urlscan.io logo urlscan.io
SecurityTrails logo

xn--220b31d95hq8o.xn--3e0b707e Open in urlscan Pro Puny
내도메인.한국 IDN
139.99.90.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bet365.kro.kr/
Effective URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Submission: On December 27 via manual from KR — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 86 HTTP transactions. The main IP is 139.99.90.56, located in Singapore, Singapore and belongs to OVH, FR. The main domain is xn--220b31d95hq8o.xn--3e0b707e.
TLS certificate: Issued by R3 on November 2nd 2023. Valid for: 3 months.
This is the only time xn--220b31d95hq8o.xn--3e0b707e was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.104.112.214 63949 (AKAMAI-LI...)
5 139.99.90.56 16276 (OVH)
1 142.251.175.97 15169 (GOOGLE)
12 74.125.68.156 15169 (GOOGLE)
7 119.205.238.29 4766 (KIXS-AS-K...)
2 216.239.34.178 15169 (GOOGLE)
1 11 64.233.170.155 15169 (GOOGLE)
1 211.62.59.141 4766 (KIXS-AS-K...)
17 58.225.75.78 9318 (SKB-AS SK...)
7 172.217.194.132 15169 (GOOGLE)
1 172.217.194.95 15169 (GOOGLE)
2 74.125.24.95 15169 (GOOGLE)
5 142.250.190.67 15169 (GOOGLE)
2 64.233.170.94 15169 (GOOGLE)
1 2 13.226.120.75 16509 (AMAZON-02)
1 1 142.251.12.100 15169 (GOOGLE)
3 74.125.164.41 15169 (GOOGLE)
3 74.125.200.154 15169 (GOOGLE)
1 74.125.24.156 15169 (GOOGLE)
1 2 74.125.24.149 15169 (GOOGLE)
2 3 104.18.36.155 13335 (CLOUDFLAR...)
1 1 142.251.10.157 15169 (GOOGLE)
1 74.125.130.104 ()
86 22
2    172.104.112.214 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-112-214.ip.linodeusercontent.com
bet365.kro.kr
warning.o-r.kr
5    139.99.90.56 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 56.ip-139-99-90.net
xn--220b31d95hq8o.xn--3e0b707e
1    142.251.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net
www.googletagmanager.com
12    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
pagead2.googlesyndication.com
7    119.205.238.29 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www.mediacategory.com
2    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    64.233.170.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f155.1e100.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
1    211.62.59.141 (Gyeongsan-si, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
dsp.mobwithad.com
17    58.225.75.78 (Seocho-gu, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn.megadata.co.kr
img.mobon.net
7    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
2    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
imasdk.googleapis.com
5    142.250.190.67 (United States)

ASN15169 (GOOGLE, US)
PTR: ord37s34-in-f3.1e100.net
csi.gstatic.com
2    64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net
fonts.gstatic.com
2    13.226.120.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-120-75.hkg62.r.cloudfront.net
kn.acrosspf.com
1    142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net
gcdn.2mdn.net
3    74.125.164.41 (United States)

ASN15169 (GOOGLE, US)
PTR: sin10s24-in-f9.1e100.net
r4---sn-npoe7nlz.c.2mdn.net
3    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
ade.googlesyndication.com
1    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
googleads4.g.doubleclick.net
2    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
ad.doubleclick.net
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
cm.g.doubleclick.net
1    74.125.130.104 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
281 KB
16 mobon.net
img.mobon.net — Cisco Umbrella Rank: 127022
665 KB
15 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
54 KB
7 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
7 mediacategory.com
www.mediacategory.com — Cisco Umbrella Rank: 109837
17 KB
5
function sub() { [native code] }.
132 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r4---sn-npoe7nlz.c.2mdn.net — Cisco Umbrella Rank: 667645
81 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
135 KB
2 acrosspf.com
kn.acrosspf.com — Cisco Umbrella Rank: 150731
820 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
310 B
1 google.com
www.google.com
1 KB
1 megadata.co.kr
cdn.megadata.co.kr — Cisco Umbrella Rank: 166893
3 KB
1 mobwithad.com
dsp.mobwithad.com — Cisco Umbrella Rank: 225271
467 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 o-r.kr
warning.o-r.kr
649 B
1 kro.kr
bet365.kro.kr
211 B
86 17
Domain Requested by
16 img.mobon.net www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
img.mobon.net
12 pagead2.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
xn--220b31d95hq8o.xn--3e0b707e
7 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 www.mediacategory.com xn--220b31d95hq8o.xn--3e0b707e
www.mediacategory.com
warning.o-r.kr
5 csi.gstatic.com imasdk.googleapis.com
5 xn--220b31d95hq8o.xn--3e0b707e warning.o-r.kr
xn--220b31d95hq8o.xn--3e0b707e
3 dsum-sec.casalemedia.com 2 redirects xn--220b31d95hq8o.xn--3e0b707e
3 ade.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
3 r4---sn-npoe7nlz.c.2mdn.net xn--220b31d95hq8o.xn--3e0b707e
2 ad.doubleclick.net 1 redirects xn--220b31d95hq8o.xn--3e0b707e
2 kn.acrosspf.com 1 redirects xn--220b31d95hq8o.xn--3e0b707e
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net xn--220b31d95hq8o.xn--3e0b707e
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 cdn.megadata.co.kr xn--220b31d95hq8o.xn--3e0b707e
1 dsp.mobwithad.com www.mediacategory.com
1 www.googletagmanager.com xn--220b31d95hq8o.xn--3e0b707e
1 warning.o-r.kr
1 bet365.kro.kr 1 redirects
86 26

This site contains links to these domains. Also see Links.

Domain
letsencrypt.org
xn--c79as89aj0e29b77z.xn--3e0b707e
Subject Issuer Validity Valid
xn--220b31d95hq8o.xn--3e0b707e
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.mediacategory.com
Thawte TLS RSA CA G1		 2023-12-21 -
2024-12-21		 a year crt.sh
mobwith.co.kr
GoGetSSL RSA DV CA		 2022-12-08 -
2024-01-07		 a year crt.sh
cdn.megadata.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2023-12-04 -
2024-12-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.mobon.net
Thawte TLS RSA CA G1		 2023-05-24 -
2024-06-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-12-12 -
2024-02-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://xn--220b31d95hq8o.xn--3e0b707e/
Frame ID: 62AF45293EEC63D3B6DA1398819477BE
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 5F20802AA278108CD2A2059C00BFC3DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Frame ID: 9FF13BFAA0A39D8DFDE26E01D808F001
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893200&bpp=1&bdt=470&idt=96&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=3552868678499&frm=20&pv=1&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=100
Frame ID: 810F5F637AD76270503B2FF29D2FD8D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1703676893&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893231&bpp=1&bdt=501&idt=72&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=3552868678499&frm=20&pv=1&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=82
Frame ID: 08D0E0FABDE3BE4EB2651E920EC99A4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: ADD9C004C6CC344717E01B2CAC183FCC
Requests: 3 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Frame ID: BF8F23B2A80B2B44267C5898BFB2C690
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C8A89DAA4C0C4CEEB17F8C7D6A8ACFC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4A0A075BDFAEA7678077D72EE9C0EA3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

내도메인.한국 - 한글 무료 도메인 등록센터

Page URL History Show full URLs

  1. http://bet365.kro.kr/ HTTP 302
    http://warning.o-r.kr/ Page URL
  2. https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

92 %
HTTPS

0 %
IPv6

17
Domains

26
Subdomains

22
IPs

5
Countries

1487 kB
Transfer

6736 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bet365.kro.kr/ HTTP 302
    http://warning.o-r.kr/ Page URL
  2. https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bet365.kro.kr/ HTTP 302
  • http://warning.o-r.kr/
Request Chain 32
  • https://kn.acrosspf.com/delivery_icover_js.ad?pi=40109155&m=R HTTP 302
  • https://kn.acrosspf.com/delivery_adn2_icover_js.ad?pi=40109155&m=R&k=&rnd=1703676894
Request Chain 36
  • https://gcdn.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5EC4CFB15A2AE5B40304DECD5ACC257AFFD6F382.7DFDE4B3F6A20FA790FF13D110F072F1E530E1A8/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4F268B9F562A341855B107823F69D90102D0AB52.30B8D1EB365C7FDFE0EE03B5C5397E81E8C19A63/key/cms1/cms_redirect/yes/mh/WL/mip/116.86.35.127/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1703676527/mv/m/mvi/4/pl/19/file/file.mp4
Request Chain 47
  • https://ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/B30929751.379602263;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/B30929751.379602263;dc_pre=CLqRz4HDr4MDFW6VrAIdkPUBuQ;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Request Chain 48
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSdPhCQ4MABGMj3y_wBIAEwAQ&v=APEucNW0xzDVp8xdeCOlDrJuh77_OLaJnYlg7gKvPnEwMdxE2Ki77xc4TMbYCTzTOM3TG9Ieynp-HlNlT_LrHwZg3dnrz0oKYpsXsZSLSPeD6R48f3ieXec HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYwL4DcmbzecMOil3Ks5DAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9kD1QHNDfp_gVBjXhtF8Y&google_cver=1

