www.midaxia.com Open in urlscan Pro
211.149.189.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xiaohuashipin.com/
Effective URL:
http://www.midaxia.com/yuming/xiaohuashipin.com.html
Submission: On February 21 via api (February 21st 2024, 5:09:24 am UTC) from BY — Scanned from SG

Summary HTTP 139 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 14 domains to perform 139 HTTP transactions. The main IP is 211.149.189.78, located in China and belongs to CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN. The main domain is www.midaxia.com.

This is the only time www.midaxia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.43.191.191 103.43.191.191	139021 (WEST263GO...) (WEST263GO-HK West263 International Limited)
15	211.149.189.78 211.149.189.78	38283 (CHINANET-...) (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center)
1	221.15.67.45 221.15.67.45	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	142.251.175.157 142.251.175.157	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
31	142.251.175.156 142.251.175.156	15169 (GOOGLE) (GOOGLE)
2 18	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
4	142.251.175.95 142.251.175.95	15169 (GOOGLE) (GOOGLE)
27	142.250.4.132 142.250.4.132	15169 (GOOGLE) (GOOGLE)
4	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
2	142.251.175.148 142.251.175.148	15169 (GOOGLE) (GOOGLE)
3	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
4	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
7 12	74.125.68.157 74.125.68.157	15169 (GOOGLE) (GOOGLE)
5 10	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	74.125.130.99 74.125.130.99	15169 (GOOGLE) (GOOGLE)
6	142.251.221.35 142.251.221.35	() ()
1	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
1 1	74.125.200.138 74.125.200.138	() ()
2	74.125.12.233 74.125.12.233	() ()
2 6	142.251.10.149 142.251.10.149	15169 (GOOGLE) (GOOGLE)
2	142.251.10.156 142.251.10.156	() ()
139	22

1 103.43.191.191 (Singapore) 1 redirects

ASN139021 (WEST263GO-HK West263 International Limited, HK)

xiaohuashipin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 211.149.189.78 (China)

ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN)

www.midaxia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 221.15.67.45 (Zhengzhou, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.jz.adsl

res2.wx.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.251.175.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.194.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.148 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.95 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.68.157 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.36.155 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.43.90.179 (Singapore, Singapore) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.99 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.221.35 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.138 (None, ) 1 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.12.233 (None, )

ASN- ()

r4---sn-npoe7ner.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.10.149 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.156 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com	855 KB
35	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 ad.doubleclick.net — Cisco Umbrella Rank: 149 googleads4.g.doubleclick.net	226 KB
15	midaxia.com www.midaxia.com	245 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	95 KB
10	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	6 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	9 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	140 KB
5	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net r4---sn-npoe7ner.c.2mdn.net	3 MB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 12820	12 KB
1	qq.com res2.wx.qq.com — Cisco Umbrella Rank: 194527	4 KB
1	xiaohuashipin.com 1 redirects xiaohuashipin.com	321 B
0	atdmt.com Failed ad.atdmt.com Failed
139	14

	Domain	Requested by
32	pagead2.googlesyndication.com	www.midaxia.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net www.midaxia.com tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
18	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.midaxia.com
15	www.midaxia.com	www.midaxia.com
10	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
9	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
6	ad.doubleclick.net	2 redirects www.midaxia.com
6	csi.gstatic.com	imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net
2	ade.googlesyndication.com
2	r4---sn-npoe7ner.c.2mdn.net
2	www.googleadservices.com	www.midaxia.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	s0.2mdn.net	googleads.g.doubleclick.net
2	hm.baidu.com	www.midaxia.com
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	res2.wx.qq.com	www.midaxia.com
1	xiaohuashipin.com	1 redirects
0	ad.atdmt.com Failed	www.midaxia.com
139	25

This site contains links to these domains. Also see Links.

Domain
mi.aliyun.com
wpa.qq.com
www.zwhl.com
www.zwly.com
www.jzgly.com
www.jianzhanwang.com
www.seoyouhua.com
beian.miit.gov.cn

Subject Issuer	Validity	Valid
weixin.qq.com DigiCert Secure Site CN CA G3	`2023-12-18` - `2024-12-18`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Frame ID: 0894055B157B3F9FC9F8EAFDF21F324F
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: F3972B196C99F645A685A5A6CCCE1194
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&h=280&slotname=6715455946&adk=3913009745&adf=4252294089&pi=t.ma~as.6715455946&w=1200&fwrn=4&fwrnh=100&lmt=1699410128&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708492154171&bpp=4&bdt=7379&idt=675&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=2789699311601&frm=20&pv=2&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=692
Frame ID: BAC52EA1B79976A7109929C5DDC14860
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&h=280&slotname=6715455946&adk=3379544273&adf=1909092598&pi=t.ma~as.6715455946&w=1200&fwrn=4&fwrnh=100&lmt=1699410128&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708492154175&bpp=1&bdt=7384&idt=708&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2789699311601&frm=20&pv=1&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=714
Frame ID: 3B85EBF6988B5228E383FD73E17AB0FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&adk=1812271804&adf=3025194257&lmt=1699410128&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1708492154193&bpp=2&bdt=7402&idt=705&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=2789699311601&frm=20&pv=1&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=717
Frame ID: C957272EE952E71A49075B94C23C3672
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EE350D2679BBD62CE2DD0DE2B318F8DF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B4AB90943488B0DB7E9389374F0EC524
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 975953D0898F5E7F677053DBAA6DFCDB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9555773C6B09473D818F86356518B069
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWg7OEFEISL9-YFGKb1roYCMAE&v=APEucNVJ6tYr3lJB0n7ddLQXWMbq2s4dF-O-edBvUMFSzkb2fQjRPjp36MKxUNtNCf38dl85n03L56fshWbWiduph1lcicpFxw
Frame ID: F9B5B11EFDD81B640F82611B45099C6F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGJX11IYCMAE&v=APEucNXPN9dStB60ndblNDQu7U0Ulzw7NXblzpsjifbjtq9TmPiXFn6v4R48frQdyH4phzLEo_MTFdD1js2DnUqzLvY7uo-Ovw
Frame ID: 4F1CC91271432B1E158C762B03BD16B0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Frame ID: 1E90E5D3463659301065D06A219741CB
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AA64A8D1FEF40A8C92C5081D2E490060
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0AB2896A086E4D2C5015ECC7588823F3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 506DE3B5D352A0049988C11CA90D9309
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 45903C5872CA66DFDB6D648D717036C0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: E359C80DB378ABDEAAAF366EF993FB86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: E9A688D7D0FEF4658EED362B58A076AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E7B35462D2547DF1ADCE6812DE76CCB8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBD5A02C205F0FC9FFB225879F39276E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3316E9B8BCA7E0A067C73990D86BE8EF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

笑话视频-米大侠

Page URL History Show full URLs

http://xiaohuashipin.com/ HTTP 301
http://www.midaxia.com/yuming/xiaohuashipin.com.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

78 %
HTTPS

0 %
IPv6

14
Domains

25
Subdomains

22
IPs

5
Countries

4569 kB
Transfer

7045 kB
Size

19
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://mi.aliyun.com/detail/online.html?domainName=xiaohuashipin.com
Title: 点击购买(buy it)

Search URL Search Domain Scan URL

URL: https://wpa.qq.com/msgrd?v=3&uin=958818&site=qq&menu=yes

Search URL Search Domain Scan URL

URL: http://www.zwhl.com/
Title: 中网互联

Search URL Search Domain Scan URL

URL: http://www.zwly.com/
Title: 成都旅行社

Search URL Search Domain Scan URL

URL: http://www.jzgly.com/
Title: 九寨沟旅游

Search URL Search Domain Scan URL

URL: http://www.jianzhanwang.com/
Title: 建站网

Search URL Search Domain Scan URL

URL: http://www.seoyouhua.com/
Title: SEO优化

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 蜀ICP备13013153号-3

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=958818&site=qq&menu=yes
Title: QQ咨询

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xiaohuashipin.com/ HTTP 301
http://www.midaxia.com/yuming/xiaohuashipin.com.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7j-MEhFcjcRsbyK2VxRMk&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWFfYsFVa0AAFnjAC.uxgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsdNVeRb-tLqjZwzJn-GKs&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPsdNVeRb-tLqjZwzJn-GKs%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1

Request Chain 82

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWFfYsFVa0AAFnjAC.uxgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGKecjLCWI-S8GhBzRcoUBU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGKecjLCWI-S8GhBzRcoUBU%26google_cver%3D1

Request Chain 84

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=CRLGLeoXVZfG2Nqn3z7sP58SxkA7W1pXcdYevmc3wEdCF1YbaQBABIN-M0zNgvwWgAf79j8wByAEJqQL6Og_Jy-moPqgDAcgDywSqBP4BT9AElYZijDKaxydm8wM0NXH_BCdNEIM9GUHRLcSU-WybtbLIe4HIBrxLbw_xawf55okv5QkXR711VKC-K2jvGT6gmfbQG0DE_zMBzviE9I8lly0QRQLkZmNbq5s1EOZ7gxbJKrHN6Dsxv1WcktHUE43hytVl0ySL4oyl1v3bHSoJ4JLxaVEaJLr-nmZ4bre9Jr-gTinbOP4ATIrOPwVJVP3dln4f86J_1IAY8qv6gXCK0dXwFrkutEBap0U997SspPyH58Wm1qbLfzmvfwBhdtNIdlgQftZWwDd5AbfGKg-OCZe6jlKw1pJFWGLa8UhpYp12Rm-pSqjS9gezaDjABLn-3PDGBIgFkPyiz0ySBQQIBBgBkgUECAUYBKAGLoAH6oHwswKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDLmBLSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYpr_5n9W7hAOaCdUBaHR0cHM6Ly93d3cub2NiYy5jb20vcGVyc29uYWwtYmFua2luZy9pbnN1cmFuY2UvZ3JlYXQtc3Atc2VyaWVzLnBhZ2U_dXRtX3NvdXJjZT1wbWF4JnV0bV9jb250ZW50PXBtYXgmY2lkPU1hc3M6aW5zdXJhbmNlOkdSRUFUU1BTZXJpZXMxMjpUYWN0aWNhbDpBY3F1aXNpdGlvbjpTZXA6MjAyMzpkaXM6OkdETjpQUFQtRHluYW1pYzpHU1AxMjoxeDE6OiZnY2xzcmM9YXcuZHMmgAoByAsB2gwRCgsQ8N-sk6rm0_nRARICAQO4E-QD2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTE3NzgxNjc2MjM2MTQwNzIYAA&sigh=syee3S3oyq0&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_y718RGBzlDgRPtDzES3A02DW0Kkp6tq68DFLMYEv6VD8y4EauS1tye1K4ZCWJJ7pHnoZK2dzDmQcSbdlp7E8ufI_aZO14w-U3ToYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1fb73b25de6f72100000000000000000%22,%222%22:%220xe802656bbf20af180000000000000000%22,%223%22:%220x35c081653079c2da0000000000000000%22,%224%22:%220xcc7936a761684e550000000000000000%22,%225%22:%220xbcf578c66d3d6fe10000000000000000%22},%22debug_key%22:%22558713915470527835%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22428080894%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212084531788622473665%22}&andc=true

Request Chain 104

https://gcdn.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/9B9518E094A0C95E81C77C53A9EB37522BCD8335.90BAE37E896E80C67B07A28040805AB1743C20AC/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-npoe7ner.c.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/8481E9792CB697702CFD91B2CC33340E41538FA6.61249B72EF29EE6FF447F7AEC47FBA96D4B41DE2/key/cms1/cms_redirect/yes/mh/aU/mip/118.201.240.156/mm/42/mn/sn-npoe7ner/ms/onc/mt/1708491870/mv/m/mvi/4/pl/24/file/file.mp4

Request Chain 128

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIC21aLVu4QDFcekZgIdmOwBEQ;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima

Request Chain 129

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIGy1aLVu4QDFf6f2AUdaU4L5Q;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima

Request Chain 133

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSdPhCQ4MABGKnYlIgCIAEwAQ&v=APEucNVoFm1B_rXFjpo6PSxT8MrjdwQA3luXNCHhf9bDDZBqx9_LbhYvyqs2h9HRHV3ZGv0vgGtdY1KxobR-8qdDGKc2V5LJwtp0_8kzMXv-jLWurImXlJg HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWFfYsFVa0AAFnjAC.uxgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2

139 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request xiaohuashipin.com.html Show response
www.midaxia.com/yuming/
Redirect Chain

http://xiaohuashipin.com/
http://www.midaxia.com/yuming/xiaohuashipin.com.html

11 KB
5 KB

1204ms
866ms

Document
text/html

211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a6c01c6758c0c51b36f5c7e43d2df28b8b69f63e8df5a320ddef2017f6d5be6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 5211
Content-Type: text/html
Date: Wed, 21 Feb 2024 05:09:05 GMT
ETag: "17f26e5fea11da1:0"
Last-Modified: Wed, 08 Nov 2023 02:22:08 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 0
Content-Type: text/html
Date: Wed, 21 Feb 2024 05:09:05 GMT
Location: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK sales.css
www.midaxia.com/skin_2109/css/ 7 KB
3 KB 2734ms
2733ms Stylesheet
text/css 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/skin_2109/css/sales.css?1007
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2b5ae3600505a612beeaefc9853255c1e55a0bc3c853634a3e194f5004f00096

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 06:13:46 GMT
Server: Microsoft-IIS/10.0
ETag: "cb9fd724eb47d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2538

