lyz2biIg6_4Lr4eukOjMHMXKWZCo-G8M51bjsyPvS_FmcLlcAUsUbSMVeWR-FX9mlXyPiMk2r2a98saUZHM3lzQRsc_gin5cKnwFnV8-BssDJL7hhV9YxnFbz3Zu2j5iRVPWxn70rAWISi-qsrfBZDODqC9NQ-ksbODqdD29MILvIpoN4umDHbIpIBDpGO14_CnPLDeKuEndP8U5RVWU2fa7qO8udEuZX2WQpWoFU3XtSn_5p3U1GklRkxJ2jiq4pJxbRK5oBu1nH1QglNGY3zde_-w_H_uJ3pPfkd8u91oJuhaQmsSX-ga24J0YRLNCJ7g17cr6OkknxzazDyoii1d59O0zFVSTWJUA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://groupda.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A6E8 42 B
64 B 15ms
15ms Fetch
image/gif 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugQw9owVaxudqT1Iv7onlfg4tPL62zw8pcSfCeFc1bI8KJTW1liN4QEN6W-BGvdD6fdn7juZJRukP9fMePTf-w21z5OXibdS_R1OdNg_an2fPuvT2xoM-BX7ljTcN1orQFgxM7sBdQew&sai=AMfl-YQqodjjxUYzeV9yCzNR2AzwaHlMN_IrzLfEFZrdnLcVPdMmJ9JI0pnB1J0rS2bbln9RISMIhwHZWPGMRf9jUbFOoY6Vp0FJjzXE64ihTH38e6yjtWgA3suYHVcP&sig=Cg0ArKJSzGPWYONWAIUTEAE&cid=CAQSPADICaaNP7y38xk4guZbjjI8-DuE9EroEdiHEFC_mxuXRgE0QlpMjzgqA88oMwuN4tMwT8-GGC2zy6PNixgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1893563610&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699128740765&rpt=624&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 25F3 42 B
64 B 14ms
13ms Fetch
image/gif 2404:6800:4003:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSo8c-0eaVDWRMRllvmJUseetkeQfOhAmeqaUXEJqD_KujVQOUZ0nCoz3ZsGNv44Mz1bFHMNcdTuuuNQzSPJEgK_xf9H783GqqIHHLObyUXcvaD5bz2nFGNUg37tHIAGUvKr9VxvL2fQ&sai=AMfl-YRwfQUYlCdGFl7AXIyGWzUf67WLBny3KCZQWtopSKVQF-W7Md3uVFvRRg2YnlMQSyrhbX3kMgTwlXwMflxtJJkjtaAy5WW9caXPieZ6g7NewApigvBsIhVTn7E&sig=Cg0ArKJSzERZbscZ38dBEAE&cid=CAQSOwDICaaNS-ipg0uY2FKI8-BF8PzN2etGHQkOsBZzWuEpu1OLAJVRFFKTJ-M0YBf7MKQFj6deaP5Wb81pGAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1691536615&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699128740748&rpt=679&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
292 B 228ms
227ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://groupda.link
Date: Sat, 04 Nov 2023 20:12:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 7ms
6ms Ping
text/plain 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WHXR5KXXMB&gtm=45je3b11v9115751510&_p=1699128740067&gcd=11l1l1l1l1&cid=1402309844.1699128740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1699128740&sct=1&seg=0&dl=https%3A%2F%2Fgroupda.link%2Fadd%2F&dt=Groupda%20Link%20Whatsapp%20Group%20Link%20Join%202023%20-%20Groupda.link&_s=2&tfd=7698
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WHXR5KXXMB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c1c::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://groupda.link/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 20:12:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://groupda.link
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
groupda.link/	1970-01-20 15:58:55	Name: groupda Value: 74b22dc1fed06b10af01daba1a6bb272268adcf6
.groupda.link/	1970-01-21 01:34:48	Name: _ga Value: GA1.2.1402309844.1699128740
.groupda.link/	1970-01-20 16:00:15	Name: _gid Value: GA1.2.1571379387.1699128740
.groupda.link/	1970-01-20 15:58:48	Name: _gat_gtag_UA_133706520_1 Value: 1
www.clarity.ms/	1970-01-21 00:44:24	Name: CLID Value: 8c9da2d49c9c4fd3913802a48467357b.20231104.20241103
.groupda.link/	1970-01-21 00:44:24	Name: _clck Value: 1i2nf6f\|2\|fgf\|0\|1403
.doubleclick.net/	1970-01-21 01:34:48	Name: IDE Value: AHWqTUmK4CxBo-kvkkuoEY683PP3uP5m5DhyfVpmf3ZwpO3VwRxUiGVEQiivaH6kNF4