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
warning.o-r.kr/
Redirect Chain
  • http://bet365.kro.kr/
  • http://warning.o-r.kr/
463 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
http://warning.o-r.kr/
Protocol
HTTP/1.1
Server
172.104.112.214 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-112-214.ip.linodeusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Dec 2023 11:34:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Dec 2023 11:34:47 GMT
Location
http://warning.o-r.kr/
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Primary Request /
xn--220b31d95hq8o.xn--3e0b707e/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/
Requested by
Host: warning.o-r.kr
URL: http://warning.o-r.kr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
0b703915a7fb91a4d7ee229a8acdedc6105fc640fe99372b66dec92fc01c6904

Request headers

Referer
http://warning.o-r.kr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 27 Dec 2023 11:34:52 GMT
server
nginx/1.16.1
x-powered-by
PHP/5.4.16
style.css
xn--220b31d95hq8o.xn--3e0b707e/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/style.css
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:52 GMT
last-modified
Sun, 01 Dec 2019 03:38:47 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335c7-507"
content-length
1287
content-type
text/css
jquery-1.7.2.min.js
xn--220b31d95hq8o.xn--3e0b707e/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/js/jquery-1.7.2.min.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:52 GMT
last-modified
Sun, 01 Dec 2019 03:39:30 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f2-17278"
content-length
94840
content-type
application/javascript
loading.gif
xn--220b31d95hq8o.xn--3e0b707e/image/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/loading.gif
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:52 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-38ee"
content-length
14574
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c2763ff692066bf5e9919b2648b4159fd1da41b0409af9f10cfeba6bf0802756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 27 Dec 2023 11:34:53 GMT
logo.png
xn--220b31d95hq8o.xn--3e0b707e/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/logo.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:52 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-2706"
content-length
9990
content-type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
dc47a6b59fa3673cc2112c974272bf92ce87162170ac84d141eed3bd296c9a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51289
x-xss-protection
0
server
cafe
etag
5423310179202864469
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 11:34:53 GMT
adMediation
www.mediacategory.com/servlet/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adMediation?from=http%3A//warning.o-r.kr/&s=132364&platform=W
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
5e17c3d35069b7842c66acae3f395ecf7e67e6abfb7bd9d73eae550b11f1dd33

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 27 Dec 2023 11:34:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=euc-kr
Cache-Control
no-cache
Connection
keep-alive
collect
www.google-analytics.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMMPJ6F50B&gtm=45je3bt0v867488053&_p=1703676892767&gcd=11l1l1l1l1&dma=0&cid=897828989.1703676893&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703676893&sct=1&seg=0&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&dr=http%3A%2F%2Fwarning.o-r.kr%2F&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=746
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
8963131bfa035889c83722d8fce186c649333cdf0e407378c1f8c5792a04fae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137927
x-xss-protection
0
server
cafe
etag
17239058025964448412
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Dec 2023 11:34:53 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 5F20 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
36479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 01:26:54 GMT
etag
5585625838579639069
expires
Wed, 10 Jan 2024 01:26:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
icover
dsp.mobwithad.com/v2/cover/ 		61 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.mobwithad.com/v2/cover/icover?zone=8273&output=html&auid=415d48f121e93c80767efa4e18cab0940171c3c
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adMediation?from=http%3A//warning.o-r.kr/&s=132364&platform=W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.62.59.141 Gyeongsan-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
0188d7bc54d161e9256ea9de9151a7a8b973118912e96db7c992538ce43c94b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:52 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/html; charset=utf-8
MBSHandler.js
cdn.megadata.co.kr/js/media/1.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 May 2019 07:42:03 GMT
Server
Apache
ETag
"10187ee6-25c6-587e2c51e28c0"
X-Cache-Status
MISS, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
2552
ads
googleads.g.doubleclick.net/pagead/ Frame 9FF1 		88 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
d923fdf93238e846a2a27517051e20db6b34314c71351e9665c74be8230dde9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28528
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 11:34:54 GMT
expires
Wed, 27 Dec 2023 11:34:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 810F 		755 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893200&bpp=1&bdt=470&idt=96&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=3552868678499&frm=20&pv=1&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
ab1f501673487960bd4dff4e754eb49ecaefd06d61682c67b7f0363e9a7ca19e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
369
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 11:34:54 GMT
expires
Wed, 27 Dec 2023 11:34:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 08D0 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1703676893&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893231&bpp=1&bdt=501&idt=72&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=3552868678499&frm=20&pv=1&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 11:34:53 GMT
expires
Wed, 27 Dec 2023 11:34:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adMediation
www.mediacategory.com/servlet/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adMediation?s=132364&platform=W&au_id=415d48f121e93c80767efa4e18cab0940171c3c&endPassbackURL=&passback=jugon_mdno
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adMediation?from=http%3A//warning.o-r.kr/&s=132364&platform=W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
5c1bdeac278664b556439382eee31a2464e887460ef1b89d0372cd60c3b08e45

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Dec 2023 11:34:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=euc-kr
Cache-Control
no-cache
Connection
keep-alive
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9FF1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 09:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
8755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 09:08:59 GMT
css
fonts.googleapis.com/ Frame 9FF1 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 27 Dec 2023 11:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Dec 2023 10:39:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Dec 2023 11:34:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 9FF1 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 07:00:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 07:00:48 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 9FF1 		376 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 03:20:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Dec 2024 03:20:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9FF1 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 02:30:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
32641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Jan 2024 02:30:53 GMT
adBannerFloating
www.mediacategory.com/servlet/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//warning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
5573ce64ff8d775ed110e4864e1306aceceef140cc354f6f6b609f2fd7270c07

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Dec 2023 11:34:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
application/javascript;charset=ISO-8859-1
Cache-Control
no-cache
Connection
keep-alive
passbackWebServlet
www.mediacategory.com/servlet/ 		32 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/passbackWebServlet?s=132364&iCover=true
Requested by
Host: warning.o-r.kr
URL: http://warning.o-r.kr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
ddc4d575bb1046f3282978f52483517eaaa4b26517d192c5356b3c5967355d35