GET
H/1.1 200
OK jquery.1.11.3.min.js Show response
www.midaxia.com/skin_2109/js/ 94 KB
42 KB 3870ms
3864ms Script
application/javascript 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/skin_2109/js/jquery.1.11.3.min.js
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Oct 2021 04:28:20 GMT
Server: Microsoft-IIS/10.0
ETag: "c82b68418fbdd71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 42852

GET
H/1.1 200
OK autofontsize.js Show response
www.midaxia.com/skin_2109/js/ 498 B
704 B 1212ms
1206ms Script
application/javascript 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/skin_2109/js/autofontsize.js
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9a619d234257afcbac6245adcbd618cc094b34e65fdf31d9f133a19268b4bc9a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Oct 2021 01:29:36 GMT
Server: Microsoft-IIS/10.0
ETag: "e09ad4976bdd71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 397

GET
H/1.1 200
OK tips-icon.png
www.midaxia.com/skin_2109/images/ 46 KB
46 KB 3826ms
3820ms Image
image/png 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.midaxia.com/skin_2109/images/tips-icon.png
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a9113cef527609d6cd4350007ff81e343ee7af3e8b22703b47d580191b2085f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:10 GMT
Last-Modified: Sun, 10 Oct 2021 01:29:36 GMT
Server: Microsoft-IIS/10.0
ETag: "82d5464976bdd71:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 47273

GET
H/1.1 200
OK qq.jpg
www.midaxia.com/skin_2109/images/ 3 KB
3 KB 3868ms
3863ms Image
image/jpeg 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.midaxia.com/skin_2109/images/qq.jpg
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c9ccba6f4bbb2634efa43dc1489057db599ecaf966f1755b2a06c476f37b4ebe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:10 GMT
Last-Modified: Sun, 10 Oct 2021 01:49:25 GMT
Server: Microsoft-IIS/10.0
ETag: "7b87fbd79bdd71:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2730

GET
H/1.1 200
OK 20211010115010535.png
www.midaxia.com/uploadfile/site_1/2021/1010/ 34 KB
34 KB 416ms
416ms Image
image/png 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.midaxia.com/uploadfile/site_1/2021/1010/20211010115010535.png
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8b2f5392a226714b2faff55d18771a3cf60357d6c1987445b74fee96f10524c5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:10 GMT
Last-Modified: Sun, 10 Oct 2021 03:50:10 GMT
Server: Microsoft-IIS/10.0
ETag: "3dc22cec89bdd71:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 34570

GET
H/1.1 200
OK adsimg1.jpg
www.midaxia.com/skin_2109/images/ 47 KB
48 KB 423ms
421ms Image
image/jpeg 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.midaxia.com/skin_2109/images/adsimg1.jpg
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 33794b903cf6cdf61934de5956eb1301b944987ffdf9517a9d44ae71dca5528d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Last-Modified: Sun, 24 Oct 2021 00:31:52 GMT
Server: Microsoft-IIS/10.0
ETag: "ffe2b8a6ec8d71:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 48539

GET
H/1.1 200
OK adsimg2.jpg
www.midaxia.com/skin_2109/images/ 29 KB
30 KB 5413ms
5412ms Image
image/jpeg 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.midaxia.com/skin_2109/images/adsimg2.jpg
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 25057f0dda5925eb9d9c4d90570a15df2be264aa82a311ee738f78d67cee50ca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:16 GMT
Last-Modified: Sun, 10 Oct 2021 01:29:36 GMT
Server: Microsoft-IIS/10.0
ETag: "37495c4976bdd71:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 29969

GET
H/1.1 200
OK adsimg3.jpg
www.midaxia.com/skin_2109/images/ 28 KB
28 KB 669ms
438ms Image
image/jpeg 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.midaxia.com/skin_2109/images/adsimg3.jpg
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8a7b59a742a8674189101d6042dbd38d09aee4d96503f6dfc86252b6e0e01f7e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Last-Modified: Sun, 10 Oct 2021 01:29:36 GMT
Server: Microsoft-IIS/10.0
ETag: "5cc0524976bdd71:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 28932

GET
H/1.1 200
OK api.php Show response
www.midaxia.com/ 103 B
318 B 1189ms
1187ms Script
text/html 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/api.php?op=count&id=5688&modelid=12
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/5.6.40, ASP.NET
Resource Hash: c2d4bfb30b37b184c9d43a98a6b61dd495aa680c2800fdbac85c49f9913325d3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.40, ASP.NET
Content-Length: 78
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK comm.js Show response
www.midaxia.com/skin_2109/js/ 258 B
622 B 940ms
936ms Script
application/javascript 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/skin_2109/js/comm.js?1007
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2121aca104ef8eb5a3a48734c56fb1bb3a2ad057ee4face30cf88f4534249d8b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 03:38:39 GMT
Server: Microsoft-IIS/10.0
ETag: "8e50347ab84cd91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 314

GET
H2 200 jweixin-1.6.0.js Show response
res2.wx.qq.com/open/js/ 13 KB
4 KB 2608ms
117ms Script
application/x-javascript 221.15.67.45
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://res2.wx.qq.com/open/js/jweixin-1.6.0.js
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 221.15.67.45 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.jz.adsl
Software: Lego Server /
Resource Hash: e55662dc8c011c02ffc492e7140a8651ef0a4de6b907b69c4bb5e2982961da28

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:14 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 25 Jul 2023 03:50:00 GMT
server: Lego Server
content-type: application/x-javascript
access-control-allow-origin: http://open.weixin.qq.com
cache-control: max-age=31536000
x-nws-log-uuid: 16622521843009463870
accept-ranges: bytes
content-length: 4211

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
54 KB 502ms
196ms Script
text/javascript 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

HTTP/1.1

Server

142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f157.1e100.net

Software

cafe /

Resource Hash

98a7e9db51a00e04f2f26e2dedb0884336337ea8eec9159443ccfc34c7d1e703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54494
X-XSS-Protection: 0
Server: cafe
ETag: 3067258471138033196
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
Expires: Wed, 21 Feb 2024 05:09:11 GMT

GET
H/1.1 200
OK wechat.js Show response
www.midaxia.com/skin_2109/js/ 2 KB
1 KB 430ms
430ms Script
application/javascript 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/skin_2109/js/wechat.js
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bfac1ccd57aaf192f57583e5aa34d80168eaa23c1ee0691b9e50a7f65774e012

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Mar 2022 04:43:01 GMT
Server: Microsoft-IIS/10.0
ETag: "e999e97e4b30d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1188

GET
H/1.1 200
OK sales-m.css
www.midaxia.com/skin_2109/css/ 6 KB
2 KB 437ms
436ms Stylesheet
text/css 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/skin_2109/css/sales-m.css?1007
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d744c90393f9d0da7ffdeb6c24f2eeec16a4c99ca515fa77a9de072f96088b7c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 06:13:46 GMT
Server: Microsoft-IIS/10.0
ETag: "d095d024eb47d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2175

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 689ms
181ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?07ffa73c12daa5da5b37a7de9b8c3c71

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/skin_2109/js/comm.js?1007

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ed7d87360b5f074153a2f0632fae53c4fadee415c87d1fabd37382d5d899a053

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: e9385e3a14cabd71c388d9121b1080b4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11259

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 177ms
177ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2066107211&si=07ffa73c12daa5da5b37a7de9b8c3c71&v=1.3.0&lv=1&sn=60238&r=0&ww=1600&u=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&tt=%E7%AC%91%E8%AF%9D%E8%A7%86%E9%A2%91-%E7%B1%B3%E5%A4%A7%E4%BE%A0

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Feb 2024 05:09:13 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

POST
H/1.1 200
OK js_sdk.php Show response
www.midaxia.com/wechat_api/ 134 B
516 B 1500ms
1500ms XHR
text/html 211.149.189.78
CHINANET-SCIDC-AS...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.midaxia.com/wechat_api/js_sdk.php
Requested by: Host: www.midaxia.com
URL: http://www.midaxia.com/skin_2109/js/jquery.1.11.3.min.js
Protocol: HTTP/1.1
Server: 211.149.189.78 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/5.6.40, ASP.NET
Resource Hash: 450271fd5aabd19f6a8c6f5fec305c4c52857b6a0e70dc5b0cf70951f335d69e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.midaxia.com/yuming/xiaohuashipin.com.html
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 21 Feb 2024 05:09:14 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/5.6.40, ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Content-Length: 243

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 407 KB
138 KB 481ms
96ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

6d27e1488b87761963b97aa5a6ec34dc8f9ad8201661404913c9cec2e8040d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141237
x-xss-protection: 0
server: cafe
etag: 15089994574640759813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 05:09:14 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame F397 9 KB
5 KB 426ms
46ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:04:32 GMT
etag: 3890843268177463596
expires: Wed, 06 Mar 2024 05:04:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAC5 122 KB
41 KB 576ms
574ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&h=280&slotname=6715455946&adk=3913009745&adf=4252294089&pi=t.ma~as.6715455946&w=1200&fwrn=4&fwrnh=100&lmt=1699410128&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708492154171&bpp=4&bdt=7379&idt=675&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=2789699311601&frm=20&pv=2&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=692

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

a24b4413030e16b2803b7cddcf1ca90e58ac1a6ca71070bc76407d77a3972c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:15 GMT
expires: Wed, 21 Feb 2024 05:09:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B85 846 B
625 B 323ms
322ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&h=280&slotname=6715455946&adk=3379544273&adf=1909092598&pi=t.ma~as.6715455946&w=1200&fwrn=4&fwrnh=100&lmt=1699410128&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708492154175&bpp=1&bdt=7384&idt=708&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=2789699311601&frm=20&pv=1&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=714

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

20ea7609fe1d2013ab57617de3507f5eb3881b72f633c8dbff29595dea196b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:15 GMT
expires: Wed, 21 Feb 2024 05:09:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C957 543 KB
140 KB 784ms
784ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&adk=1812271804&adf=3025194257&lmt=1699410128&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1708492154193&bpp=2&bdt=7402&idt=705&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=2789699311601&frm=20&pv=1&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=717

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

a01476132274c0ff199997d08e32a72074e106c2832580ec962eae8a0122db74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 142985
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:15 GMT
expires: Wed, 21 Feb 2024 05:09:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BAC5 4 KB
1 KB 632ms
194ms Stylesheet
text/css 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1778167623614072&output=html&h=280&slotname=6715455946&adk=3913009745&adf=4252294089&pi=t.ma~as.6715455946&w=1200&fwrn=4&fwrnh=100&lmt=1699410128&rafmt=1&format=1200x280&url=http%3A%2F%2Fwww.midaxia.com%2Fyuming%2Fxiaohuashipin.com.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1708492154171&bpp=4&bdt=7379&idt=675&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=2789699311601&frm=20&pv=2&ga_vid=726668628.1708492155&ga_sid=1708492155&ga_hid=603821382&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808398%2C95323740%2C95324581%2C95325068%2C95321958%2C95320869%2C95324155%2C95324160%2C95325792&oid=2&pvsid=2104734222799361&tmod=1268786494&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 05:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 04:09:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 05:09:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame BAC5 2 KB
903 B 745ms
312ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:32:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:32:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame BAC5 23 KB
9 KB 741ms
310ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:21:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame BAC5 3 KB
1 KB 743ms
313ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:59:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame BAC5 20 KB
8 KB 679ms
249ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:56:02 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BAC5 204 KB
62 KB 33ms
32ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 06:00:08 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame BAC5 36 KB
15 KB 617ms
174ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 00:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 00:16:47 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1424830627617628611/ Frame BAC5 35 KB
36 KB 671ms
251ms Image
image/jpeg 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1424830627617628611/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

3fa033d00af00470f38b05bda0b186a5e045a44b56628dbeaaeac34a7759fc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 17 Feb 2025 16:04:08 GMT
date: Sun, 18 Feb 2024 16:04:08 GMT
x-content-type-options: nosniff
age: 219908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36275
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 10:19:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8755427747463108626/ Frame BAC5 2 KB
2 KB 670ms
250ms Image
image/jpeg 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8755427747463108626/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

870dc6015b760f8b6bc93f7908d434a3bb0bc66ea4cb06fd7c5268a3391733b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 16:10:51 GMT
date: Thu, 15 Feb 2024 16:10:51 GMT
x-content-type-options: nosniff
age: 478705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1621
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 06:09:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 165 KB
56 KB 105ms
105ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

d400a6fb2bab6f8fa450d98290d16a53dd8071309214ea5e9c7a03c2c71b62f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57076
x-xss-protection: 0
server: cafe
etag: 2855915805500219532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 05:09:15 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame EE35 9 KB
4 KB 141ms
141ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 34332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 19:37:04 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 19:37:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame B4AB 9 KB
4 KB 193ms
192ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 34332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 19:37:04 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 19:37:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 9759 9 KB
4 KB 189ms
188ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 34332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 19:37:04 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 19:37:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 9555 9 KB
4 KB 188ms
188ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 34332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 19:37:04 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 19:37:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame EE35 5 KB
790 B 68ms
64ms Stylesheet
text/css 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 05:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 03:38:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 05:09:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EE35 205 B
520 B 43ms
40ms Image
image/png 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:49:11 GMT
x-content-type-options: nosniff
age: 469205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 18:49:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EE35 604 B
696 B 44ms
41ms Image
image/png 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:34:01 GMT
x-content-type-options: nosniff
age: 470115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Feb 2025 18:34:01 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame EE35 15 KB
6 KB 65ms
64ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 19:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 19:28:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame EE35 22 KB
9 KB 41ms
40ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 19:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 19:28:46 GMT