.groupda.link/	1970-01-21 01:20:24	Name: __gads Value: ID=90db3990c7383f65:T=1699128740:RT=1699128740:S=ALNI_MYDlBAZQcbgDUY94SIs5K6h6GKnCA
.groupda.link/	1970-01-21 01:20:24	Name: __gpi Value: UID=00000c7fe6bcb66a:T=1699128740:RT=1699128740:S=ALNI_MYGiNQRz_GQwUtfOG24GcdQBOYD5g
.doubleclick.net/	1970-01-20 15:58:52	Name: DSID Value: NO_DATA
.groupda.link/	1970-01-21 01:34:48	Name: _ga_WHXR5KXXMB Value: GS1.1.1699128740.1.0.1699128741.0.0.0
.googleadservices.com/	1970-01-20 18:08:24	Name: ar_debug Value: 1
.bidswitch.net/	1970-01-21 00:44:24	Name: tuuid Value: 62050da3-91fc-4fd0-8e4b-f6a8c0c5c6fd
.bidswitch.net/	1970-01-21 00:44:24	Name: c Value: 1699128741
.bidswitch.net/	1970-01-21 00:44:24	Name: tuuid_lu Value: 1699128741
.pangle-ads.com/	1970-01-21 01:20:24	Name: _pangle Value: 2Xj3cciyext6HkpHyNMLGwpcpoz
.send.microad.jp/	1970-01-20 18:08:24	Name: TR Value: 2e5756cb1ff7f1ff346b1ec1e81841238b2cad69d85789ab
.c.appier.net/	1970-01-21 00:44:24	Name: _auid Value: Pz2QiO0vBpC8U7_IpaVGZQ
.c.appier.net/	1970-01-20 16:42:00	Name: _gu Value: CAESEAFavFIvxRv_mAJHR8p90Mw
.bidswitch.net/	1970-01-20 15:58:49	Name: google_push Value: AXcoOmTa2vsfWFShm87FVrAo78b038AppbJrQEp6DkbJIP79UHLCdKgb_bmKE41BWMUU0i1_MxAtS32dxss5CToG_v8eijK1k_I75rRvx6OCy4JIYOOfTHd-zakJRACANwtXQ8mfVwsy9OdV22T8VJ0mszuINQ
.uncn.jp/	1970-01-21 00:44:24	Name: t Value: v_0384164c-6445-4c80-91a7-23d7143db09f
.r-ad.ne.jp/	1970-01-20 20:18:00	Name: r_ad_token Value: 57BKCL00KBDGa007AaQz
.simpli.fi/	1970-01-21 00:45:51	Name: suid Value: 1F54FCCA820C42DFA51FD0816FB9B24F
.groupda.link/	1970-01-20 16:00:15	Name: _clsk Value: 17ileka\|1699128741949\|1\|1\|r.clarity.ms/collect
.bing.com/	1970-01-21 01:20:24	Name: MUID Value: 1DF649755B206E8A27745ACA5A216F5F
.c.bing.com/	1970-01-20 16:08:53	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:20:24	Name: SRM_B Value: 1DF649755B206E8A27745ACA5A216F5F
.mediago.io/	1970-01-21 00:44:24	Name: __mguid_ Value: adc68e3ee7ea9cdd1umqq500lokhds07
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:20:24	Name: MUID Value: 1DF649755B206E8A27745ACA5A216F5F
.c.clarity.ms/	1970-01-20 16:08:53	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:58:49	Name: ANONCHK Value: 0
.yahoo.co.jp/	1970-01-21 00:45:51	Name: XA Value: 01hf96hikd9d6&sd=A&t=1699128742&u=1699128742&v=1
.yahoo.co.jp/	1970-01-21 01:34:48	Name: XB Value: 4b8rn3likd9d6&b=3&s=en
.yandex.ru/	1970-01-21 01:34:48	Name: yuidss Value: 7909066971699128742
.yandex.ru/	1970-01-21 01:34:48	Name: yandexuid Value: 7909066971699128742
sync.srv.stackadapt.com/	1970-01-21 00:44:24	Name: sa-user-id Value: s%3A0-3e12a1ff-98c8-5ffd-65a9-5c096f04bfdf.SCWsaCMNz95dj85U8EJ1uGSrtHHVJfiK0ueRlGWum88
.srv.stackadapt.com/	1970-01-21 00:44:24	Name: sa-user-id Value: s%3A0-3e12a1ff-98c8-5ffd-65a9-5c096f04bfdf.SCWsaCMNz95dj85U8EJ1uGSrtHHVJfiK0ueRlGWum88
sync.srv.stackadapt.com/	1970-01-21 00:44:24	Name: sa-user-id-v2 Value: s%3APhKh_5jIX_1lqVwJbwS_32f-mc4.AQ4%2F0HjN3I%2BHxtHQk1kno7tL5%2FNP%2Ff%2Bwy%2Fbkn747cjE
.srv.stackadapt.com/	1970-01-21 00:44:24	Name: sa-user-id-v2 Value: s%3APhKh_5jIX_1lqVwJbwS_32f-mc4.AQ4%2F0HjN3I%2BHxtHQk1kno7tL5%2FNP%2Ff%2Bwy%2Fbkn747cjE
sync.srv.stackadapt.com/	1970-01-21 00:44:24	Name: sa-user-id-v3 Value: s%3AAQAKINxaJnnkGB6HIPD1u09r0wyqVtkOlrhjz_aPzqMB_SYqEHwYBCCmy5qqBjABOgTtVOP9QgTrlUAj.mE1P2NosupKn7dxA5XHzP36sDcpdY1XMMaQFUEpbWXw
.srv.stackadapt.com/	1970-01-21 00:44:24	Name: sa-user-id-v3 Value: s%3AAQAKINxaJnnkGB6HIPD1u09r0wyqVtkOlrhjz_aPzqMB_SYqEHwYBCCmy5qqBjABOgTtVOP9QgTrlUAj.mE1P2NosupKn7dxA5XHzP36sDcpdY1XMMaQFUEpbWXw