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Dec 2023 11:34:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
no-cache
Connection
keep-alive
wp_rcFloat.js
img.mobon.net/mediaCategory/newAd/ 		22 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/mediaCategory/newAd/wp_rcFloat.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//warning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Nov 2018 05:56:29 GMT
Server
Apache
ETag
"80fca1f-16-57b3a87219d40"
X-Cache-Status
MISS, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
42
adMediation
www.mediacategory.com/servlet/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adMediation?s=132364&platform=W&au_id=415d48f121e93c80767efa4e18cab0940171c3c&endPassbackURL=&passback=mobon_mdno
Requested by
Host: warning.o-r.kr
URL: http://warning.o-r.kr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
d56d2ceff46002096a2db3023cacaf4c21415d7f83657831a02fa4adefb446d6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Dec 2023 11:34:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=euc-kr
Cache-Control
no-cache
Connection
keep-alive
csi
csi.gstatic.com/ Frame 9FF1 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqnp8h20&c=7750160486458&slotId=3875080243229&qqid=CIWct4DDr4MDFdOcSwUd5N8FFQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s34-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9FF1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 18:53:27 GMT
x-content-type-options
nosniff
age
146487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 18:53:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9FF1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 19:25:17 GMT
x-content-type-options
nosniff
age
144577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 19:25:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FF1 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1703676894566&ai=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9FF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqnp8h2f&c=7750160486458&slotId=3875080243229&qqid=CIWct4DDr4MDFdOcSwUd5N8FFQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.101&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s34-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 9FF1 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B4pxpL4Dmpqoiq_bLvJVezv3Rg0AyRGy4SK-DreqSOVXJ5Y2D52KVb4KoSAuVi5uvHeGYsLNqA1Gl3AUM8Gd1JBrpq9A&cry=1&dbm_d=AKAmf-A_Lbzrgt16LSiVgwsqe9m33WLDtIF7Tsd_0mhmdBPHfJXjlbU8ZoilZEsVIcHFqqc_sIbQ2x4ke1u34OTn4_tG9huj392LMTqHLiqY96N8UPm0kLA5MiaiHQcBjvsQ1T8e6JH0QVR0UhxWK4oeN1kqWNk4it_Op9-RBnFZRLDQkmV63KiKK8OizKA-BpP6QhcRizApm2ZpeyDxoizPx-QaqR2oMLjSaneCAzoRr_r3H2_PXq_P62gZXAl0qrWqxYfLp4k4P--CJzgs3rFJ1qiT33iQx2Xv7W8zYmDwwczhW46d6c4-XSQu1Fmajcf4l7DqBUB-34rwt4LmPO0JFTTQdWUMtW1F6nlhF-7zyEvW7_Grz2be3F8qcwUxz0bDCng6OVzF1R6sxEo2IyxsUz-gocF1H4dfTQeL7O97AfYhMu4DWzxV0DZBgo3WbHhTUzEB8XDJ0Lq0atLRM4sv-UgwLQzOEpHIbkAwP0Hd4Cs4wW_AsIHInnbC8mmTOixHZwBE_JzkF9RHowYlxxCKB_-5cmIFwOOLVS5gYAvxN7mNCbs_9ktTxuvckbRBODhKd5MMAnM41KSh9YBqyKbSxHyY0UlJoTh2YmPT18hyf1ctibPBVE77gp2OGMQFUgr3e3DKwsBcqsGwH8ZtYYpHmAxAycbg2VnrF75hozHPKS1eH_yUoGdQWX1mRDObOkCcrTcPuYoSGrDEVojwQcJE7efsEgYGmJV3xONOsumK6VIOXOVuqMeEWEV3DSMHLaTP3z7BCKEBY5H50porVeZcGCxIMcZUbfTPjlWEstzqUMWmXr6ouTfsda2PNasgGsQhY2Dl17GqtUGF0lKuHGLEnsvsyvH8l873l_uP_ojpR4mmDV8xoGEzfIgcgYXXaGBMNF7_k91xdcX_LLX3H3f-HJXNiGolXTTwBERKnS9IMphZ7FmcQRrqg9YFlJHUGloZfcmsRCDAyvO6D1ieAa5id8b396n2r9D27vhWNaDOIk1G5u1CTAmcfFeT_nw8s8Qah6hzp8VP0KbS4xB8LbWshFrRMkr8dug0iOEH7GhH7xo96u9L4PK_bJhAy18PZ6EAO4a0aD2USc1BqEjKC-EN83hzH9eIRdaJ_VFHeqWRjgB9CJbyt4mu0ktMueWEkWIaFaQTzFHanQ8AeA1iDLbitLpUY_MHI8fZC-xLp77QMIk6O5D3_tMc2Ip2ITk16lOk-eA8Bc0WEQscsc5MVA9FZTj8PBDDjLf_CClPUkYXgV1Fvv1GBXR6jMslZiJwfXnJmW3ZjQvYroPfZon9tNiaLXAzwZZww4yBhcOkR5soKaL34q_nPqJ8Tfny649xzpERiWXeOORAOIcn09dyuoissiPFEnNLx2ULIi1SmXbZqpYX4k_7P4i0RtY2POfHMPn6A37K6IfdrMbyPuek71g0kt1HqCp22PrP5lYaTJHERAWpA9pVVbFdp2zVl7wGE-SJQyrjIeQyx0M8RRKKpmzahTeEgHw1T3O4FOP3A2vvAJloWFgCyBeRiz_Tt_nKZ4qb79YECCwerGOP1CEoJV6PudG6oAEhr-4uDTOAoeIXMpQnimqRtioHIVpa-Vu0p6GVThCwsqpE_Gt8Bi1wYE0h-O0bKgDBCq5PsE5foXIbgpdfpQ21Aj6bfujMnHTmcALs-26rb32sGNSm9ZWwqgF8MVzwFNdESahEs-mz1zL1jsIYORyumeSauVaL0Pad5kIq_E74fc6Y-nXbkKoEY9816CwG4Jg4E8iKO0iupp-G--aYLInNBfbcV3-RgzEFLA6bMhoJQ_AR9NNtN0TZ_qYMhjhtKKT6MLxbvGgkvM4rpA6kn30jcTP8ZKZ3YmxQ7GmjnSy9My_c6LeSnN0kFPN19brA8ZzOEB9POJa_0JoKrE4h3vupb0KweNsnQVOOdobO-cTtrFighs8v9hJjvPgdHblRXs8fapejv5hn0hwkUM5Smuv5Did_JjoQ41HicJDztf6inGbKF7NyGRdeuQrmVsPinlQRNf83WD_4KOgccw7O0YG7UATNRP7wIZXxrcQeXEbqiE2eR4eCfoOlvUGgz5d5Ddm3gmEe7aX-GlE_E150aJ6mydi_L-322MplhPQLN1FMAmghDP0DmNS6MNNuDAkogfCzbxHqOmiIKH3gQqHkyQdAOf5983EDif0miXf0ly_x2SNMBS9G7ujboMk4Ub3_HnsQB_7ah7dSejmrISd1yVYfFaZZHLNvTf98LLYf40EdUVerB7YUuD7yBZoMSJfQJxVGMuap1MRtRLdbrIISQ7deUEzAmUdlypmQ5x-sCn7M23oWJEFY551HiWpKlZhuZgmEpwILhHTlyEoz7wFBmWJp3MEo-TDLRUbJL-A5CiFVnLJgxzzLPOCorbOwHj_Bh-290EkQ3m-1XxOZFhz_U2kBE0MQiIKR6HYsTeNir-Cu7gPkvPtLpkIrHX1Yv6T6LLhvQzGwFR_YgS4_RYiW1BcH_Lqw5UgDhkQ_QOCfXrJ8KcoR47Us2EpSqmvC72W5EwswjX_gJFX0IvWnbUYN6kjastVtlRfDTQhAdWaMSgzFI0ZCAPYporUgmExQwmNpMmLd4FhhRjVp1U56_OlXzfL1TWH2BF76wHHCg0e0GQi_j7sOYJFfJMccWTyhW5CRjvnZWylCaefOjECNguNakBRcdXUdDlAmAHGNZjvtFpX4NJezTmjXXkGTNwvz1pq2w9H_3xRUBLrRSMcPwnTkSOxRn7o1yVU7qpgiM9HUSeF5C7KHfcd7BJBMgJnb41MWAGHkL1DSmkKA-98hNl66TR--Yrhq7sDzf9LcocLeIKFj65r-iA5LI1e8pZIqKFZuxlTbpirVIktWYol1b4tQTIW9Hx18LQaqYTxoyr3-gAFz5Xe69jSJ-1djLIe4dHYDtgSMG12jr9QrGSRFXPy-Vu1BPWI-9RKPUw90Cjw8bf15raYzueZQY_HpV6nZTetmExX0a1J-aSeQHPUKDdNT1h1h8eNQ2i41_AiK2FWZy9-qojRiLpwWC2UzTCZwdKSmu2T9ObMD0J5bSLAsGI13eYV380mi2-S3-qwtK3xAmtLqnEJ9SxREf7r-V2NAUvIZAIuSoDefn5cExN7iosqQnOv6vlvKnrafINX3bU0y6sIUokXhD9rNq1cQnkzzx06BvLpWDYOlJi4oV8jQ2iZXJq0Uvm1Q51fLr-Pt1rF3oeHsL34zHMFbxlkx0-yvo7e6hw1cXhDkSHgLc9EETBCUOwIazGiKQaeXPc7aAwdJmgyt9yupENTZFYw38SaGNTmVpLyT3eqDRCvBGtX_G57IHUa51Al94B3J71pYCwIkiIuDfq-VpGMcZ6-qy5YVr066VNW0U0_YoQ-1Fh_RQ5eIsisL6desB3EasM8UATRzhKbcuyDr-oOW01NC7KvFbDSdKO_kIWK6v19xDRJKMPUbW3aBi8k6nCu1YPMeYexGH4Gfj_WFT-nAMLXan3Q2LFXlFzovuoxrugDi54y_fwfLmI4ri7Cn2NOJ5eGwKeztkPgXhAYC_bUPHgcCsyCOAwn5dqRmc9UPKFMgSGNxuyeOcaL0xEn-aExLujMIXoaAZmKR0zZMGMV_LP8KRWdXoEn0u90l5tGf3QS801iRpih3PHNYU2E3tA-V22cycWvSj8ErRv0PkshuiByp-EHFYXcw9gsVaRaMyjRtTbIj_JV-3jfkTOr6pSV-wiedxHA2DNSd280X46j7J64dbTGkDOPJlPcDKQV8mvMpKnPQQifQUiLvsRQyGkLfwHEHIJYB_IuoFQbQDnoWP9FcSD0Bsz8sAeS9zizElZ3l05o_X3JZHDTq5f96sBJNGHu-9q9Sbh0KzrPOwU3h4nIW0wIzDbQ-IqJEzLa3anv4qmwKaQKYWzEoX2nJ_Wap-Ji0xPWPu7xkRL-aVqpupp81uz6aibe1blt2EHFd3qoK23MLS_oh19x4c7dEyTlzArclPjVmXjt5paWCj_K2rW5tttL9LOUmQQYEzgnNm-h1uQj_I0cX_b7Wh5BSNox4UoL2WTcvzuVONXw_&cid=CAQSTgAvHhf_q6qV7A2SvKk1y6wImRk0thRgMfDuaJ9H5D-0TRseKTBY3rmRXRQSUNrgbzbpeFrspVX9w1UVz3GmJOveMd2zYC_6_91jYnse9BgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
231f867308c6ed574bfc896131ba817c745d1779d9c0fe4f2e7e2af847ba0575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17977
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
delivery_adn2_icover_js.ad
kn.acrosspf.com/
Redirect Chain
  • https://kn.acrosspf.com/delivery_icover_js.ad?pi=40109155&m=R
  • https://kn.acrosspf.com/delivery_adn2_icover_js.ad?pi=40109155&m=R&k=&rnd=1703676894
47 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kn.acrosspf.com/delivery_adn2_icover_js.ad?pi=40109155&m=R&k=&rnd=1703676894
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Server
13.226.120.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-75.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
26de461f0a2ae10341bd3bd347dde766ab1b227938af6459404ae59290a335c9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:54 GMT
via
1.1 7019d108ed76e032af7a0273104a07a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With, Content-Type
x-amz-cf-id
qooRvj5KLXjvv0mxgFiERVmP89jodCpn9nbI4QqyanotdSeiMnLMVA==