GET
DATA 200
OK truncated
/ Frame BAC5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fc8ad4b910b71e6d5de9b61392156d009c020041617802bda3f64ee1a0208f4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F9B5 624 B
530 B 157ms
156ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWg7OEFEISL9-YFGKb1roYCMAE&v=APEucNVJ6tYr3lJB0n7ddLQXWMbq2s4dF-O-edBvUMFSzkb2fQjRPjp36MKxUNtNCf38dl85n03L56fshWbWiduph1lcicpFxw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:16 GMT
expires: Wed, 21 Feb 2024 05:09:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 9759 23 KB
9 KB 154ms
153ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:54:03 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 9759 8 KB
3 KB 153ms
152ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 19:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 19:31:19 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9759 41 KB
14 KB 147ms
146ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 15:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 15:39:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9759 3 KB
1 KB 146ms
145ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:59:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9759 20 KB
8 KB 138ms
138ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:56:02 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9759 42 B
173 B 405ms
404ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEOES-gBCcTJul5o6N_CdQhnh6QHzrnicjd7AZ3f46qQCoDdDlsCYCKIAGN3lR52SFpxK97Ch0RzGhfddC_7oKrnsHcfBtpP9WdBDje720d0x4L5Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9759 204 KB
61 KB 263ms
262ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 06:00:08 GMT

GET
H2 200 11202569162449666375
s0.2mdn.net/simgad/ Frame 9759 97 KB
97 KB 1265ms
409ms Image
image/jpeg 142.251.175.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11202569162449666375

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f148.1e100.net

Software

sffe /

Resource Hash

4f222eba5bed9e8d6c6081a7a2d9a27c0b8538e05809f3d43b1ff045e0730611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sun, 16 Feb 2025 23:32:06 GMT
date: Sat, 17 Feb 2024 23:32:06 GMT
x-content-type-options: nosniff
age: 279431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99035
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 15:43:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F1C 624 B
504 B 245ms
244ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGJX11IYCMAE&v=APEucNXPN9dStB60ndblNDQu7U0Ulzw7NXblzpsjifbjtq9TmPiXFn6v4R48frQdyH4phzLEo_MTFdD1js2DnUqzLvY7uo-Ovw

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:16 GMT
expires: Wed, 21 Feb 2024 05:09:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 1E90 23 KB
9 KB 376ms
375ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:54:03 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 1E90 8 KB
3 KB 382ms
381ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 19:31:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34677
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 19:31:19 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1E90 41 KB
14 KB 379ms
377ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 15:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 15:39:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1E90 3 KB
1 KB 413ms
413ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:59:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1E90 20 KB
8 KB 433ms
432ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:56:02 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1E90 204 KB
61 KB 407ms
407ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 06:00:08 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E90 42 B
107 B 736ms
736ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBlxpmwBxjU0aUWBpb_St1bFkyPrlMlQIX3CNLx0XHfqYliWzIJEHTaQWkI2iBxCw6f2NdxJso5C50-ngF47VYgKOA-QXB0ddNu8BiEHRnMgrI5wY

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9207781042404545784
s0.2mdn.net/simgad/ Frame 1E90 13 KB
14 KB 1075ms
255ms Image
image/jpeg 142.251.175.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9207781042404545784

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f148.1e100.net

Software

sffe /

Resource Hash

15fc04e087684f5b6391559fe36e9639148f7de616a9f30b96ab175ead0f0506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:32:14 GMT
date: Thu, 15 Feb 2024 18:32:14 GMT
x-content-type-options: nosniff
age: 470223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13557
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 10:06:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 9555 23 KB
9 KB 426ms
426ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:21:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9555 9 KB
846 B 399ms
399ms Stylesheet
text/css 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 05:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 04:16:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 05:09:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/ Frame 9555 15 KB
3 KB 1000ms
236ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 18:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:58:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 18:08:59 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/ Frame 9555 379 KB
132 KB 1003ms
239ms Script
text/javascript 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

sffe /

Resource Hash

5ea0a2bf2e4ba86815782535de2bf697c77611dc7bf30a709bc9220aa21c0c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 18:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134652
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:58:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 18:08:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 9555 20 KB
8 KB 401ms
400ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:56:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAC5 16 KB
16 KB 975ms
184ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 04:23:32 GMT
x-content-type-options: nosniff
age: 434745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 04:23:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BAC5 15 KB
15 KB 1026ms
236ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 04:52:11 GMT
x-content-type-options: nosniff
age: 260226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 04:52:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AA64 14 KB
1 KB 355ms
354ms Stylesheet
text/css 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 05:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 03:09:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 05:09:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame AA64 2 KB
856 B 435ms
435ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:32:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:32:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame AA64 23 KB
9 KB 367ms
367ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 17:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 17:21:10 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AB2 143 B
228 B 337ms
336ms Document
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 04:33:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame AA64 3 KB
1 KB 570ms
567ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:59:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame AA64 20 KB
8 KB 432ms
430ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 20:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 20:56:02 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AA64 204 KB
61 KB 640ms
639ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 06:00:08 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame AA64 36 KB
15 KB 295ms
294ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 00:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 May 2024 00:16:47 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F9B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7j-MEhFcjcRsbyK2VxRMk&google_cver=1

43 B
336 B

448ms
448ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7j-MEhFcjcRsbyK2VxRMk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWg7OEFEISL9-YFGKb1roYCMAE&v=APEucNVJ6tYr3lJB0n7ddLQXWMbq2s4dF-O-edBvUMFSzkb2fQjRPjp36MKxUNtNCf38dl85n03L56fshWbWiduph1lcicpFxw
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kwBOPVlFqPcd1O2vAAaosUsoBr0RvMtyhn1Thm7QXDHOqyzDaDjOuDflJtkYNvKmAdEv%2FA2P2EXkicevAa%2FLHFjUzVv1BVHEP7OLOzjHTp6wm8G3mCMkzsnXAyMy18C2wGZggDEkxDYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858c79f09816a021-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7j-MEhFcjcRsbyK2VxRMk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F9B5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWFfYsFVa0AAFnjAC.uxgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2

43 B
732 B

93ms
93ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWg7OEFEISL9-YFGKb1roYCMAE&v=APEucNVJ6tYr3lJB0n7ddLQXWMbq2s4dF-O-edBvUMFSzkb2fQjRPjp36MKxUNtNCf38dl85n03L56fshWbWiduph1lcicpFxw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulHet7I2FJ0Q2OQzuP%2B8Paz%2BhhuXUrMIxryaE6Uwz99O%2BAcsCbcKsUqUraEXG6vjOQGQM3e8CQKFxXc8C1fbO7i8t7vABNOh3GZHKMUhDFjIvggLoPrxdNgAoJd2vb5Q8y2m5yGZQON2Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858c79f36b2d9f9e-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame F9B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsdNVeRb-tLqjZwzJn-GKs&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPsdNVeRb-tLqjZwzJn-GKs%26google_cver%3D1

43 B
1 KB

255ms
254ms

Image
image/gif

103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPsdNVeRb-tLqjZwzJn-GKs%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWg7OEFEISL9-YFGKb1roYCMAE&v=APEucNVJ6tYr3lJB0n7ddLQXWMbq2s4dF-O-edBvUMFSzkb2fQjRPjp36MKxUNtNCf38dl85n03L56fshWbWiduph1lcicpFxw

Protocol

Server

103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
an-x-request-uuid: a47b0b10-cd10-4ae0-82df-cf8f91a0610b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 118.201.240.156; 118.201.240.156; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
an-x-request-uuid: d89bd633-a98c-4cf9-99a8-fb824d25b266
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPsdNVeRb-tLqjZwzJn-GKs%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 118.201.240.156; 118.201.240.156; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F9B5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz

170 B
232 B

69ms
66ms

Image
image/png

74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz

Requested by

Protocol

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
an-x-request-uuid: 95d2b2bc-09e3-4285-b69b-f7a9fe99e305
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz
x-proxy-origin: 118.201.240.156; 118.201.240.156; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 506D 38 KB
13 KB 486ms
485ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 518635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 05:05:21 GMT
expires: Fri, 14 Feb 2025 05:05:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1

43 B
328 B

449ms
449ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGJX11IYCMAE&v=APEucNXPN9dStB60ndblNDQu7U0Ulzw7NXblzpsjifbjtq9TmPiXFn6v4R48frQdyH4phzLEo_MTFdD1js2DnUqzLvY7uo-Ovw
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QqjoOIWBY3sZ%2FEcrWohzXNmz4xw75yNumUPcvMLxQbtg9Df%2FkoN%2BRb1ey%2FxVOi7WTO2c7tGS88uP1pYQgYv0u8prH0hQHVl7L6S3rb5N241utBTJuqOCYQ%2FJqDlvUV6ll86DKeL8yJDLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858c79f09817a021-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F1C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWFfYsFVa0AAFnjAC.uxgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2

43 B
769 B

68ms
68ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGJX11IYCMAE&v=APEucNXPN9dStB60ndblNDQu7U0Ulzw7NXblzpsjifbjtq9TmPiXFn6v4R48frQdyH4phzLEo_MTFdD1js2DnUqzLvY7uo-Ovw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZmSOjAPOnleqP6pQWirkiOGAl3ltk%2FZGwfcogH3hPqAWXHtTVOr7FeoOy5TjR7yov9hc2sAbe7F7xKSW5fxzSe5BO4Y6xO%2F7PilHZCYv9nGxthfd%2BFM1zuG0OsyDDDqXcKBdT%2FINrXbhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858c79f34b1d9f9e-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 4F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGKecjLCWI-S8GhBzRcoUBU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGKecjLCWI-S8GhBzRcoUBU%26google_cver%3D1

43 B
1 KB

253ms
252ms

Image
image/gif

103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGKecjLCWI-S8GhBzRcoUBU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxD4m84CGJX11IYCMAE&v=APEucNXPN9dStB60ndblNDQu7U0Ulzw7NXblzpsjifbjtq9TmPiXFn6v4R48frQdyH4phzLEo_MTFdD1js2DnUqzLvY7uo-Ovw

Protocol

Server

103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
an-x-request-uuid: 22bfa9fb-5d08-4354-ad15-e2229e1cdab4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 118.201.240.156; 118.201.240.156; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
an-x-request-uuid: e317fc53-1fc5-4f9f-88c4-bdb78263775a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGKecjLCWI-S8GhBzRcoUBU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 118.201.240.156; 118.201.240.156; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4F1C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz

170 B
243 B

50ms
49ms

Image
image/png

74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz

Requested by

Protocol

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
an-x-request-uuid: 4d4ebdf8-4ac5-4a51-9566-24e003527466
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg0MTM0NTcyODQ1MzU2MDIz
x-proxy-origin: 118.201.240.156; 118.201.240.156; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4590 38 KB
13 KB 322ms
322ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 518636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 05:05:21 GMT
expires: Fri, 14 Feb 2025 05:05:21 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AB2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
161 B

381ms
381ms

Document
text/html

172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:17 GMT
expires: Wed, 21 Feb 2024 05:09:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 506D 51 KB
20 KB 165ms
164ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:21:19 GMT

GET
H2 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4590 51 KB
19 KB 194ms
194ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:21:19 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 506D 0
58 B 455ms
454ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNsxpeoXVZY_UOZOLz7sP0cyBuAEAAAAAOAHgBAI&bg=!d3SldDvNAAYBC1i-IQs7ADQBe5WfOE9W-jy5TaognJhGPIP1Kl-YP6fKCFHymxAQ4cjsSNyvDDzrFrWX3v4e7YOEPy0kAgAAAJRSAAAABWgBB5kC5OA30Uoz8HqM6aV1bBnHLHiYRuujYeWy_YQPyz0mMXptlfYdGp1d8zVR-44aZaYF59kTnCcb6UfxYgAhurRMzEO9OeWI_JXFGPM62rE0oqa8XtR386d0yjj0jN5xAu_Rp7WfXODV7Z5Qc-lHjXi3KUXTD33ZbJJcnngW2LstgFi9IiW-tQSscTYPmPQHSkcYfZNRleqf0y0MUhgSWfl1iyFqfSE03fC5buODiUP-3xGXOCcb4eFDmRVSubxHmKsfFYIKpFhvlXPBsTE1Imrt6-GDvVWIWlaswd7IoIjWRmxY_fxKW9W8is7Ia0GgHIh-FzjdVw_ji0QjfQ8T6a8okPiOye0cQkDGdPNUx0mx6uaxyiEr3bcI-ld3uNKSU4k1O4-PwfyKt2QwXRy9jUEcC43_3ekFzFKYbO0y8pIa4DyTx5xGArUhl09Yf6n2OV-ewaLPJAFH6CrRK1HjgA6jMwt45mMgOCRPLpOMUXx7V31pN9IgEOG1LBHzkZK0GomY3qYjODbvNtfiagxS6hBjliACDLK4VhklFumuQWgPGSB6Gdri1P14dSbir44x-oCydHwrx_DMMHC8oN-uTMyZOYFlTETJLPy6nXr2PP9-9kehlR0QcygAnELZO7hK9GtgPDiY5FVaxgYvv_FLEZS2TNiryuWvgqGsxwcZGZMwaba-R7ZB8A7q_t9rkLEqARbxV6zelgvvvl_46f9d_obXuNRc32vO7X4SmR5S6NOyLwtRUqbvdm0kw3_FMrWSRyE_vlJpwk-I1Lxu7zGuTGktV7W5AdNja5wcgwTsbUWF9A1zc1m1eznDZ8s0gCIaTFiRYHLrMDblLjTZ_XPjwcYIOLCiIppxdiB6AUjyPrJrT510xIF1MIZbq9tApCvuwJSCTJm2F2HH6gDwXQnTK78k9SVZoD3yqLrsHHzeVTzfcrSDV-VRFC5Q8ch1ay2MOfrIrIeGjejPJp_M__6s6iEY0rxW14gD