.reemo-ad.jp/	1970-01-21 01:34:48	Name: deviceIdentifier Value: CQTPNcEEEoPrVyxbbnzQbGldypyEYnZF
.reemo-ad.jp/	1970-01-20 16:20:24	Name: sync_gadx Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7974419705489132&output=html&adk=1812271804&adf=3025194257&lmt=1699128740&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgroupda.link%2Fadd%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699128740125&bpp=541&bdt=82&idt=542&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7297206741101&frm=20&pv=2&ga_vid=1402309844.1699128740&ga_sid=1699128741&ga_hid=41067794&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079192%2C31079306%2C31079345%2C31079347%2C44807047%2C44807336%2C44807455%2C44807460%2C31078297%2C31079382%2C44806140&oid=2&pvsid=309385370782049&tmod=1069805171&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=570 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEGBb0frwyPKQ6NODtXnPvqs&google_cver=1&google_push=AXcoOmTelmnAOeJaF9cF3ocxbOulqk2DLEnmf5uHzXEH1jjFZzatAxBTJfOqO4I8ZPWdvQev7ewPN9QUq0hpWxGZIbSdQObYMV6YsckmwuONzTntmRnZbyrbVm3Pvy2c9BXVgxdWxICQyLsPezkWVLFXNrrkPhI Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
aid.send.microad.jp
an.yandex.ru
analytics.pangle-ads.com
c.bing.com
c.clarity.ms
cksync.yahoo.co.jp
cm.g.doubleclick.net
code.jquery.com
cs.r-ad.ne.jp
ds.uncn.jp
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
groupda.link
im.bluevoox.com
pagead2.googlesyndication.com
partner.googleadservices.com
pps.whatsapp.net
r.clarity.ms
static.whatsapp.net
stats.g.doubleclick.net
sync.dsp.reemo-ad.jp
sync.srv.stackadapt.com
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
www.clarity.ms
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
139.162.40.113
150.95.47.242
172.104.56.139
18.177.11.95
183.79.248.252
20.119.174.243
20.125.62.241
202.233.84.1
23.59.80.153
2404:6800:4003:c01::5e
2404:6800:4003:c01::9c
2404:6800:4003:c02::84
2404:6800:4003:c03::61
2404:6800:4003:c04::5f
2404:6800:4003:c04::9b
2404:6800:4003:c0f::69
2404:6800:4003:c0f::9c
2404:6800:4003:c11::5e
2404:6800:4003:c11::9b
2404:6800:4003:c1c::71
2620:1ec:46::70
2620:1ec:c11::200
2a02:6b8::90
2a03:2880:f20c:3c1:face:b00c:0:167
2a04:4e42:600::649
35.208.249.213
35.213.12.39
35.247.47.28
35.73.149.224
52.45.175.185
54.209.88.56
74.125.130.157
74.125.24.157
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
057eb01d3869993ea0da0e5d785c5e7728e5aaf5388bf4e72e146133ad4a8d72
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
0686d45632b4a1076d8e9bbec9428990009ea4d3988644813b86bbdd80cea0f6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0fecb8439c20d8a7de0f37543648ab20cc15ef0d014984345b2daae7f33cdb75
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196b65086a14064941aa9d24d13519662ce5fd6f8aa4ea85035d59c524ef8a60
1e248be56b760c05376e698db864d2f3cd856ac8427f32cc12a3c9f0ce4504f6
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31dd57a98b3edc2cfc2d95cfb1c51a1b70e9ac818a2eb969b2ad21b0cd38c47a
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
406529ba05f26610ac014f2fe0c69cd4aee643f03c3ea6fa160a88b8584a4bef
442ae75e727cd9f2f200830b5ff457d274363ff02987a6b6000090c0e512c9ab
4528c1771cfc7455463ec6591775fb8f46ccd3f5799a1e18ea787018d318027b
5033899daea22c45c22b457247bf1445b5e44dc75d9c796ab50809be0b98b240
5144414adc98d918807d5200fdc30933d86f5ff076344cfb6e2dbd52137f8047