Redirect headers

date
Wed, 27 Dec 2023 11:34:54 GMT
via
1.1 7019d108ed76e032af7a0273104a07a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
location
https://kn.acrosspf.com/delivery_adn2_icover_js.ad?pi=40109155&m=R&k=&rnd=1703676894
x-amz-cf-id
v4eJZuJ7PGJ5Wk3qevOCqrhRxrDsrJmnsFCy4xXSzHwEOemaK_B9Rg==
truncated
/ Frame 9FF1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5345fdcf817c00db0461e4ce0b5f150726de08d4ca061a67eac3570b240e1b90

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 9FF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqnp8h31&c=7750160486458&slotId=3875080243229&qqid=CIWct4DDr4MDFdOcSwUd5N8FFQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s34-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 9FF1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 23:22:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Dec 2024 23:22:20 GMT
file.mp4
r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9FF1
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4F268B9F562A341855B107823F69D90102D0AB52.30B8D1EB365C7FDFE0EE03B5C5397E81E8C19A63/key/cms1/cms_redirect/yes/mh/WL/mip/116.86.35.127/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1703676527/mv/m/mvi/4/pl/19/file/file.mp4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Server
74.125.164.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin10s24-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:55 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4292075
Last-Modified
Wed, 01 Nov 2023 07:54:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 27 Dec 2023 11:34:55 GMT