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4590 0
56 B 463ms
461ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnLkfeoXVZY7UOZOLz7sP0cyBuAEAAAAAOAHgBAI&bg=!9vWl9brNAAYBC1i-IQs7ADQBe5WfODbTogkGCodC84PLy73l1ZI_YuxJiAc-EAcCOreTts1H0naThfcOplkl8JpgLDL2AgAAAIVSAAAABWgBBwoAjVu7jZIJr5Gy06POtBq6GeiF9sZBcyeawU2A3_VXbDFe1royJ1g4Es56LnKAcMdgim-TqtI9I0a-i_Ua-kLSWpzR_sII8SBL03ABPDMOaR-v79BRUymVKiAygW-SpyfJhg4SOhC0avVypH3QVTTbjxYQXLJRZT7l8-PEFIUrMBHTnswnXTgw4A3iZainpJkDAsgFFwj8821krEvnBzVYEI3VH_H3f9cLfJaXb-EDRvo6jc_uzBcsSylAQ9vt3yTP1wdNXtPXyJd1DYVhAcruE5Pu3ch8LmJl3yMxoNw9fJDFh6oXEL7pRHdqzKPXpsd37LftmeWjoqRWS5ielTTfjuZZnfcV9ge5avFByrgW_n-SGknyVCdrI2N_8hCBM_XpDjjX4ejvLGcAM3zlS1Ht-USoPk60nVBHzFmhz_sdKFuDu-6DyUht4D_UOfWjm3BWNiW_IxL8qoDtgcK2-GmK7Kh8CShgWsU1HY5N8KQvZIJBSXTwlyjRm60uN6DziGpU6AQIJudtqykmcUeNVA1tO0wysqwXMAg-AEOTkKjOa1iuhdymWJAEfp7cnFBwNstfXxbA0iquaryHIMADj7KVvULisV67sNekEySymK3fTUPDbMN8kUyxTXT2mCnTDuh7kaarq3Sy9OI28xrn6VstugOihpvSIimQ-pDMtjIdCg8ogfsXvU3qKRUxJhL_A19d000cVTNYTRwDHgND7wshKM3N5F4D8Zt3pIvx0eNVTAwfXreTQKalApFwBewF7bdWWhRnXJD4aLmHZZ2X0S4-vrfrr761UHkfaHMEeLt0NphqmgLaUXn63w3SRf1t5VGDpCtWe1FVzmUECwo9Xx0rjMt87mZkIY1whpKcTWs3Nc3pmxx0lYDK70DKXRfxRNckBC-h3u9ScPRw1XM3dgfQXTpQj8-Zk0J1XxIYQkIuKcil_XgukDgEG599u-uuJd1Cx9wBqCn2quGfEigaPBcBlrof86aRbo1gQEpScMd-ANU-V_0hob_3itjvgTQPs_L_fRPGSDr3CsxXqNNLdHFL6Hv4G2v4_fMTFtPPqrDMN9Lezqxnsju8cQF1ok90cQ7aVrjQguNTR6vEawTqbNjici_cZz0QR34Cwj4qjnamtyJOGIOu9rge10S7lexUysXUITAxfvqu1MbbCo1hwdvjdanEw0ShJtMxf0LNJQUw5ZfjOsVqqnIYWpmEeBEmZHc_2XX0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BAC5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRLGLeoXVZfG2Nqn3z7sP58SxkA7W1pXcdYevmc3wEdCF1YbaQBABIN-M0zNgvwWgAf79j8wByAEJqQL6Og_Jy-moPqgDAcgDywSqBP4BT9AElYZijDKaxydm8wM0NXH_BCdNEIM9GUHRLcS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1fb73b25de6f72100000000000000000%22,%222%22:%220xe802656bbf20af180000000000000000%22,%223%22:%220x35c081...

0
0

131ms
130ms

Fetch
text/css

74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x1fb73b25de6f72100000000000000000%22,%222%22:%220xe802656bbf20af180000000000000000%22,%223%22:%220x35c081653079c2da0000000000000000%22,%224%22:%220xcc7936a761684e550000000000000000%22,%225%22:%220xbcf578c66d3d6fe10000000000000000%22},%22debug_key%22:%22558713915470527835%22,%22debug_reporting%22:true,%22destination%22:%22https://ocbc.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22428080894%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212084531788622473665%22}&andc=true

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x1fb73b25de6f72100000000000000000","2":"0xe802656bbf20af180000000000000000","3":"0x35c081653079c2da0000000000000000","4":"0xcc7936a761684e550000000000000000","5":"0xbcf578c66d3d6fe10000000000000000"},"debug_key":"558713915470527835","debug_reporting":true,"destination":"https://ocbc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["428080894"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"12084531788622473665"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 05:09:18 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 05:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x1fb73b25de6f72100000000000000000","2":"0xe802656bbf20af180000000000000000","3":"0x35c081653079c2da0000000000000000","4":"0xcc7936a761684e550000000000000000","5":"0xbcf578c66d3d6fe10000000000000000"},"debug_key":"558713915470527835","debug_reporting":true,"destination":"https://ocbc.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["428080894"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"12084531788622473665"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E359 51 KB
19 KB 380ms
380ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:21:19 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9555 0
234 B 700ms
147ms Ping
image/gif 142.251.221.35

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lsvc49y2&c=6280922496149&slotId=3140461248074.5&qqid=CJD5_J_Vu4QDFZPFcwEdUWYAFw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.35 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9555 15 KB
16 KB 122ms
121ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 03:59:50 GMT
x-content-type-options: nosniff
age: 522567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 03:59:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9555 15 KB
15 KB 154ms
154ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 04:52:11 GMT
x-content-type-options: nosniff
age: 260226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 Feb 2025 04:52:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9555 0
56 B 174ms
174ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxdsCeoXVZZDUOZOLz7sP0cyBuAH0hY38dau3g8u3EqKopMvSGxABIN-M0zNgvwWgAdqglvkCyAEFqQJZsLy5IfaoPqgDAcgDmwSqBIwCT9BAcdoFQz2oNaOMawJBzksXM1E4eslBWbZ7Dc3zCBwROQQXQah_kMZpxp79Oqcbaq4Hgk7-0BDtyKUbGQuXx7Ymwf-QFcpRmsmVsqVl4eO4fETneR2PS7ehIdFMezwFQ9uTKekGjUIisMT1WqG4pL5Ke2dLWEDCH6R-Wdk537YgtiHr9Y9qxwNXUoN6D-IzvWmGR-N73C74iEovfFtl1Bt2GZ3uaGYcxp9Agd0r3ed2Qn5dKmSMF2YLOmLcf_Is2Ts-mqDfH72Ywy2qd9fVvSz3495_M0cJ9yP2p-klWOpEOpHncVILSuVLadxwDczaS86WxzSFL-OUnVyqshHX1lbo05JitNizHkjzEcAEkYS4_8cE4AQDiAXmiIX2TZAGAaAGdoAHjt_phgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QDgAoByAsB4AsBgAwBqg0CU0ewE_6_xBbIE9O0leQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1708492157795&ai=CxdsCeoXVZZDUOZOLz7sP0cyBuAH0hY38dau3g8u3EqKopMvSGxABIN-M0zNgvwWgAdqglvkCyAEFqQJZsLy5IfaoPqgDAcgDmwSqBIwCT9BAcdoFQz2oNaOMawJBzksXM1E4eslBWbZ7Dc3zCBwROQQXQah_kMZpxp79Oqcbaq4Hgk7-0BDtyKUbGQuXx7Ymwf-QFcpRmsmVsqVl4eO4fETneR2PS7ehIdFMezwFQ9uTKekGjUIisMT1WqG4pL5Ke2dLWEDCH6R-Wdk537YgtiHr9Y9qxwNXUoN6D-IzvWmGR-N73C74iEovfFtl1Bt2GZ3uaGYcxp9Agd0r3ed2Qn5dKmSMF2YLOmLcf_Is2Ts-mqDfH72Ywy2qd9fVvSz3495_M0cJ9yP2p-klWOpEOpHncVILSuVLadxwDczaS86WxzSFL-OUnVyqshHX1lbo05JitNizHkjzEcAEkYS4_8cE4AQDiAXmiIX2TZAGAaAGdoAHjt_phgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QDgAoByAsB4AsBgAwBqg0CU0ewE_6_xBbIE9O0leQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9555 0
54 B 679ms
158ms Ping
image/gif 142.251.221.35