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55582084249469690fce58d32a8b3159ece09bbceca41506006501a3accf62f5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
607007014d9837aa57a9d2288ca0ed2bcbd7b8709d3160aa85df3f0f68120199
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
65d47fed43704255959d18f70708a442e3deb6e644d1def288661adf38d46d31
67925300f6b44efbdcd549eb0d3828560feb7c89cc83237a6a0706f0158c1902
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7263dc2c64c87b9847f52e8a6e35447c968a144fc7940084fe3ca89003e8fbb1
74289296cd30c63c7fa939f64a3f9df7fb2bf7d522cee905e3ee512af7f0ca1c
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
794ed77951fb5d8adb99c225a61512e158eecd8e196efb22d89085bde8368888
7eb6f94532a44579fd3f100322d038a1efb6298fde4791ca46b04396a718ea95
9316148af3b5982db65c8c5de81d269e7df7ff800b11d56ecaff3d2818cb70bd
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
97283010d86394149e03ecedbc518303aa2f9f69fe88efd937ba39a6ce025d77
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5770079ac1923ecd9e578a91769af472c297416af70ec12cc980d36d839ab3
9c317db70b242a2e7e90b50222224b9329aa98e4deadb4366630106f3ac92248
9d557886d2ea6521af16b9f1c0ca7148edc343750efd37a1181427e2805d40c1
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a805b8db590cc0ce99beb8a465c0e475b97b770fce7305e1910db9cda5a7bfaa
aec9daa9ad915ae4dca1b21fc82668beb3e40dac015fb4f7eda8d0d9a9e5df13
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29306dfbd9c54776c205780522b289d319197a42c770c3e78c017cd674aaa05
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bea45a652702db616c3f4edf7be402cdfff5643ee0e152f6053a22f2a01cb093
c8e45bf3814d6d8a73d11a8bfd863fd526907c86ef18dc70904a87e35580237e
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d10f661476f28c291f3403a81854bcea72a8b264c9cb480a2620dfb9d4f671c7
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d6832684dc34252ac44d2576145f34d02cc81de2114917a02c7a8b8fe2912b75
d82ca0699739ff332a0764450dc1b5e5191878ffa8ae33eed1a6a0cc8853ac31
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd980e6c960d670a7036c580e05e49fd5c2e1886f959c373d8465519fedafca
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44cf7ec2fcfb3d2ba0a0188ad2e9347088ef510eabbd77989c74d954ba39cc7
e5b1aa263dd0d7ed4996b3cbad2fe66e00e55a557c20b5bfed57f7b1dab52491
e7118d90e397c93cf35813b66dfdfc133b4a73b6a58755c9723366c52db7a070
e913a8990c885bd71ef289a424530af23b9aa3e431085874a2ed8681d93f95b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3540afcf09d5a83319752d4bcebad95dbc9f0c873b1b84afc5013472eadee29
f57e891f138d0e99f02cc17a625f183cb0325297bee61c3709a8e7f60ed698f2
f605e0617edfaa51b83e023d5a8937f08f8093fa72041c90c197ddc856f9a809
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fb4d6e13f4dd6fc5e54198f73debbb923455f80c5e6d9faf6da6a386f9ea5650
fde4042c15414a4c91b5030437721d04be2f236a47a8f8ebccd7259e03223977
ff45d1fe50d5aaded15e44117329798dc18419a7b10f5a2f4a4d5b3bfa2cac5e

groupda.link Open in urlscan Pro 172.104.56.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

88 %HTTPS

48 %IPv6

27 Domains

35 Subdomains

23 IPs

4 Countries

1394 kBTransfer

3143 kBSize

44 Cookies

20 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

groupda.link Open in urlscan Pro
172.104.56.139 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

88 %
HTTPS

48 %
IPv6

27
Domains

35
Subdomains

23
IPs

4
Countries

1394 kB
Transfer

3143 kB
Size

44
Cookies

113 HTTP transactions
2 data transactions