Redirect headers

date
Wed, 27 Dec 2023 11:34:55 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
643
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4F268B9F562A341855B107823F69D90102D0AB52.30B8D1EB365C7FDFE0EE03B5C5397E81E8C19A63/key/cms1/cms_redirect/yes/mh/WL/mip/116.86.35.127/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1703676527/mv/m/mvi/4/pl/19/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9FF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqnp8h51&c=7750160486458&slotId=3875080243229&qqid=CIWct4DDr4MDFdOcSwUd5N8FFQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2087&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.128~videopreviewvisible.12f&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s34-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame ADD9 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
526757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 09:15:37 GMT
expires
Fri, 20 Dec 2024 09:15:37 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame ADD9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
11252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 08:27:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ADD9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B8ZmS3guMZdbnJZPCrQH-3Z7oBQAAAAA4AeAEAg&bg=!nJ-ln9DNAAY3kmNgF5I7ADQBe5WfONeu3qbn-fvLvK0Gu-YV-_31fiL37vsiiLhs1in54W9cfexGtW9YFm1EFBvks6LGAgAAAFVSAAAABGgBB5kDMIyAzoT70K9zs9T60Ch-YttZfwjYiyHalVqDbwTyxPLGmck8bbRyIfJ1sqRzxdJ6I7BqeiY_y0p-r6MLtkJgVPwkfte9Iq3vAKexLooCXlHJ3avOyXtVpfZS5ov8sRmUaYZt1xC0cC24yyojAALM1GYMWh390L6J3mbi19tx7FuCyqIZxEcTkLZitBMCRdD-j2xQQcuWgEhWiTROp-K9FJ-GAp_xIC_Z80Nvh2U69LESfxiu5o72wbtU0oLcXQC4BBMeMmvZuBRG3ooR4rJ-AGfJg2wuh4fy4ij_q7O1v5YXt9lXE0cvB9MLbQwuQkTWWSW4AhzDeEGYA0-UmQKeAIz08vA0IT1QGKTyO7Fh9_GwffSesMGmVGVIA_1JiP1UEarXZfQzvH2EJrgxNRWhch-NWcjjWjb7q6bPqKJHepRBvwTAnBg6fv0YAzMpcMw3t7dv4aJygXigOGWE0SfIuIx7Q5lfemOvKkYVWzRgX6cySLDDQjBuxRLUI13aJ-M775-h70zlFF0PeU5zTmETcArYWxK4a-X9r3RW8wUFsI-Xs9fFjYOfw8VWOOhDDBSTuH4D71SBkXFcfLvwUStczZujwqY0wZGmP11kX5nXsCOF8wy28A8dPLeFhRybyfmVZD62Umf591W38yiIE0gtJL0kia_-K-7rmrHrxNBHKMGgzYi-1qxt5RrJdq6QXm-rcd-4rLRUuWJxN1Gg26vJJSvR4GaysUTHqx_9PW38RC-3RZOgscMCLGI-KHV3RFrNFliJX7eh25QSux57AI82WqWmTLsKbifeSAShoY1YPTlG5q1VBpTU40PGL-3mhXrkyhsT1AUwvJ9npwtatq8LhFtGiKlj2wydSOsj_BBbVFyOoqsVeDdbS0QUd6U_RSA-VkBqebZTVzh5t8uXK8jVL2kqknNPkFSus7KIP_ALS0zxRas_u8WKXHgDLsERKp0R3ZbdMieWa97eN0n9lBZvBRpVuWv7P1H-chQsdJpyf0MAbgolYR0Cy_J-d8VhdjTeRwKcXdxYbQ24aXcVxpBR5FCmPqK3rHLXZdSh8W9JqzInAstSi5a_m7xG6oWs360ErQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9FF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIcJU3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAaoEgQJP0N0oaCwxGF8AmZG4znowOQpg20Eg3tb6SwRGjGbFarDcxtfZWzx1_NBbHK35EAMg1PLFCjGz2RQ2A5gNavf8W2e-zNPKrw7074Ycwo-Gr9Ehit6_BXN4So4zsexcAGKDrFBrvdCkQV2bFPJZMx02Ro7q-_TFhXigPaWzaSJCVhOsWHqq3gZxoJX0UFiv-UI9i6ffo93Sx26-6qbKXky3tt-S_waCiUjYxvYMH2Rd2z-u3WmEPA4_5TFno3BFnn8rbY6vUH28efcBlV0sP2JT5W19kFiKwXuWBXnLjhtaiTO8i7sKUte375qUtOajxaa4t8-Rh862CWrEVsIBjmhIwcAE7cjzo7YE4AQDiAWd0JqcTZIFBggDEAIYAZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHjt_phgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDKzisYyPfL_AHSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMPxtoDDr4MDgAoByAsBogwcKhoKGOS0sQLutbECtbixAqy6sQLktLEC7rWxAtoMEAoKEKC9roX5yoroFxICAQOwE6OY2xXIE4aH6eMD0BMA2BMDiBQD2BQB0BUBgBcBshccChoIABIUcHViLTY1ODYwMjE1Mzc2MzMxMjYYAA&sigh=22YIIpboMks&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_q6qV7A2SvKk1y6wImRk0thRgMfDuaJ9H5D-0TRseKTBY3rmRXRQSUNrgbzbpeFrspVX9w1UVz3GmJOveMd2zYC_6_91jYnse9BgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Attribution-Reporting-Eligible
event-source
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 27 Dec 2023 11:34:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adMediation
www.mediacategory.com/servlet/ 		0
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adMediation?s=132364&platform=W&au_id=415d48f121e93c80767efa4e18cab0940171c3c&endPassbackURL=&passback=across_mdno
Requested by
Host: warning.o-r.kr
URL: http://warning.o-r.kr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Dec 2023 11:34:54 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=euc-kr
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
file.mp4
r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9FF1 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4F268B9F562A341855B107823F69D90102D0AB52.30B8D1EB365C7FDFE0EE03B5C5397E81E8C19A63/key/cms1/cms_redirect/yes/mh/WL/mip/116.86.35.127/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1703676527/mv/m/mvi/4/pl/19/file/file.mp4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.164.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin10s24-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 27 Dec 2023 11:34:55 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-4292074/4292075
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4292075
Last-Modified
Wed, 01 Nov 2023 07:54:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Wed, 27 Dec 2023 11:34:55 GMT
dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D202311...
ade.googlesyndication.com/ddm/activity/ Frame 9FF1 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1703676895663;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FF1 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE&sigh=hvw1FC8NEK8&label=part2viewed&ad_mt=6&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1703676895663
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9FF1 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpp-EIJQu35pS9oBdY_2fo0MT_pi7ryyKL6bV0aVPouBzlup1ohVjYPFWgP9DxufR8FSv8IzP-gPUtPQSB3W-FBRTuAC1U3_9VxnmZSyRQtPiuuPU1F2VWchMqMhaKxEmCvdhKAG_tjxF2UR_ZKc33VRZT8qq9gxeCQ_rWHY9QG1iAU6halEc-rl7FIgN67ienvLd2DixlViTSXpR0mDOrNW0DUW7vtr8oSzJzwnGuU7LDAJEqwG6zMIteT2UXJgr4Ij0vEOlwpOFoCr8yANvko0pfLr0O_Jvkl1ut-I8Bi19wPIpgo7NMYcOv0TmWH1Vh0R6NZh6VUsBQfpSu12I31MpBkkIuSLQzN6HUt7JbSNmR7GrEEKgRWR8KT52sMjbqZ-3cC8t-y9_yT5uzCLw5ENL65K4vtGSYD4Tpd-ys42tyDcQkySzcKnJHJMcyEi3eQwAOWV3rcba7O_srQMR79zvIs5kYeFJMBuKt9_aTZDRbB3Nb6A7ASNZGXrYcTDEVsfXO44xWSojwLNxFKrtPpj12p39E7AsU9JF9TASsKavt-fNiGdr7oouf-wsw7yF3r49JKB6QPXFX2WB79LXtnHIaAz5po3JrpRMiK9d59GSI8lXfjwgfjXfaxhP9H-pUX5-7qRVby6e8HMm5cYdFhHVO3FCGzBGG8U22CFrn5RyCeDmbMqDfYUACIJoWrlnC5gZ7Nsbl4N5bGhZK0KuJ8Z8DGTGeKBLOFC1axjN2InFMvExLb7r8o4-BMOjsYBsMZFDQdVH2Z7AIjhucubtfAykpyckeU6WXsokNijJIqy__veVVTKja5hLvcH1ndZUo300xNoCiD9komKQbeig7jaK1nGuu0g9nO6W7MVSVcl-cksg5AXn5n90IwnDRJhzDuL3u7XiK-IJgrEw6fDJPap0vne26onfVozltrjur_gAMJYQNpDT2xmfkt6xsl3ECPpdxKHMo6wiv31jfqEJAb57iAmuPi3mMVpwk9BY_2kEw5tTlwcuNbBC3QWaSm3EWaBzvmVujAxc79I5K2wlF24qrFFqz0mwzRUk1XATeJEf5P7oDCVSSp5OTLRKiHlF2psbxe9XK3Yh0FV64Tni7b3nQoeHg7TO_X0zJ5QHISadU9pZW_og5jmGK1dWg0my0gekYBFxIy5A2pbHAbc7uFsFAojRvjWvN6WcUoIR5fy4DaL2yDC-zGhmeJCCH2spk47reUoWPg1BJ238wJvpzN333QuO-PrchiPjYnah2sFBX2LcfZpSpKJy0UkO44R3Im-kJMb_DyPB3uL9pdF8PHddiibTVe7o4v_rmAu_7K5GeFpohS1Id9_7RwT6V0KEKH-L-ZvmZT7nQsFDRN2o_QiDnlfOTn4Xhfc4nQLAehX4rTicShFr-SrVRvua76lre_Wmv0A&sai=AMfl-YTEuiWwPQUm58xzfDFAA0pDZ7jWtgcFAAmRXBZM4jsuIGU0WPhZyqVz9lze4QWIHgzdUT0dyIktTzVf0DVOTInMtsxMGy00su13OJQlIletZpSd6WmnM5aAsNcII0n0xOaFeNqp407YvbNEXWSJqhGbSw0oykAcFYUTPTTkKy9j7Hj6V_gHfW4fRLwqq1B0t8R3CZPnDCX7M4gMAh59pKr80VWd4kEfLxs0ocEkMe6CzSYQeEaVJ71R7kF8n-Dpcl87dDOjPmj2RMzAI-S4SMbEEMDUU9fmPTSMjhb-PwKZOYSIL36FdGrnIicXSes&sig=Cg0ArKJSzPoTGpT70PvREAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 27 Dec 2023 11:34:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
B30929751.379602263;dc_pre=CLqRz4HDr4MDFW6VrAIdkPUBuQ;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/ Frame 9FF1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/B30929751.379602263;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/B30929751.379602263;dc_pre=CLqRz4HDr4MDFW6VrAIdkPUBuQ;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rd...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/B30929751.379602263;dc_pre=CLqRz4HDr4MDFW6VrAIdkPUBuQ;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimpi/N346605.3349700DISPLAYVIDEO360/B30929751.379602263;dc_pre=CLqRz4HDr4MDFW6VrAIdkPUBuQ;dc_trk_aid=570665758;dc_trk_cid=203632421;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9FF1
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJSdPhCQ4MABGMj3y_wBIAEwAQ&v=APEucNW0xzDVp8xdeCOlDrJuh77_OLaJnYlg7gKvPnEwMdxE2Ki77xc4TMbYCTzTOM3TG9Ieynp-HlNlT_LrHwZg3dnrz0oKYpsXsZSLSPeD6R48f3ieXec
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYwL4DcmbzecMOil3Ks5DAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9kD1QHNDfp_gVBjXhtF8Y&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9kD1QHNDfp_gVBjXhtF8Y&google_cver=1
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN9IUtvRo27exNn1tlPX4EzHKJDfYUmtJi8txrCeTGoTYJ9Vx1M%2FLhRmzE7OQQHABfXkkGpUoRPIr26wMlfTNcY3IZsLvw7DjUE2PQcMVZAQqFFK1bumFEieGysom0FXfcigXaX4Vxc20A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83c141db39114035-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9kD1QHNDfp_gVBjXhtF8Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FF1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FF1 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXsomkcFebZqP_sNib40CGmwfbcL2e4B4igjQWtfrCW37ejKmcP5FI9yBshtfaThJ29jmV_94vTD4dW5iwUG6yRhaIiDK2HwrTA8fhotiyAWjsABuegvuxr6HfZpSiScHDxUv-QhFjiO_w66sHgNOkT6ZE&sai=AMfl-YR-qqWyaGCwSQVOcXgcb45Ce_-Rfiz0NVRZP0SeTy_OglAqaWhsq_TBTt3sCHtLBQJuX3FdZGluIp4LTiy4ltUixhAkm6khWGgm1HfDvTrcw8qTXaw9FitF49CPnFd7CtndupzW7OL5kK0Im7KH&sig=Cg0ArKJSzBIHnKy4w0N8EAE&cid=CAQSTgAvHhf_q6qV7A2SvKk1y6wImRk0thRgMfDuaJ9H5D-0TRseKTBY3rmRXRQSUNrgbzbpeFrspVX9w1UVz3GmJOveMd2zYC_6_91jYnse9BgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1703676895663&avm=1
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FF1 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE&sigh=hvw1FC8NEK8&label=vast_creativeview&ad_mt=6&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1703676895663
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9FF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lqnp8h5b&c=7750160486458&slotId=3875080243229&qqid=CIWct4DDr4MDFdOcSwUd5N8FFQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2087&mt=video%2Fmp4&vs=1024x576&dm=15000&ple=0&umsem=0&event_name=first_play&asset_bytes=199037&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1ty~ff.1uc~videopreviewstarted.1ue
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord37s34-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adBanner
www.mediacategory.com/servlet/ Frame BF8F 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//warning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
45852796f01005a5c42305b11950822ad3fb96fc3fc63f15f94cd387e478d03c