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lsvc49yd&c=6280922496149&slotId=3140461248074.5&qqid=CJD5_J_Vu4QDFZPFcwEdUWYAFw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.28p&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.35 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9555 33 KB
18 KB 154ms
147ms XHR
text/xml 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DSguxoaDwpwg5o9Qjh5wnG_XrmXYm8YvEUqmi_KD8SNduNpmuLAFYQNz_bS4JVbeDWIPPITDGNVuMSsXUjPq6GnikTFA&cry=1&dbm_d=AKAmf-D6RB_JT7OkEycX0UnXr_5ck8BhHaBjhqVUn_NAv0rEsdOkla7GQt-NtNjDWQ64m91ITcj8v5Y_IFYtGeNR-8rQlh-GDxf4x5utTnJp-mhOUlm6-IKUGlN_wjpDINh-Dyb76qPJLt3ivTxS5dwThqYT23RUNxdrqOB85IY2jB39Y1OgfLMFH6m8rHhn8-fvPAhW8aMnkwHOf6ojoobFGBfws3Yu3WFg2UIvN6D2MAkIB1lG11yvQ_WEHZJcE_LzUbaaPMdRHfSu4MOIyTHVxyAuDLSfR11oIAkxKjsrEIqSf2kVHvQ54Pdzm-l-atJmuNegpA5LginZ067sEDvIuYmi3l6SFYBQrqg5G-jJFh14x_3HEmzApDd7WvXfMIUacQwq9id5TFNtCYNTWteBXn8YJX5ED1CRZb1XQPbA3yk4V91LMAA8_3Ww7Y8w7ntiTZ6kVoyCNRNeQ9TIp4AMgLIwEWmJP_yRHU4EKfjkytFwRW2ANWCRMJtRDPSf7sBsW0FtZy2BBUQO87Q-PIEbKiF03ND8SkSHBFq0Mfvj53OES0ZS4vl5EmisbZzZxjwI4HymEaioSGvENNh_NCFuKek1NUTGMhFLijqIXuCYgNOzmouGdpSJUQ1R5hRnU_PuQWLoOG9weUSVAGIlSFTVcGHsbI6vC4w_mLi5R5KiXzUxpJSk4qsZtkve-umqoE36nA3aROpyi-27VJ7F06DZhuKqDwD5Ik9SborRBiEuVKhfz_YYQjC1J5vk-5fMJjZ7p-blsa-oQ7jmX29b0JTauHk7v3oSaihF6tmdKYlDxLzXh6X0roKPpY6ii_OP7HIBL8nKdlR3cyrpltTexFBAyyIT9LC5JiONr1mlJ5ijKWEHyi3vCHy2ebumzbRGodW5wZm3Jq92sTYJQgl-O0YAO-15QW2qOzjHnujGt7JI8k3rY-0B1JPDV6_nFei37zEHzG5jJ84jfup68__3WZNmn46TmPM89s3k6DN09naM0sSIFy73HZQYflPcazUYgJgY_dM9V-xfGm537WR1MRWtJfpowN7MpfB1gWb-FgvVtMNzuXlgnyeNk8fuaZA1fk6BMGUZx_BOiXxg9pXFve35Bi1gs0Ig-F2DouZjhwGZ5Tm3ZjXKKzU2NHePu2TxQz557Br5lwxD1RNt-K1s6oGavjR970a8epM4ubUweypBSlfqehcbukAyH4EC_cKKUl9tZpodsFDY_b2RPcv8TY2196zEZkqXns6UlUGRFOyKjAHfgqOjmeVvDpgRQTCt9XKwMnWeQWGxFCL3-6wqFPZm2_2ybQHRgy7SxB8-aSdOvDc01NkUgj-jPZAJnW1veZRr3fJxxJP55TtN3kZSXVoCBDWmYRkX_AoGUtSIjmCRhEFa6WJTbcGtBKzeiPmwRD39m0l9B_pY3smJCmIxTTMZxXJrbv8dEnvRhsGwTBo0NBsr2uKoMxk3P3JyuF8OtK3ZDgfMVaBkycXdh4irDpPFR9rOk5iPfqqoejlLliONjgLRFKjNJzN_Ia3ql-mKzPBM2gMpyre42pJhHvPmJrr-YK6Bv68d6hhvgKLKjBonvoqO_cm-hkBvHYXdghusRfAhvRg796y4G_0OvIJsUha396PsR5_Ja4w7Mrbm0iw00NXuLt1OXoykfUKSsvKesiRnLmSRuDfRPzRioAQeXXb00cFKfut4mNF60-193cQulFPpIP9usY3ELeyGkK3yqLGqZbTzPXmyI4UQxTnk1FIG452HXlPmS8_KofxWqPKRkLhPIhoNqhfFVSrIwsaH0rKY_20ynZqlvSqpO6cVGAB5L-JXzkOypOAqz3uHi1UvUbsdnMReY0wE8Xt0dNKPaDvwd1Ik-gu0Bg265KGIHZogQIMhkYoBc2esHjzn1kmuVlzLrJ6HFiM8WxHT0Cb0Ml5_rGpccxzBxX3tdc-0hEnCQy-VHNqvmrJtENrGE0xoDuGf1pffgmgDbddcK7N0c36YoxCKs_nrdbJCCDeyfbTk9xvamA4oL3K6cTU81w9FIBTn8Sl6bGhRJlAHAFizoTb2AnnGNL8HLXGiUDoUZha_QddOPCOQwRdjkm_jl7WqJDo1DaU2Wg8zxsD7h4WFZrSG8KRmw2jTSim7llE3ZhzTYsWAPvpOQxoAyIdt3CJXJVNwDF8cX7yoUdUeImkwgCEHHyuW-LZlZ5JFbXXDw36BXiOosRw9FqtbmVYrjwDA4dMl91IaRbTa-h5hZ2a9xibG1guMl_d8f9U-waRcmUTnj_8nZnrqs74xbHbBc9craqQXdhkuUtAXzWkrYrJZaUmnckbR0zH0TILgqSWIygA93U1fXg3kMfO2p0ixRIEipDLuLFDEMwAedzc-WA9rHzLJZT8Cxzp3HDUvKC7XBduIhdjBjN4tkW9DP8bWvzKWxPLcx7cRGpHs0EdgdigYvL5IDQqdEXDyGolbCs61QQRFT0LfVoWFdNiiHPRzzFipoyNqOTccNNGDOGh9oSVBzhHQ0OB8nCqQWlEfrhEbwxYK1nENHyYfywMnTEASbm9NiPr_fr1BvJ-X63yEdRu9sqjbvEpesEsG9MUSVykkiLEVxRZdRvg9xoeXUSUSFFiWVG9Cs_R1DwbQN66y7f-2OfS-e1rgcGSqWSqAhmVX1RWxlk7rUD_aQjsYTeppy37zdVBq6g27Oujh7B27irBPCHnAt_AAwowjz5WgHhHIWpkZxIlQ4aHZPW_BH7HrWnJYEzafTvEsEpFQRMTKTFld-FL6nhKzGQRPeasOd510BxQ63Z5Foor6RN4H86-9TCnvjw8wXoHRcujz0k2WZc1L_IbM6jRa4zhgLA20vjGU0BcV7Z3hx8IPg3qGiNWjs59ypQwS8pnh7LJy8fFZjvSLkPk8lwrYFHa2fddAWB1TW7vndTROI242jNAuWx55GDQT53EVpQyQreeq3W0mO_nPvl6ufESQpj6F0SgdCNoGtb9l3QDnbPVuIkoOuSjHe-O3dpVDHLfB_0LOlPMJOpDDfs8KL0XUf2te_cOzvvjBymC8eLiVtQJTaivTtjHdty1aL3MI5N1_-i20AHwaDcNqbs_VCyKwcUyXSF5SIJEFLhNIsRybEl0khxUEMTRRN0TNhqkN4OBCqhl45YCX8axSfJ3eTY09faHtieqPFngCtnp07RJ0aX-J_pzvXi7Ywbhwk4Yr__O7UeHVU5I1BapPD9zgeUJQ0RYy_ZSGD3U4jhrSBXn63vLgjTBsbaHP1JtHoGqhJarDUyfUhoFo38vtj0E4_Wrhbp3XZObOBl1hxeSfCs1N2LjJzf2ZD3u4Zz2_2COr4jW2ikjXS7a0okaC-p6oswudCQhqScAWKtycGd557rf1y3tfYneBkHNefEE5oaCykJDplm6NwsgtStjGUCDJTgp5669srks6VAVVBAra6yGglKrxGrOx6g05wQAj5q3xlQEEy7i9VneJgDiZBbwEAIZbb02hdAGVkDxnFR49mxAou5xEVY79oWIxlSmD00O331DPsPmaLhfU8IIiErqp1nX7EP3MYaPJ8KvAPAG1jHCce5Ave1z1RO-EE4PbwYjdULYTRvgKRiVD7N9JB4Jh2eCaZ82jIECFk7bgweGDRxTy_9djqrTY3LFe5ImEeyvjy8LogOckjBkoefEXcXHC5ELrgsLyoixigLrPm9oRTaNWM0g5GoHq6Bhn59rT0WUdi_LuRBRXI98WV7I72-tPcHU7s5NT_FF352N7HJjl9UjHj-APi7I0irgUgYCbvM0-2qBhWSacPVzOQ4xaxMdzf4k0hA_95s9OAtaC0XD6ecy4YytSAXqKnwgax9WRE1wTh64ebwITi5wtPLaLI3CjVCnJOmlA&cid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

544bdd34d3f3d555aba958fa8a1f228fa2a094620856afb93c5d8d2aff2c8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18210
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9555 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b81970d0d3089671a53f30fb56dae9a8dec14b057a8b22f407198d68c626a78

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 236ms
104ms Preflight
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 05:09:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E9A6 51 KB
19 KB 110ms
109ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 470878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:21:19 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9555 0
54 B 480ms
148ms Ping
image/gif 142.251.221.35

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lsvc49z9&c=6280922496149&slotId=3140461248074.5&qqid=CJD5_J_Vu4QDFZPFcwEdUWYAFw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.35 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9555 41 KB
15 KB 80ms
79ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 13:39:48 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-npoe7ner.c.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/acao,ctier,expire,id,i... Frame 9555
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/ip,ipbits,expire,id,itag,sou...
https://r4---sn-npoe7ner.c.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/acao,ctier,exp...

0
0

428ms
32ms

Fetch
video/mp4

74.125.12.233

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-npoe7ner.c.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/8481E9792CB697702CFD91B2CC33340E41538FA6.61249B72EF29EE6FF447F7AEC47FBA96D4B41DE2/key/cms1/cms_redirect/yes/mh/aU/mip/118.201.240.156/mm/42/mn/sn-npoe7ner/ms/onc/mt/1708491870/mv/m/mvi/4/pl/24/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.12.233 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Wed, 21 Feb 2024 05:09:18 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2944884
Last-Modified: Fri, 16 Feb 2024 03:40:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 21 Feb 2024 05:09:18 GMT

Redirect headers

date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 669
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-npoe7ner.c.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/8481E9792CB697702CFD91B2CC33340E41538FA6.61249B72EF29EE6FF447F7AEC47FBA96D4B41DE2/key/cms1/cms_redirect/yes/mh/aU/mip/118.201.240.156/mm/42/mn/sn-npoe7ner/ms/onc/mt/1708491870/mv/m/mvi/4/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 9555 453 B
585 B 79ms
78ms Image
image/png 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-1778167623614072

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Wed, 21 Feb 2024 05:59:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9555 0
54 B 469ms
148ms Ping
image/gif 142.251.221.35

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lsvc4a4i&c=6280922496149&slotId=3140461248074.5&qqid=CJD5_J_Vu4QDFZPFcwEdUWYAFw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1339&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.2ee~atrd.2ej~videopreviewvisible.2el&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.35 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9759 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f64087519fbbd8463eb2fb881ec7a377c383c047c0e8d50448ff0efedd93fb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E7B3 23 KB
8 KB 25ms
25ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 359855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 01:11:43 GMT
expires: Sun, 16 Feb 2025 01:11:43 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1E90 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e7e9c8d2526fcb4671b05d75e4e00b872b7c4d7b805048d24cec6707029af36

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1E90 0
0 187ms
73ms Fetch
image/gif 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssu2pGp05aL6L6C4khyh02iJagArjgR1NWqLgmnihk7GmRtGqUGDVlMoD6UUm5Y4EDiwEteh0yL35DxWy6RSra9CAwG3Y6XygDWegAkf9a6dpJW5mMDcgoc_MVucOh9g_bvooIj5mtG96zCWRWsRzVaEYxNfIj5bgBV1GOMQfw5J2wZTqktdKyCU55lJcNibh6WV-vJGXPobicIku6aGr8U_Qh1eMAEelCBbHNmnYG3E_u3dV-IUAwVdnMBWVW60JTwWv_Z5Dh8ycuxffA4bQONJHfcbxNjwx_tN5uLD2E8W3zvZQAf2s6MvPVCOwvg8pg8EbvZi7dKkj0GsZ8uUMPuFdKyHZkZz0IvYsIm5P3N9A6acHUkGXKc5HSbIxQ-63YoVq20C9_8WD926XBZFvFUvmtr_4Jr9CKXxYhq5V6cNjTU7ECKYMgMLTElich0yW9v7YhKDzigWk54RACqVda00bAqejXTvkdLbFSEHMKu5qTZBp3X9WdA3fO9PbfNKCaEDUYZCq0XN7YeOLzUyHke-cIWhwYflFR4-oq_Y9MfJpBQkGE1K2x4FFdfUKhYyNhzyx-ToEg8gnCzOpoWbyAACAvYiUhhVzkXQwKk39aEd65tjL0QBacHokgpwCX3ZVJNFQSDouz9ZcnPYtTvXyuZHXBpzfjFgx2uLeXpLeTEU6tmcDNyFyALnkJyvl38iFM_Og0iqNrTZ0lOWPOo3B7KplKuBE-wAhHjxPj6cJtOojumz3nwdYLPSxHUnd8TZ4iCSkQ09G5RqlbLToHykKJmJcAf9n2ZLYvgxEBSzL3SJLK0BiOwkpQ5SXT28OcvuZh3-Wdnr_7j7LNlvcc4WBXoRToUfYfWZDibhLVjqKkRGHxkK5WzEM695KUZAfVCc9epmkmYCtdlWCmCGDfvST1VhBUTghStsTpWZw4Y122iSRNxV2WblQuUtn0lhsvjzUmiT2m2Wcmw5k5T768OtLI52jH_pRugN6ZqOlb3F79oS7VZNGuf67JaGcJwtOUWUsUT81fDmTcd4iybq85RNGvtBoqbQESslXUiDGCfA3SuIfX5bxGLJ6HRYvX27lSNlf3OF2UFbw8bYo66_C57ZJqomwXghTKnvilnL9uccZbb_SN1ywsMoq7r_wze8LRv22OMq3-s679vqtZIYtzQ2pannYpwpe0eUC-7ISzmAvR7aIAHD8qTz6--N5Wd51RyO2zLb7hVtyh_KuQI9yuTaREl2XI7FOub01byDTZvqwGLDcIyfxoa2hQfZCMvTFPKDl62QcHbMJ_HKTP2Ws1xTlBWgo5xyEKZbJFr7_JXuYR8SjlQwWS4GPwkYxiDmOLwK47hWLIVLAIALZm4saPraNmD1NjtEPyoHu5CsypT3pY&sai=AMfl-YTEFasTSRgiS8SUpFQPYhMQXuz4BJbyh7HT-p2Dm5mNajOvECsHoK6dPcrVg8XdxD5Z7J3ugmJnTgbNukPbVQzX-dIYts-yTa4gvtLG5TzQbmJn_M6-CGfiSTGBVNqNcHT4Oy9h_3EKW7KMGFKuRFyA8qK2hqA0vq3Zd-hRUDHn7weQ1V7t2s0c5P_f1YodrRRcRUwNXBOFpjJQL-rEJEGB9yru7vZZVSg32eza5ZEpmmwtuBHFgZHpXnmz3pILPjR-lXq4dWz0ulY7X0S7kfv8uHkahRAQpr02OkW4uUnodIER54vsLpA5HjmOedPPhupRlVp5DKBdrN-8WJ0D9iTLNO3Zb_2coYkrfVlAzY3mLcWkETdeXx-vrfomnFo8vsmI9-cDxB4TzukEM64myNxIwe6gAaZ_LGj4gV01jcCPoGpg5vX0KhfSZz7tyr1l-GKDXtvFIrNicvKgH9vEGp5Sd7UlNIos2ScW5jNmBl2hqKeqacJEIpHcVISNL07CDzkpZfMNk3cD&sig=Cg0ArKJSzM3wNZRj5ua6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tMS5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1843&cbvp=2&dett=2&cstd=0&cisv=r20240215.65594&arae=0&ftch=1&adurl=