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Wed, 27 Dec 2023 11:34:55 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
close_video_bt.png
img.mobon.net/mediaCategory/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/mediaCategory/image/close_video_bt.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Nov 2018 05:59:00 GMT
Server
Apache
ETag
"3449e735-bec-57b3a9021b100"
X-Cache-Status
MISS, HIT
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3075
mobon_reset.css
img.mobon.net/Frtb/common/css/ Frame BF8F 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 05:49:42 GMT
Server
Apache
ETag
"280c94b2-238b-5e75ad4834980"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1650
jquery.js
img.mobon.net/Frtb/common/script/ Frame BF8F 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/script/jquery.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"301a1f13-16b3b-5935d7c49b480"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
32720
mobonStorage.js
img.mobon.net/js/ Frame BF8F 		508 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/mobonStorage.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Apr 2022 07:04:20 GMT
Server
Apache
ETag
"3449e472-1fc-5dd24b80d6500"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
247
webutil.js
img.mobon.net/newAd/common/ Frame BF8F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/common/webutil.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Apr 2018 04:47:59 GMT
Server
Apache
ETag
"2c19ee1d-dd0-56a1828c03dc0"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1339
frame_default_script_S.js
img.mobon.net/Frtb/js/ Frame BF8F 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/js/frame_default_script_S.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1fd104eb4c8e95ac89cfe6bd95e1855bd77a1bccf9e0c3e298097cdf13c2a4f4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2023 09:56:38 GMT
Server
Apache
ETag
"3c0ea509-7016-60c754cb68180"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3341
nr_type1.css
img.mobon.net/Frtb/common/css/ Frame BF8F 		1 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/nr_type1.css?124
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"280c94b3-436-5935d7c49b480"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
499
bounceRate.js
img.mobon.net/js/ Frame BF8F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/bounceRate.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Feb 2021 05:36:00 GMT
Server
Apache
ETag
"3449e414-bf1-5ba7c14217000"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1103
js-image-slider.js
img.mobon.net/rtb/js/ Frame BF8F 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/rtb/js/js-image-slider.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
a52cdad17a783fde261b1ab1cb4bbb5585f5ec0953526e394b58995664bab2b6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"28527657-7b98-5935d7c49b480"
X-Cache-Status
MISS, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
8304
mobonLogo02.png
img.mobon.net/newAd/img/logoImg/ Frame BF8F 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/newAd/img/logoImg/mobonLogo02.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Aug 2018 00:58:34 GMT
Server
Apache
ETag
"100dd016-287-57382f1400280"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
670
20231226102714-l724YwVr4s-300x250.jpg
img.mobon.net/ad/imgfile// Frame BF8F 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20231226102714-l724YwVr4s-300x250.jpg
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
3852d3949feca26e79c84b673282422e39fc51e41bbe62f984c9e48507667174

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Dec 2023 01:27:44 GMT
Server
Apache
ETag
"35dd8e3a-a702-60d5f96de45ac"
X-Cache-Status
HIT, HIT
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
42351
20231207115535-6zdDum7TBk-300x250.png
img.mobon.net/ad/imgfile// Frame BF8F 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20231207115535-6zdDum7TBk-300x250.png
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1968988d9b2ff633600614a8db44d390f8c3dd855c97d6c027ee438d7433983f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 02:55:52 GMT
Server
Apache
ETag
"2e6c6f80-1be95-60be29b0b7e00"
X-Cache-Status
MISS, HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
20231108192447-pDAofp9bcL-336x280.png
img.mobon.net/ad/imgfile// Frame BF8F 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20231108192447-pDAofp9bcL-336x280.png
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//warning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
2c99f8eeb2d4bd5b270a99d7fdc29af322eb9625084728f9e22131a383186c9c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:34:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 10:29:57 GMT
Server
Apache
ETag
"18ca40d6-2ab05-609a191935340"
X-Cache-Status
MISS, HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FF1 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXsomkcFebZqP_sNib40CGmwfbcL2e4B4igjQWtfrCW37ejKmcP5FI9yBshtfaThJ29jmV_94vTD4dW5iwUG6yRhaIiDK2HwrTA8fhotiyAWjsABuegvuxr6HfZpSiScHDxUv-QhFjiO_w66sHgNOkT6ZE&sai=AMfl-YR-qqWyaGCwSQVOcXgcb45Ce_-Rfiz0NVRZP0SeTy_OglAqaWhsq_TBTt3sCHtLBQJuX3FdZGluIp4LTiy4ltUixhAkm6khWGgm1HfDvTrcw8qTXaw9FitF49CPnFd7CtndupzW7OL5kK0Im7KH&sig=Cg0ArKJSzBIHnKy4w0N8EAE&cid=CAQSTgAvHhf_q6qV7A2SvKk1y6wImRk0thRgMfDuaJ9H5D-0TRseKTBY3rmRXRQSUNrgbzbpeFrspVX9w1UVz3GmJOveMd2zYC_6_91jYnse9BgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D2006,0,0,0,0%26mtos%3D2006,2006,2006,2006,2006%26amtos%3D0,0,0,0,0%26mcvt%3D2006%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2207%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D240%26dur%3D15018%26vmtime%3D2213%26dtos%3D2006%26dtoss%3D1%26dvs%3D2006%26dfvs%3D2006%26dvpt%3D2207%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2006&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMMPJ6F50B&gtm=45je3bt0v867488053&_p=1703676892767&gcd=11l1l1l1l1&dma=0&cid=897828989.1703676893&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703676893&sct=1&seg=0&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&dr=http%3A%2F%2Fwarning.o-r.kr%2F&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&en=scroll&epn.percent_scrolled=90&_et=5&tfd=5753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
94dae39411ec2444e2e85190f080e5a8c909c50e49fd9638819b1153ca3ad4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12251
x-xss-protection
0
file.mp4
r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9FF1 		79 KB
80 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4F268B9F562A341855B107823F69D90102D0AB52.30B8D1EB365C7FDFE0EE03B5C5397E81E8C19A63/key/cms1/cms_redirect/yes/mh/WL/mip/116.86.35.127/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1703676527/mv/m/mvi/4/pl/19/file/file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.164.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin10s24-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
211a364f375f31cad570228730c5e65973245d157f094bf94358f5640a8b581d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=4210702-