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Feb 2024 05:09:18 GMT

GET img;adv=11072226225113;ec=11072243362951;adv.a=9328736;c.a=31271031;s.a=4528092;p.a=387282946;a.a=578565139;cache=4147558806;
ad.atdmt.com/i/ Frame 1E90 0
0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 9759 0
0 182ms
72ms Fetch
image/gif 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstzORQrvTWtsl-JqmwI0A2pWVcOMSkZxGMaRwYAT_aK0XkrANKfapeqVEK95sAmo_8jTbFaoetY6YajTTn0Y8AeIwOrmMY_DXavlV0a_3CdqYylsfyEeEFPvtaE6Re89PXfein1cDvakyvk6SeflfcIqqIa85n0YdMCNiKDowk6sBtGPhnYmeOPdb7LuHhBILj0PWIM3Q9OaFZeYX_ONTrdu2s3c8cbD1SR9paa_XkFk4VZdoHr4rBx5x1vbpmBWV_ynZYKPfQJlPub-BNHnevMB4MS7zhPjSlncSpnBMMgwxnE4WiCilz5Algukju-1OXmmdGA2gc8ruT9nd1ZN9I2yECgeUE8DaskB16IpxEX990089_DjhbauooGmQgA0l7XWEcVcznVJF1h3aBoFHMyGunI5cQaJcxzNXK0dbN1GWySL5NqURXoGUocLvIzznVZJBzTTbAOXkC607kJmkcD1XB0Hkn_PSskuCfdUMBksOS4FIGZ8HAjFKhETc0R7YmI38530grthqeZfgxg8O6dBSWjIz_TP97psJPpvC3XdsjGt_fvPcxTyp97I41GCRJSzDJgyw8Y6tR1eICTLtmzPc6cV8VCWG5w7WnPt1HULrI3uZ9HDHc9DWJF3m3r16lZPLVCVlnLkw8GXbyNCFE4APS4tGfQLSBNFTO2cIiMrS1IkSU35bWTChmxdmp_a7yZOsQeQsNj9brYu6W6gR_V1u0xOTbWN_Xt0n-BeDx4lK7zeTUy0Wmrhyuf3fFLSEmAbhJm_AGD35tA7NkRXwtREIc11oGMF9ilvWJCsNkJOdAujYfhe_KsKr_OQH6P89OYqkeJDWUPejAR1c1-QXgXEa3TXnwuAamzs30ZZ1paH7s3S7lLJKPD267x-PQNoeHtiJs0osljpC54lIFmmHItAYArZqHS-n0KqK4y_JjOY1zfUs1pxXbG2_CMJKLmchQMKnWYAzuSCqnKhOrN8aRaoTBvXgeF0o-R9IVbV59SRkkP19yrO1RMhSN3_6xyhXAj6cvql3RGyBOABktVKwYk8gEtYx-ezcdC1_ygyOsNXuTla0LUAT1iwqxgHTBgci_PBxiLBiYCeIydglG3iffn7z3Fry9mMNTptMtvb-D-R5A6ohCt2kx7P9RUZgH-2_gMJXlRf55CjgnLlkQSTX0NQyF_8sTCj9727mwYCvooDHD-cTmVMHRV1HDillMtLKdUCg5L47e_TMtjZFbDMk-Vmbb928eHgU4ithBxvDe1E61oDnoLKTqaUCIB2Q9iOVKbaU5CL0wkkmaZjlX98M7pqYdcJxYUu_gLQyp7ykkRd9xS79qM3kNgZJVt4Qu01L66O-P1EXIyueTsnreRpNS-G6UxKPdfxjTSmHzyBNPCTEEkZfZzHd5ucI8QySGcDf88&sai=AMfl-YRWgQ2NJFbQ9r7xIBDzlQNK2ASYtGf1F5TLiicMFf7zT32VEoh2JYLBIP1p0OOuzCgAT42zsPeslkebxWkeJUOjn2IOs62cRi_ZPaYC-vqjpjsWi3QEXgRdNibovTKiNtDNYUL6M8Z1_Vjxnf588hx-AuLE2bw0khNcw_Ifkf7uFv7gThQaZrhtIlNRuZujX_Hf8uF2WltI46x8RfxCXNn-7eAXIZaokM9a0_NHbCM9ZmGSWecxXLcniQathZDAv4hwxfHSmaZJXiWiBE4QTS6l0mzRVN_QTQAZFCStsLQEt4BD7Oy5idD7iEIxyq_3u0mU0Ub23rSoSmZsxDDsFLT7OAMDJyx8vLXoHZNxLVzwFTP8ezsHWg_2wj0dXEYbQr2fWni_OLQhzmKrk3J_hsVlrOWbWWjRmnzUNLC4Gt_EatywPOK-scpPUwxNV2J7B4dmhXRRbJRdrSo6yrXfQOgZbCvabdXpuK_0hDn6IvAyFcuuYPCn6cgjQDX7gHZxXL-h6p-FLTNsKw&sig=Cg0ArKJSzFqhgT234l_7EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbWVnYS5maW5hbmNl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1882&cbvp=2&dett=2&cstd=0&cisv=r20240215.21245&arae=0&ftch=1&adurl=

Requested by

Host: www.midaxia.com
URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Feb 2024 05:09:18 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9555 0
0 123ms
122ms Fetch
text/html 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDQQNeoXVZZDUOZOLz7sP0cyBuAH0hY38dau3g8u3EqKopMvSGxABIN-M0zNgvwWgAdqglvkCyAEFqQJZsLy5IfaoPqgDAaoEiQJP0EBx2gVDPag1o4xrAkHOSxczUTh6yUFZtnsNzfMIHBE5BBdBqH-QxmnGnv06pxtqrgeCTv7QEO3IpRsZC5fHtibB_5AVylGayZWypWXh47h8ROd5HY9Lt6Eh0Ux7PAVD25Mp6QaNQiKwxPVaobikvkp7Z0tYQMIfpH5Z2TnftiC2Iev1j2rHA1dSg3oP4jO9aYZH43vcLviISi98W2XUG3YZne5oZhzGn0CB3Svd53ZCfl0qZIwXZgs6Ytx_8izZOz6aoN8fvZibLDCCREf7viwqDmLblxoJ__psNQq6GU_YSshXWNtDzFO-M7QBBySQ4bjfwETE6HZMo4WeCQ4qnvU7t7k6PNm4wASRhLj_xwTgBAOIBeaIhfZNkgUGCAMQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeO3-mGAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcKEJqyHhip2JSIAtIIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljXzfyf1buEA4AKAcgLAdoMEAoKEPDQvp-pkMGELBICAQOwE_6_xBbIE9O0leQD0BMA2BMKiBQG2BQB0BUBgBcBshccChoIABIUcHViLTE3NzgxNjc2MjM2MTQwNzIYAOgXBQ&sigh=-4_HStSwdGw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 760ms
73ms XHR
application/json 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

72d754d4d72defd2cb79de4e8384fcb541aba6723250fea03c227465dfddc6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12339
x-xss-protection: 0

GET
H2 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame E7B3 39 KB
15 KB 64ms
64ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 380669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 19:24:49 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7B3 0
56 B 75ms
75ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLwytfYXVZdvlOIWJz7sP1bqJaAAAAAA4AeAEAg&bg=!cnGlcT7NAAZN4L4YbeA7ADQBe5WfOEPbJQs-Zd8aOFYBCNrswiNP4eaksrKfevdyrmXHTlA-iALxtGz-6zprkqAL9fuhAgAAAFZSAAAABGgBBwoAKEIFlDP-prDmJvsHvLmyvkEYQzcQGRR6a57-34gKmw6nMQVPtGK5azOZAusj6QTV-Uw-gbLY125d0E7c6u7ioSxNm0IMGbo-U973eN5UOgyJcWGtiJC1CwKFov8DpooGrB-49i5Qa9jVPsaJi6nBwxaeWjXfI2vChwgi3BE3c7n9YTYSfjrvKl-WAOiDs9lM1Tsio6oboGF2davZcf9THyEDJdMN-Ee0DJJb9kIjryvC584Aff486VrrzH-KNem0AP7aeLjOSVurT8BgQVg4nESwJPTjOoJtk8sgP8qVpiRh4DpyHU1xURhh4GkHigTmDjKWY1s-qlVlsHRjJ0QON-ILbmC_C4Qfz0kP2H0Qjk4-0utB14GUOxodOXd6BqH1noinM4mvX_UdP_IsDBB5q7RL3JbPXb9jGdVxzqMxVUVtTVItcutDvRUpvIw9JKbvVrJq7OvC4iEqbIrBDFdcDyTIP5GDi6K-k6w-7LlubqJSNbMpmSyR9NvuQBl66h8Zzjv6p5jkY7YtwnK_WooZXu70dkJUSCu6J7Mqgs-D3slVg43_7LT5F5kqdxXbYFjYwE1ahf-ADd192i0QQdrMW0JxX9F_a5OyRqFLmkCgVVBQFy0DydbphjI0GoQEfC4wOCLrjs5n8BMPdhOnX6BEtec0pUmhRUXAolhUho2k3Oi33h8veskhuU0LNn9ypIwkq_7BdBkH_AKYOa_QNgN--UPX5VGLmrHMZoysy7COeNteIRs52eKT1dyDlRnv3Zuht9RnvqHTS12vpBPw4k_tYNn-4ZmrScUw_zy35tnYo6zO5tPr92_2v_NTFSg2Y9udh3khM7Ot6Hzwpko3PTpc_-tVNVKZdb27UyF64XGmCRkFvKdSdH039Y9FR07rCjS_bfLD4hiiI8QevLJYNFXAfmCoC3X7hvxmE8Pr8daLxvhRz3xNsFf7eRam4IrWc-InRknqJYSRqwjw9UnUa9aZwcPEAjFOBotA2FlWqMjZMAoDobYNnIFUkRRasq4pMkZ3S3K90ZX48erhGEr1uCXAVeDItJhJyKU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BAC5 42 B
404 B 384ms
68ms Fetch
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPtdcfWGld-pA-R0CFKWwP-L6F_9681MI-TcYKZK5BOd8gPcoLkfJj4cTyGCW0w83FqZnGrgX9pBZdPnle9fZ7hFmJvl4trUn-k_OaDX0Ytc3TpS3gsz88aklbkCGdELsF0im3szy1RmDb_nQvmUa-r996vTrQPdI&sai=AMfl-YRx7PsTCvQ_xpUJ6CvkQn2u9uq9q6KZC8yHE7kpeky_Gy1GwFu6a5Yp_aHas34bDVsh-wWIZiT29tjH52tOe5SMK_c2SPKMA_mdgqm3kFwQBn-kNfjSssjFhJzOYCsbiGcg7DZSPvIDUgfoDBEZYA&sig=Cg0ArKJSzNVJKU2mUjMyEAE&cid=CAQSTwAvHhf_y718RGBzlDgRPtDzES3A02DW0Kkp6tq68DFLMYEv6VD8y4EauS1tye1K4ZCWJJ7pHnoZK2dzDmQcSbdlp7E8ufI_aZO14w-U3ToYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3913009745&rs=2&la=1&cr=0&vs=4&r=v&co=442495600&rst=1708492154866&rpt=2668&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content file.mp4
r4---sn-npoe7ner.c.2mdn.net/videoplayback/id/c1c8a2d28f7794ad/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1740028157/sparams/acao,ctier,expire,id,i... Frame 9555 3 MB
3 MB 365ms
63ms Media
video/mp4 74.125.12.233

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.12.233 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b142b3517e0766a3cdbdfe1f31117b152e85c11ad33dc778a3bae316ec8e5973

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 21 Feb 2024 05:09:19 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-2944883/2944884
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2944884
Last-Modified: Fri, 16 Feb 2024 03:40:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Wed, 21 Feb 2024 05:09:19 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 05:09:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBD5 13 KB
5 KB 38ms
37ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 360547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Feb 2024 01:00:12 GMT
expires: Sun, 16 Feb 2025 01:00:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3316 829 B
995 B 32ms
31ms Document
text/html 74.125.130.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f99.1e100.net

Software

GSE /

Resource Hash

befb45070bc3654979c37898d9ac164eb4be9dae759bd707a4bf0db109918e82

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cbOGG1Sfwujb9M8m1ky61A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.midaxia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cbOGG1Sfwujb9M8m1ky61A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 05:09:19 GMT
expires: Wed, 21 Feb 2024 05:09:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9759 42 B
108 B 68ms
68ms Fetch
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn95Ru3kXl1dGVeJ-IiOlpfUW9XL2KThMe1BjzBcSDgz8UqrNrT0V76HsnggjczxXUW8dfNj7dYhXPeeY3SMDi-vu1F7y5mwM50fetGZE21BwcsfAHDVW6MfUuZsHhqiZZN9Za00-wC7QSYvL0pQDAjwCK3lKnntk&sai=AMfl-YTigExyYXFJ-TIWl9TLXGtZ9GQ6k3IZe424fqCKz667tCYKXpUDAX4zA5DyQ0sin-kPv_Fcy9OLJk8mRwceeN2ZvWSo0UPTeTSTQVAgEaVsrHBDB0bE9F-SEWCukfDCNiFtfBE7a6QL5ysDlfDi_w&sig=Cg0ArKJSzCLXwCBaQYxrEAE&cid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&co=442495600&rst=1708492156023&rpt=2096&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1E90 42 B
108 B 93ms
92ms Fetch
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqLgpaZcXwvH9LKBVejvPL7TBzouelbw0fL4zyCGqnKXQkhBNtO0Mo_TQPskIsEc6kGzd532TqnPgXkLa5q1OrEu6slLbVDo4OBaLg4gPB15mlp0PGXQuWgNQ4KSlRdH2mwVjwvPm3IDuBnn0PZO6Gs5BFuDcUxt4&sai=AMfl-YSBx56khzeBy2sI-0R61vZxe8n2leARhhGIzlqOg8oSD14hre80NThzhSnbjysYdU09msHEIfoY_SpcaYIhOPy0IrQCNEDhZU4feAXy-Xeepze7D_caMbxQY2JbBmBBkeWadsaOw4_fLu760bokhA&sig=Cg0ArKJSzM3-gSZapXv8EAE&cid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&co=442495700&rst=1708492156275&rpt=1835&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3316 0
0 115ms
115ms Image
text/html 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=2104734222799361&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame FBD5 39 KB
15 KB 103ms
103ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 380670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 19:24:49 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9555 0
54 B 396ms
395ms Ping
image/gif 142.251.221.35

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=5~lsvc4a4s&c=6280922496149&slotId=3140461248074.5&qqid=CJD5_J_Vu4QDFZPFcwEdUWYAFw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1339&mt=video%2Fmp4&vs=1280x720&ple=0&umsem=0&event_name=first_play&asset_bytes=200416&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.35 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame FBD5 0
41 B 317ms
316ms Image
text/plain 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ALkFwQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 05:09:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

B30750594.388315603;dc_pre=CIC21aLVu4QDFcekZgIdmOwBEQ;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... Show response
ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/ Frame 9555
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIC21aLVu4QDFcekZgIdmOwBEQ;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdi...

42 B
66 B

472ms
471ms

Fetch
image/gif

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIC21aLVu4QDFcekZgIdmOwBEQ;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?

Protocol

Server

142.251.10.149 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIC21aLVu4QDFcekZgIdmOwBEQ;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B30750594.388315603;dc_pre=CIGy1aLVu4QDFf6f2AUdaU4L5Q;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... Show response
ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/ Frame 9555
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIGy1aLVu4QDFf6f2AUdaU4L5Q;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdi...

42 B
66 B

426ms
425ms

Fetch
image/gif

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIGy1aLVu4QDFf6f2AUdaU4L5Q;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?

Protocol

Server

142.251.10.149 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N346605.3349700DISPLAYVIDEO360/B30750594.388315603;dc_pre=CIGy1aLVu4QDFf6f2AUdaU4L5Q;dc_trk_aid=579670987;dc_trk_cid=200741267;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIm5izodW7hAMVhcRzAR1VXQINEAAYACCX38lkOhoIwoeHhwEQkYS4_8cEGNO0leQDIKu3g8u3EkITCJD5_J_Vu4QDFZPFcwEdUWYAFw;dc_rmcid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREt...
ade.googlesyndication.com/ddm/activity/ Frame 9555 42 B
401 B 856ms
295ms Image
image/gif 142.251.10.156

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm5izodW7hAMVhcRzAR1VXQINEAAYACCX38lkOhoIwoeHhwEQkYS4_8cEGNO0leQDIKu3g8u3EkITCJD5_J_Vu4QDFZPFcwEdUWYAFw;dc_rmcid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ;eps=CIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QD;met=1;acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15338%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442495901;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708492159737;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9555 42 B
174 B 130ms
127ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxdsCeoXVZZDUOZOLz7sP0cyBuAH0hY38dau3g8u3EqKopMvSGxABIN-M0zNgvwWgAdqglvkCyAEFqQJZsLy5IfaoPqgDAcgDmwSqBIwCT9BAcdoFQz2oNaOMawJBzksXM1E4eslBWbZ7Dc3zCBwROQQXQah_kMZpxp79Oqcbaq4Hgk7-0BDtyKUbGQuXx7Ymwf-QFcpRmsmVsqVl4eO4fETneR2PS7ehIdFMezwFQ9uTKekGjUIisMT1WqG4pL5Ke2dLWEDCH6R-Wdk537YgtiHr9Y9qxwNXUoN6D-IzvWmGR-N73C74iEovfFtl1Bt2GZ3uaGYcxp9Agd0r3ed2Qn5dKmSMF2YLOmLcf_Is2Ts-mqDfH72Ywy2qd9fVvSz3495_M0cJ9yP2p-klWOpEOpHncVILSuVLadxwDczaS86WxzSFL-OUnVyqshHX1lbo05JitNizHkjzEcAEkYS4_8cE4AQDiAXmiIX2TZAGAaAGdoAHjt_phgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QDgAoByAsB4AsBgAwBqg0CU0ewE_6_xBbIE9O0leQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=0lJi6ESZjY8&label=part2viewed&ad_mt=5&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15338%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442495901&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708492159737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9555 0
380 B 262ms
249ms Image
image/gif 74.125.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp86KYaMEm3vnOt8HFzkTiDWQoggFVAt927wDn7oXWf80JM2NwJhbjlWbH3nL4EfavyjdiAQZUqIO9NndEXDYA8Uk_vda5kgLrRoJGC4cs7_ZRVldSJgGncHa7CimCiFcj-rBGf1bSda1cVabu3vxKN6fflIHoyq_rneuFuZwItIPoNUZ1JY4wJl7dQg3vjROcjID73hmNn_s7QcNoCc2EVSj-XVk_OGNW4cxf5ylW1qPUd1j8arQpNIqUEBplzsYZmn-v8rL5qLdN5SRjschC18E0q9CQsM0NJzzJeXrroXcE-pRnWmOODsza3yoEF4aBFclDD0Es2COBzHnz8L0vT8CWMWRjr4zcc_0bzBWyaBUU4stkiweaQYjz4y5Bl4P8iWgLuJCAo1xa792Rb0Mkpol0_tFIr_xPMvHXFii6AHWHewr9uKqmFegS9B9IMaoonIBdzM_RL3G3zYHNNq07vSDj58j2PZIBioQg71WFeLEx4hvaCeuM5W7SCDF9cO9Ij88eRUGta-DglgLg_mNxDmCN7CWHxBkB2fDH2PBLEyC7WWp7C1RgUBVcJCJltJKgIs_jRQiwoOO7M49O7M1fMR3Q0qDdy7_VKdbumZtU6MKM07MmwaX-ZosYrpFSupdW1fYNv-2XRdMvcMh0aZr4T_CH_5i4CMzkEeUqnpSxuuqdFp85nKEedRIaS1l2mqf9_R4RnIpc0NmAhggf0tQ_VJjBwGbAN7YA5Vh5_gTSa-hf_i5jxsUnB3ap3aVY9OM9yDNys_VVCnF7xEXBS5SW92hcbAsUEGF4vwWr0MwEq5rDchgm1R7o4_G76-Gkb0z5rbDEwEoj0J9Y8uIrFaqGL0xBNIrFppE94_iD1eER7vZys7_Wj68uRrDGzjUUobS8oi79rem4xSfudO7cV73tt5-Tj-4qFHXJASJMrQvtoy5Hf4U5dG0CCq0SlPkO4dxRTyT2N57oIS6PpCOkcqgbBKg-TrqoeOW4CkjaWKYF9oFWqHclnwJTtQsdj7BdeZPdbypSM_8OvqCL1HhLugcFGaCs5Joh85sagSIVvuxY038vFDdxykQd-fFkwJ9FejHyeHzfYj5I0HraKw40Og4VSnKlWz7jyM7kvnItN7xNMzsFxXCVQRvKt0uVXk2eYlkPxj3kS09Kvf14BPmyGp4LtHIiiriPyojzMr_S8vSo5HPabPNjnNCXR4YZDUC79Ggtqyrbt8Fe6mBuMiYUXmxaN4u3gQYHEsCIaBwvE14Dd18zJ5Rd0Q_jKpkNih7LC8Iarx3zuT6vwvdf8VtUwLwxEEqbQWO5PvGblN-Id--6JP7iFyB5mVu8VLUNR8nnoxg4NMHwyKCi1-kro-qkz1nZ272bBDXRqTjFkBAV&sai=AMfl-YSq1TI2y4rnnQ8RXcR_gR-147yyIyul3DEbzDOgoZ5hdkypYFGdxTjHUBbR0hGrEaUeSVHVOZTdj2iugS8KxMU43r5tEyf56TdIasl7F5UZbCCzkAbSUtIvLHnFr6FQziEsdzFV4q_PE6Bkx1tXymHO80QcW__m8oWSxMWPWtGFD-0aC5LRNX7wCS-IDwOQuv8ymAkiQdtLxCDdfPASMNuRmgqIbpDv2I7-3WQZ9mFgbMINsrYsvibNBUw7rA3O35BVx8eAmBMQidBInzy8MWIvTwe3Gwp0xvvehYQtpQo26716r7feMAi4v6_mJUdkBpQ&sig=Cg0ArKJSzOi8TlQawSKVEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Feb 2024 05:09:19 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9555
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSdPhCQ4MABGKnYlIgCIAEwAQ&v=APEucNVoFm1B_rXFjpo6PSxT8MrjdwQA3luXNCHhf9bDDZBqx9_LbhYvyqs2h9HRHV3ZGv0vgGtdY1KxobR-8qdDGKc2V5LJwtp0_8kzMXv-jLWurImXlJg
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZdWFfYsFVa0AAFnjAC.uxgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2

43 B
738 B

246ms
246ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBuYzaEKG6d8qCl15pNoNVbsc%2BhGCszgA89RTk4evQ8TSzWB96TTR%2F2ZeNKzR5REBeuuPi3Ui0io%2FXW04KxTs%2FBddVIyBmgKpDWdy3kDxs9pWadiev0%2BgOYhFdtZ24mWG%2FG3B%2BhcB%2BmYUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 858c7a03b9f29f9e-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED6mSDpEnDPOTPPjUH2vjd4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9555 0
56 B 127ms
125ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9555 42 B
108 B 127ms
126ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPq7fXUO2Tuwgt_oR0mrQYGEZx3kjxMTAwlNtEXhGx7y9HLTSprDH9ndD_4PJ0GVk1dN93PfxBp07ZEASrZY8UyPuVkKKWv0ubtgK18jFVBqmwCpKAXya_X8E0AteCEdQSFl4RMEg7Z8Yb9PpUjz1DcZlvZx93kWs&sai=AMfl-YTannm_pxcET7HWyb32DIXBW2PTyqW7UvfmS_BIoybo_U0IV0a9jH7P8pnszKGJ-P5GIn41V47lvycQ3wzk1yMRN6kR06OWCRvhAZcF9G2pFq4zi9KM87pnVvwmeOwB679BHwSIizgWuoqaHHGl2g&sig=Cg0ArKJSzCZQ4FU5UIgJEAE&cid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ&id=lidarv&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15338%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442495900&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708492159737&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9555 42 B
108 B 129ms
127ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxdsCeoXVZZDUOZOLz7sP0cyBuAH0hY38dau3g8u3EqKopMvSGxABIN-M0zNgvwWgAdqglvkCyAEFqQJZsLy5IfaoPqgDAcgDmwSqBIwCT9BAcdoFQz2oNaOMawJBzksXM1E4eslBWbZ7Dc3zCBwROQQXQah_kMZpxp79Oqcbaq4Hgk7-0BDtyKUbGQuXx7Ymwf-QFcpRmsmVsqVl4eO4fETneR2PS7ehIdFMezwFQ9uTKekGjUIisMT1WqG4pL5Ke2dLWEDCH6R-Wdk537YgtiHr9Y9qxwNXUoN6D-IzvWmGR-N73C74iEovfFtl1Bt2GZ3uaGYcxp9Agd0r3ed2Qn5dKmSMF2YLOmLcf_Is2Ts-mqDfH72Ywy2qd9fVvSz3495_M0cJ9yP2p-klWOpEOpHncVILSuVLadxwDczaS86WxzSFL-OUnVyqshHX1lbo05JitNizHkjzEcAEkYS4_8cE4AQDiAXmiIX2TZAGAaAGdoAHjt_phgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QDgAoByAsB4AsBgAwBqg0CU0ewE_6_xBbIE9O0leQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=0lJi6ESZjY8&label=vast_creativeview&ad_mt=5&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15338%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D442495903&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1708492159737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9555 0
54 B 246ms
245ms Ping
image/gif 142.251.221.35