Response headers

Date
Wed, 27 Dec 2023 11:34:58 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 4210702-4292074/4292075
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
81373
Last-Modified
Wed, 01 Nov 2023 07:54:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Wed, 27 Dec 2023 11:34:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Dec 2023 11:34:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C8A8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
32641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 02:30:57 GMT
expires
Thu, 26 Dec 2024 02:30:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A4A0 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.104 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
b6ef12d78aca7ea72a4a4c71822209323483917eb91ac6ec26954b78e49a61fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cDU8qlPlvBzujYY7WOX2WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cDU8qlPlvBzujYY7WOX2WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 11:34:59 GMT
expires
Wed, 27 Dec 2023 11:34:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C8A8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:27:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
11256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 08:27:22 GMT
generate_204
tpc.googlesyndication.com/ Frame C8A8 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1JG81w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:34:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A4A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1384719134000142&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1384719134000142&bg=!ZGelZyjNAAY3kmNgF5I7ADQBe5WfOGsCbg2EcoZLf3PE2cuB2kQomZBNr8LL_mA8RNrvLf0ZKzOfYZNOso4y6apauT12AgAAAGpSAAAAA2gBBwoAi0qaxpB2GTtcyfeenN4csOmtPNQ6pEGwxkhFJVWRKOXStk0tTwkqPqt-FEh0HoZtO4oyV01U-z1vN26HNWCgq8JNynFdlCSBmLo6YShNGh2FxobA2tziVcvZtYY_nEWriUJPBKBqRL5GMJ-My43rI6PKjMGXv7FrJMJlg7KbtnZz3dzniBQYitvfHeSZAvgq70kuEdDSvebtoWoGnCk57F0hYihb80M4ejSmtlC2kJnPtTtoEAzsRntJj4FKSwCuMXpfkeXq0_J4isLKrwQBlchX9LIx3X3yeiWZWancyhcLsw6qY6_c0XN1gIbpvA11zVR0o72OTmvgNwCJvEuArEpDVTmRn39CqC2_IXQzxkFZ1L2S7hlEWueT7MdnTFrLsFx6QKV21R5XDWbqp0BGCc1QKqZcXSk-Q9LZAZX808rxmJLPU5xHdgl_oPkpx-q_BSqkQ-R1KU1PiUSj36MNnz-I7UGb-24IWQKGd5Ih8PaUpze4LblrcNdpvJ5b-evFynyPbrkYsyjn-b5Z1PcLh6SUG_4yMpWalSjgKr7KmVp4fdbL7pWJ2eO51eXqJ_SjgUWYHEZsjDZRM1qEdiZFt-PPO51tDsZDhKwG-hrm66453_UccCqttmviNIsW0DCY4lR_VMBaUTbpvaPhm1Tm4UgMxqzvvNvKMfU8fp_luxRcEdK1PsDSIL-csf3DRuyItkX5haGVCrL0Kcjv9axGnk0HVKY-FtlVcD76cZABHnw3AaFZENPk67y9qyDkrL-RIlh4WrBUUTTNhmkzqJAe4K4PC4RdT9MM8ZIxz71oxelE0t4iUqhEajJbJXIFuodwWjBc_ek4cwIlI5A-tYtoyqkyYNKuJMG7vdQsTTTD8rcwXUmCiY0E9CcrjzesxQ78pICA-r-6K7hOjRxPBhnin7-ScvYcWpigwdGp8JhaG416YL0NO1wHOW304zuDVgA5fwjmcbXXDjKSoPnVA60BkfAHCWyMXfsYjWDXMcgwd3Xr76KkG2ovMmD1tvg-i6UNSRJYo9mS-nHxNvLLaTpdcM5GWakQe46SZpTmdXzErnKHrBupKFTMz5Xs65oTjjbSjohfce0X9sEpBXKoSXa8WfiWCroo7b8dZvNpUyqJDZ_vvy-x1pq-46cyV-hu9sO8rG1nNb08fVBS1BjRh8_jxL492X660rRs1OBcslj9t0zDGFwdqAFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D202311...
ade.googlesyndication.com/ddm/activity/ Frame 9FF1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D3705,0,0,0,0%26mtos%3D3705,3705,3705,3705,3705%26amtos%3D0,0,0,0,0%26mcvt%3D3705%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3906%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D240%26dur%3D15018%26vmtime%3D3913%26dtos%3D1699%26dtoss%3D2%26dvs%3D1699%26dfvs%3D1699%26dvpt%3D1699%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3705,3705,3705,3705,3705%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3705;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FF1 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE&sigh=hvw1FC8NEK8&label=videoplaytime25&ad_mt=3913&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D3705,0,0,0,0%26mtos%3D3705,3705,3705,3705,3705%26amtos%3D0,0,0,0,0%26mcvt%3D3705%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3906%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D240%26dur%3D15018%26vmtime%3D3913%26dtos%3D1699%26dtoss%3D2%26dvs%3D1699%26dfvs%3D1699%26dvpt%3D1699%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3705,3705,3705,3705,3705%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3705&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:34:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20231207115535-6zdDum7TBk-300x250.png
img.mobon.net/ad/imgfile// Frame BF8F 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20231207115535-6zdDum7TBk-300x250.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1968988d9b2ff633600614a8db44d390f8c3dd855c97d6c027ee438d7433983f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:35:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 02:55:52 GMT
Server
Apache
ETag
"2e6c6f80-1be95-60be29b0b7e00"
X-Cache-Status
MISS, HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D202311...
ade.googlesyndication.com/ddm/activity/ Frame 9FF1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D7423,0,0,0,0%26mtos%3D7423,7423,7423,7423,7423%26amtos%3D0,0,0,0,0%26mcvt%3D7423%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7624%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D240%26dur%3D15018%26vmtime%3D7632%26dtos%3D3718%26dtoss%3D3%26dvs%3D3718%26dfvs%3D3718%26dvpt%3D3718%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3718,3718,3718,3718,3718%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7423;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:35:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FF1 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE&sigh=hvw1FC8NEK8&label=videoplaytime50&ad_mt=7632&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D7423,0,0,0,0%26mtos%3D7423,7423,7423,7423,7423%26amtos%3D0,0,0,0,0%26mcvt%3D7423%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7624%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D240%26dur%3D15018%26vmtime%3D7632%26dtos%3D3718%26dtoss%3D3%26dvs%3D3718%26dfvs%3D3718%26dvpt%3D3718%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3718,3718,3718,3718,3718%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7423&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1703676893&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703676893196&bpp=3&bdt=466&idt=75&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=3552868678499&frm=20&pv=2&ga_vid=897828989.1703676893&ga_sid=1703676893&ga_hid=45509335&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809003%2C44807406%2C95320884&oid=2&pvsid=1384719134000142&tmod=2123164846&uas=0&nvt=1&ref=http%3A%2F%2Fwarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Dec 2023 11:35:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20231108192447-pDAofp9bcL-336x280.png
img.mobon.net/ad/imgfile// Frame BF8F 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20231108192447-pDAofp9bcL-336x280.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.225.75.78 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
2c99f8eeb2d4bd5b270a99d7fdc29af322eb9625084728f9e22131a383186c9c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 27 Dec 2023 11:35:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 10:29:57 GMT
Server
Apache
ETag
"18ca40d6-2ab05-609a191935340"
X-Cache-Status
MISS, HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D202311...
ade.googlesyndication.com/ddm/activity/ Frame 9FF1 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9FF1 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1s72gMOvgwMVE2ErCh3-rgddEAAYACCE97thQhMIhZy3gMOvgwMV05xLBR3k3wUV;dc_eps=AHas8cB6Dckyxyd-anbsn14M3dRvWe3CH2Ft1NvdM38RFU3FqpLElz64AH2g2H02M83EjpvQYRQY9HNQeA;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D11141,0,0,0,0%26mtos%3D11141,11141,11141,11141,11141%26amtos%3D0,0,0,0,0%26mcvt%3D11141%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11342%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D240%26dur%3D15018%26vmtime%3D11351%26dtos%3D3718%26dtoss%3D4%26dvs%3D3718%26dfvs%3D3718%26dvpt%3D3718%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3718,3718,3718,3718,3718%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11141;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663;ecn1=1;etm1=0;eid1=960585;
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEvcK3QuMZcW5I9O5rtoP5L-XqAG_utSDdZ2Xuvb5EZ2Oyt-uMhABIMzUtyRgvwWgAdqglvkCyAEFqQIrZr7qA12pPqgDAcgDmwSqBIQCT9DdKGgsMRhfAJmRuM56MDkKYNtBIN7W-ksERoxmxWqw3MbX2Vs8dfzQWxyt-RADINTyxQoxs9kUNgOYDWr3_FtnvszTyq8O9O-GHMKPhq_RIYrevwVzeEqOM7HsXABig6xQa73QpEFdmxTyWTMdNkaO6vv0xYV4oD2ls2kiQlYTrFh6qt4GcaCV9FBYr_lCPYun36Pd0sduvuqmyl5Mt7bfkv8GgolI2Mb2DB9kXds_rt1phDwOP-UxZ6NwRZ5_K22Or1B9vCH2m2DOvnnwiCy9YHiI-Gfaz5fYqh-zShmz8q2x2lv-r1ktLe10ICqIlq9BIjfeJoP063ra2HKgVSlm2c3ABO3I86O2BOAEA4gFndCanE2QBgGgBnaAB47f6YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYw_G2gMOvgwOACgHICwHgCwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CU0ewE6OY2xXQEwDYEwOIFAPYFAHQFQH4FgGAFwE&sigh=hvw1FC8NEK8&label=videoplaytime75&ad_mt=11351&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,233,273,706%26tos%3D11141,0,0,0,0%26mtos%3D11141,11141,11141,11141,11141%26amtos%3D0,0,0,0,0%26mcvt%3D11141%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11342%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D240%26dur%3D15018%26vmtime%3D11351%26dtos%3D3718%26dtoss%3D4%26dvs%3D3718%26dfvs%3D3718%26dvpt%3D3718%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3718,3718,3718,3718,3718%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D57208534%26psm%3D4095%26psv%3D4094%26psfv%3D4094%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11141&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1703676895663