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=6~lsvc4b3i&c=6280922496149&slotId=3140461248074.5&qqid=CJD5_J_Vu4QDFZPFcwEdUWYAFw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1339&mt=video%2Fmp4&vs=1280x720&dm=15000&met.4=vil.3q1~ff.3qe~videopreviewstarted.3qf&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.35 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 570ms
570ms Image
text/html 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=2104734222799361&bg=!bm2lbSLNAAZN4L4YbeA7ADQBe5WfOO-kNSvQVdGRpx9HzI3DFyGOBCj5o0WowDfxUo09j40iltW0rzPTpop7B-tGPZAnAgAAAExSAAAABGgBB5kCtx6DPlgW8_ReTCliPQ3stHnBf1DbfdtZu8bHGQxCdKLPzF9hEOWyxDlmOSGu_96q28Cp35CBwCwjI7EbYKRMbWcHpPsxT6ryZVolsUz-eX8My03TH0XXomfm81nA31RiGQM60eUxSeG75dWLNqgAzd1lWfh8vUvoBifbz86JCbZXh4kW5I6I-8nCtKqSF2EapJEoJGzPUj2hMY1QA3pZCPM6Bkhd_vAb_R48bE-Jaho4c96cyMia3kDGx2-4B9pdObmbjzpzhyy4SUdR4SOQalg-PKY9jjMr0fSK72_qHzYkM0tw7OEG3Hg2gRnkvHU2b6U2MKKmJOjpeu1qoGGJM6dIn0pVg0DOyVHy-2v0X994Y_YU_X1__24nb_u-pO--FPrx0JeBoQkMEgNH-fVAuZPOn0_z-TZiFlz1rr98Lmx71IsUN75RsvE2YHgG3VjwKJzlIkVWcy5AnHQOQS_owb2v4ha_jtI8fy6xrcFTKbLcR3z4JM-qBLjVg6ahIXpN356MKhjgBPGoEhxecuGO4lUg2COEUEoJ2Z1Tbi8K0Tj9tGarGbA6j-zCHENOCWks_wAYJQE6y5tn0FiLBQoRopg72da0HfkZpGZTmFqE7BtHJRjIPo8nM9A3Rdj6Knrj604lR-oI0o12rCzzO75VSgu3yfTnoUUXR8xrFxdR4duGYHzXx-rE2ZDFmE-nszwjEkP2IIhxm1rNAEF7nz1_-IwcMscKR2eB9U5T7GTVX_BH1S25q0eK_JIjzJFkx0Xuvjoutp-H5oEQklELT9i3BKO6Mg4i1uNPL5db4Uj0Ymr2ukesA4sYFFmhBD6G3U8Y2bA_gW4RtsvORMfhtDgdnPkJ8Qutg7jH_NS9Wno9Gc59jGgXZXX_xXB_gH-aicJIsePht4EtdH-LWPIBLcCWlWY89cANU-o7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://www.midaxia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9555 42 B
108 B 186ms
185ms Image
image/gif 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPq7fXUO2Tuwgt_oR0mrQYGEZx3kjxMTAwlNtEXhGx7y9HLTSprDH9ndD_4PJ0GVk1dN93PfxBp07ZEASrZY8UyPuVkKKWv0ubtgK18jFVBqmwCpKAXya_X8E0AteCEdQSFl4RMEg7Z8Yb9PpUjz1DcZlvZx93kWs&sai=AMfl-YTannm_pxcET7HWyb32DIXBW2PTyqW7UvfmS_BIoybo_U0IV0a9jH7P8pnszKGJ-P5GIn41V47lvycQ3wzk1yMRN6kR06OWCRvhAZcF9G2pFq4zi9KM87pnVvwmeOwB679BHwSIizgWuoqaHHGl2g&sig=Cg0ArKJSzCZQ4FU5UIgJEAE&cid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ&id=lidarv&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,169,119,378%26tos%3D2005,0,0,0,0%26mtos%3D2005,2005,2005,2005,2005%26amtos%3D0,0,0,0,0%26mcvt%3D2005%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2167%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D15338%26vmtime%3D2175%26dtos%3D2005%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2167%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2005%26co%3D442495904&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708492159737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIm5izodW7hAMVhcRzAR1VXQINEAAYACCX38lkOhoIwoeHhwEQkYS4_8cEGNO0leQDIKu3g8u3EkITCJD5_J_Vu4QDFZPFcwEdUWYAFw;dc_rmcid=CAQSTwAvHhf_lEo9iTgDZ1BoGuD2_YaB502fbLluNPR0QVowUW_xMy4RQfonZe4Vleq355CcREtOBWcJxAy6-zMJflmXTvz0nZY51x3Hbou9xU8YAQ;eps=CIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QD;met=1;acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,169,119,378%26tos%3D3729,0,0,0,0%26mtos%3D3729,3729,3729,3729,3729%26amtos%3D0,0,0,0,0%26mcvt%3D3729%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3891%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D47%26pst%3D201%26dur%3D15338%26vmtime%3D3903%26dtos%3D1724%26dtoss%3D2%26dvs%3D1724%26dfvs%3D1724%26dvpt%3D1724%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3729,3729,3729,3729,3729%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3729%26co%3D442495905;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708492159737;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9555 42 B
108 B 325ms
325ms Image
image/gif 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxdsCeoXVZZDUOZOLz7sP0cyBuAH0hY38dau3g8u3EqKopMvSGxABIN-M0zNgvwWgAdqglvkCyAEFqQJZsLy5IfaoPqgDAcgDmwSqBIwCT9BAcdoFQz2oNaOMawJBzksXM1E4eslBWbZ7Dc3zCBwROQQXQah_kMZpxp79Oqcbaq4Hgk7-0BDtyKUbGQuXx7Ymwf-QFcpRmsmVsqVl4eO4fETneR2PS7ehIdFMezwFQ9uTKekGjUIisMT1WqG4pL5Ke2dLWEDCH6R-Wdk537YgtiHr9Y9qxwNXUoN6D-IzvWmGR-N73C74iEovfFtl1Bt2GZ3uaGYcxp9Agd0r3ed2Qn5dKmSMF2YLOmLcf_Is2Ts-mqDfH72Ywy2qd9fVvSz3495_M0cJ9yP2p-klWOpEOpHncVILSuVLadxwDczaS86WxzSFL-OUnVyqshHX1lbo05JitNizHkjzEcAEkYS4_8cE4AQDiAXmiIX2TZAGAaAGdoAHjt_phgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICACEi9_cE6WNfN_J_Vu4QDgAoByAsB4AsBgAwBqg0CU0ewE_6_xBbIE9O0leQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=0lJi6ESZjY8&label=videoplaytime25&ad_mt=3904&acvw=sv%3D961%26v%3D20240216%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,169,119,378%26tos%3D3729,0,0,0,0%26mtos%3D3729,3729,3729,3729,3729%26amtos%3D0,0,0,0,0%26mcvt%3D3729%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3891%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D47%26pst%3D201%26dur%3D15338%26vmtime%3D3903%26dtos%3D1724%26dtoss%3D2%26dvs%3D1724%26dfvs%3D1724%26dvpt%3D1724%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3729,3729,3729,3729,3729%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D468045176%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3729%26co%3D442495905&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708492159737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 05:09:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.atdmt.com
URL: https://ad.atdmt.com/i/img;adv=11072226225113;ec=11072243362951;adv.a=9328736;c.a=31271031;s.a=4528092;p.a=387282946;a.a=578565139;cache=4147558806;

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xiaohuashipin.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSQSDTRBD Value: NFJLPBECNJKLAOEAIDIALDHD
.hm.baidu.com/	1970-01-21 04:10:52	Name: HMACCOUNT_BFESS Value: 3BAAA2CE98340BFB
.midaxia.com/	1970-01-21 03:20:28	Name: Hm_lvt_07ffa73c12daa5da5b37a7de9b8c3c71 Value: 1708492153
.midaxia.com/	1969-12-31 23:59:59	Name: Hm_lpvt_07ffa73c12daa5da5b37a7de9b8c3c71 Value: 1708492153
.midaxia.com/	1970-01-21 03:56:28	Name: __gads Value: ID=2dc68c62edaf388e:T=1708492154:RT=1708492154:S=ALNI_MY0DEg8-yOvpD0UCWMr0OSGnAt1_g
.midaxia.com/	1970-01-21 03:56:28	Name: __gpi Value: UID=00000d0bfbb7ae4d:T=1708492154:RT=1708492154:S=ALNI_MYdTFiR5ldm9AXXDCR844tDRWMebg
.midaxia.com/	1970-01-20 22:54:04	Name: __eoi Value: ID=8678b2b46cea9af0:T=1708492154:RT=1708492154:S=AA-AfjYxGGL6fLANH6ZeYf9rbWLq
.doubleclick.net/	1970-01-21 04:10:52	Name: IDE Value: AHWqTUnHfu4-4T10NK3ieKjEc_j6E3UwgZ-Q1nSHNRcI7sgAoxp0HMv6EAKI6CYV
.casalemedia.com/	1970-01-21 03:20:28	Name: CMID Value: ZdWFfYsFVa0AAFnjAC.uxgAA
.casalemedia.com/	1970-01-20 20:44:28	Name: CMPS Value: 4853
.casalemedia.com/	1970-01-20 20:44:28	Name: CMPRO Value: 4853
.adnxs.com/	1970-01-21 04:10:52	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 18:34:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:54:04	Name: APC Value: AfxxVi7vzI514UOWOXgyhsD6tz16QtjhYTmZXfJWC5FWC5wtrwPixA
.doubleclick.net/	1970-01-20 22:54:04	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:44:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlhqG/AM!]tbPl1M>e)ZlrFUfJ+tGXvWBINj.-G2G5Q/1Ta@0ff4X!$aP_/$<#G`=YzbpRzqF1`ba'-*LQRw
.adnxs.com/	1970-01-20 20:44:28	Name: XANDR_PANID Value: JO-kAueyiaXNvT_4PaOQRtzpzyrIEoF2616EwNblCyTvXQ5Ld2SXEiFtO3JfpXtR8-wpJqxWqFSoKRm91JYMXqRh7-XdFxY3158ApuJ0i6o.
.adnxs.com/	1970-01-20 20:44:28	Name: uuid2 Value: 784134572845356023
.googleadservices.com/	1970-01-20 20:44:28	Name: ar_debug Value: 1

110 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ad.atdmt.com/i/img;adv=11072226225113;ec=11072243362951;adv.a=9328736;c.a=31271031;s.a=4528092;p.a=387282946;a.a=578565139;cache=4147558806; Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://www.midaxia.com/yuming/xiaohuashipin.com.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
ad.doubleclick.net
ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hm.baidu.com
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r4---sn-npoe7ner.c.2mdn.net
res2.wx.qq.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
www.midaxia.com
xiaohuashipin.com
ad.atdmt.com
103.235.46.191
103.43.191.191
103.43.90.179
104.18.36.155
142.250.4.132
142.251.10.149
142.251.10.156
142.251.10.95
142.251.175.148
142.251.175.156
142.251.175.157
142.251.175.95
142.251.221.35
172.217.194.154
211.149.189.78
221.15.67.45
64.233.170.94
74.125.12.233
74.125.130.99
74.125.200.138
74.125.68.156
74.125.68.157
74.125.68.94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
15fc04e087684f5b6391559fe36e9639148f7de616a9f30b96ab175ead0f0506
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
20ea7609fe1d2013ab57617de3507f5eb3881b72f633c8dbff29595dea196b89
2121aca104ef8eb5a3a48734c56fb1bb3a2ad057ee4face30cf88f4534249d8b
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25057f0dda5925eb9d9c4d90570a15df2be264aa82a311ee738f78d67cee50ca
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2b5ae3600505a612beeaefc9853255c1e55a0bc3c853634a3e194f5004f00096
2b81970d0d3089671a53f30fb56dae9a8dec14b057a8b22f407198d68c626a78
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33794b903cf6cdf61934de5956eb1301b944987ffdf9517a9d44ae71dca5528d
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
3fa033d00af00470f38b05bda0b186a5e045a44b56628dbeaaeac34a7759fc1e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
450271fd5aabd19f6a8c6f5fec305c4c52857b6a0e70dc5b0cf70951f335d69e
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f222eba5bed9e8d6c6081a7a2d9a27c0b8538e05809f3d43b1ff045e0730611
544bdd34d3f3d555aba958fa8a1f228fa2a094620856afb93c5d8d2aff2c8af6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ea0a2bf2e4ba86815782535de2bf697c77611dc7bf30a709bc9220aa21c0c00
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d27e1488b87761963b97aa5a6ec34dc8f9ad8201661404913c9cec2e8040d47
6e7e9c8d2526fcb4671b05d75e4e00b872b7c4d7b805048d24cec6707029af36
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
71f64087519fbbd8463eb2fb881ec7a377c383c047c0e8d50448ff0efedd93fb
72d754d4d72defd2cb79de4e8384fcb541aba6723250fea03c227465dfddc6d1
7fc8ad4b910b71e6d5de9b61392156d009c020041617802bda3f64ee1a0208f4
870dc6015b760f8b6bc93f7908d434a3bb0bc66ea4cb06fd7c5268a3391733b9
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
8a7b59a742a8674189101d6042dbd38d09aee4d96503f6dfc86252b6e0e01f7e
8b2f5392a226714b2faff55d18771a3cf60357d6c1987445b74fee96f10524c5
98a7e9db51a00e04f2f26e2dedb0884336337ea8eec9159443ccfc34c7d1e703
9a619d234257afcbac6245adcbd618cc094b34e65fdf31d9f133a19268b4bc9a
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01476132274c0ff199997d08e32a72074e106c2832580ec962eae8a0122db74
a24b4413030e16b2803b7cddcf1ca90e58ac1a6ca71070bc76407d77a3972c8e
a6c01c6758c0c51b36f5c7e43d2df28b8b69f63e8df5a320ddef2017f6d5be6f
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a9113cef527609d6cd4350007ff81e343ee7af3e8b22703b47d580191b2085f0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b142b3517e0766a3cdbdfe1f31117b152e85c11ad33dc778a3bae316ec8e5973
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
befb45070bc3654979c37898d9ac164eb4be9dae759bd707a4bf0db109918e82
bfac1ccd57aaf192f57583e5aa34d80168eaa23c1ee0691b9e50a7f65774e012
c2d4bfb30b37b184c9d43a98a6b61dd495aa680c2800fdbac85c49f9913325d3
c9ccba6f4bbb2634efa43dc1489057db599ecaf966f1755b2a06c476f37b4ebe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d400a6fb2bab6f8fa450d98290d16a53dd8071309214ea5e9c7a03c2c71b62f3
d744c90393f9d0da7ffdeb6c24f2eeec16a4c99ca515fa77a9de072f96088b7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e55662dc8c011c02ffc492e7140a8651ef0a4de6b907b69c4bb5e2982961da28
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed7d87360b5f074153a2f0632fae53c4fadee415c87d1fabd37382d5d899a053
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.midaxia.com Open in urlscan Pro 211.149.189.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

78 %HTTPS

0 %IPv6

14 Domains

25 Subdomains

22 IPs

5 Countries

4569 kBTransfer

7045 kBSize

19 Cookies

9 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.midaxia.com Open in urlscan Pro
211.149.189.78 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

78 %
HTTPS

0 %
IPv6

14
Domains

25
Subdomains

22
IPs

5
Countries

4569 kB
Transfer

7045 kB
Size

19
Cookies

139 HTTP transactions
4 data transactions