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| $ function| jQuery function| Ajax function| captcha_get function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| mobonMdScript number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ad_data function| mf_close function| mobon_postMessage function| mobon_animate object| wp_util object| wp_Toast undefined| wp_adbn_object function| resize object| defaults object| options object| productTypeValues object| platformTypeValues function| enlipleMBSHandler object| googletag object| across_adn_ad_data string| wp_rcFloat

14 Cookies

Domain/Path Name / Value
xn--220b31d95hq8o.xn--3e0b707e/ Name: PHPSESSID
Value: fro99dja2tclg3sdhntp7ngds2
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga
Value: GA1.1.897828989.1703676893
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga_FMMPJ6F50B
Value: GS1.1.1703676893.1.0.1703676893.0.0.0
.mediacategory.com/ Name: Start_Time
Value: "2023122720"
.mediacategory.com/ Name: s_IP_info
Value: "116.86.35.127.995146"
.mediacategory.com/ Name: s_au_id
Value: "415d48f121e93c80767efa4e18cab0940171c3c"
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gads
Value: ID=5967c814ca461a86:T=1703676893:RT=1703676893:S=ALNI_Ma34NzTxpk0ZevXkyKaM_TlNu4DHw
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gpi
Value: UID=00000cc6efdcc056:T=1703676893:RT=1703676893:S=ALNI_MYzy6lfY7a5_Tmd2hkq-pE5lXy3OA
.doubleclick.net/ Name: IDE
Value: AHWqTUm6mJro8DERfQYrx8o6TaizqwckrCKNadSHQJHj_suT2TuMRd40lResOR9NGTM
.doubleclick.net/ Name: APC
Value: AfxxVi6SKx3ajrmhfNk0bpRRTOFl0bFFWDXy8RZjjsHxFxywQm91tg
.kn.acrosspf.com/ Name: rb_adn_uid
Value: rb-adn-1-a650bf6bad788fd6772f8277b8a79860
.casalemedia.com/ Name: CMID
Value: ZYwL4DcmbzecMOil3Ks5DAAA
.casalemedia.com/ Name: CMPS
Value: 4958
.casalemedia.com/ Name: CMPRO
Value: 4958

3 Console Messages

Source Level URL
Text
javascript warning URL: https://xn--220b31d95hq8o.xn--3e0b707e/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mediacategory.com/servlet/adMediation?from=http%3A//warning.o-r.kr/&s=132364&platform=W, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://xn--220b31d95hq8o.xn--3e0b707e/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mediacategory.com/servlet/adMediation?from=http%3A//warning.o-r.kr/&s=132364&platform=W, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://r4---sn-npoe7nlz.c.2mdn.net/videoplayback/id/9783c95d6c70cfb0/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735212894/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4F268B9F562A341855B107823F69D90102D0AB52.30B8D1EB365C7FDFE0EE03B5C5397E81E8C19A63/key/cms1/cms_redirect/yes/mh/WL/mip/116.86.35.127/mm/42/mn/sn-npoe7nlz/ms/onc/mt/1703676527/mv/m/mvi/4/pl/19/file/file.mp4
Message:
Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bet365.kro.kr
bid.g.doubleclick.net
cdn.megadata.co.kr
cm.g.doubleclick.net
csi.gstatic.com
dsp.mobwithad.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
img.mobon.net
kn.acrosspf.com
pagead2.googlesyndication.com
r4---sn-npoe7nlz.c.2mdn.net
tpc.googlesyndication.com
warning.o-r.kr
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
ade.googlesyndication.com
googleads.g.doubleclick.net
104.18.36.155
119.205.238.29
13.226.120.75
139.99.90.56
142.250.190.67
142.251.10.157
142.251.12.100
142.251.175.97
172.104.112.214
172.217.194.132
172.217.194.95
211.62.59.141
216.239.34.178
58.225.75.78
64.233.170.155
64.233.170.94
74.125.130.104
74.125.164.41
74.125.200.154
74.125.24.149
74.125.24.156
74.125.24.95
74.125.68.156
0188d7bc54d161e9256ea9de9151a7a8b973118912e96db7c992538ce43c94b1
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca
0b703915a7fb91a4d7ee229a8acdedc6105fc640fe99372b66dec92fc01c6904
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1968988d9b2ff633600614a8db44d390f8c3dd855c97d6c027ee438d7433983f
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
1fd104eb4c8e95ac89cfe6bd95e1855bd77a1bccf9e0c3e298097cdf13c2a4f4
211a364f375f31cad570228730c5e65973245d157f094bf94358f5640a8b581d
231f867308c6ed574bfc896131ba817c745d1779d9c0fe4f2e7e2af847ba0575
26de461f0a2ae10341bd3bd347dde766ab1b227938af6459404ae59290a335c9
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2c99f8eeb2d4bd5b270a99d7fdc29af322eb9625084728f9e22131a383186c9c
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec
3852d3949feca26e79c84b673282422e39fc51e41bbe62f984c9e48507667174
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a
45852796f01005a5c42305b11950822ad3fb96fc3fc63f15f94cd387e478d03c
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55
5345fdcf817c00db0461e4ce0b5f150726de08d4ca061a67eac3570b240e1b90
5573ce64ff8d775ed110e4864e1306aceceef140cc354f6f6b609f2fd7270c07
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c1bdeac278664b556439382eee31a2464e887460ef1b89d0372cd60c3b08e45
5e17c3d35069b7842c66acae3f395ecf7e67e6abfb7bd9d73eae550b11f1dd33
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
8963131bfa035889c83722d8fce186c649333cdf0e407378c1f8c5792a04fae2
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
94dae39411ec2444e2e85190f080e5a8c909c50e49fd9638819b1153ca3ad4a3
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
a52cdad17a783fde261b1ab1cb4bbb5585f5ec0953526e394b58995664bab2b6
ab1f501673487960bd4dff4e754eb49ecaefd06d61682c67b7f0363e9a7ca19e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6ef12d78aca7ea72a4a4c71822209323483917eb91ac6ec26954b78e49a61fc
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c
c2763ff692066bf5e9919b2648b4159fd1da41b0409af9f10cfeba6bf0802756
d56d2ceff46002096a2db3023cacaf4c21415d7f83657831a02fa4adefb446d6
d923fdf93238e846a2a27517051e20db6b34314c71351e9665c74be8230dde9f
dc47a6b59fa3673cc2112c974272bf92ce87162170ac84d141eed3bd296c9a01
ddc4d575bb1046f3282978f52483517eaaa4b26517d192c5356b3c5967355d35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615