urlscan.io logo urlscan.io
SecurityTrails logo

ms-paint.en.softonic.com Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://ms-paint.en.softonic.com/
Submission: On December 07 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 9 countries across 84 domains to perform 281 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ms-paint.en.softonic.com.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 23rd 2022. Valid for: a year.
This is the only time ms-paint.en.softonic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 35.227.233.104 396982 (GOOGLE-CL...)
3 2404:6800:400... 15169 (GOOGLE)
13 2404:6800:400... 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
16 151.101.1.91 54113 (FASTLY)
32 2600:1413:1:5... 20940 (AKAMAI-ASN1)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 13.107.21.200 8068 (MICROSOFT...)
1 2404:6800:400... 15169 (GOOGLE)
1 13.226.114.49 16509 (AMAZON-02)
3 18.67.184.126 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
3 141.95.98.65 16276 (OVH)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 13.224.250.125 16509 (AMAZON-02)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 74.125.200.148 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2404:6800:400... 15169 (GOOGLE)
2 54.251.97.106 16509 (AMAZON-02)
1 199.232.194.49 54113 (FASTLY)
1 2600:9000:20b... 16509 (AMAZON-02)
8 2600:1413:b00... 20940 (AKAMAI-ASN1)
2 2404:6800:400... 15169 (GOOGLE)
1 182.161.73.136 55569 (CRITEO-AS...)
2 162.19.138.82 16276 (OVH)
12 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 99.86.178.41 16509 (AMAZON-02)
1 13.33.96.216 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
2 15 52.46.155.104 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
1 51.79.154.9 16276 (OVH)
7 7 74.118.186.107 6336 (TURN-US-ASN)
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
2 35.79.54.63 16509 (AMAZON-02)
2 8 172.64.151.101 13335 (CLOUDFLAR...)
3 104.65.228.208 16625 (AKAMAI-AS)
4 23.52.114.50 16625 (AKAMAI-AS)
2 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.105.12.143 30633 (LEASEWEB-...)
2 2 35.71.178.8 16509 (AMAZON-02)
13 20 69.173.158.64 26667 (RUBICONPR...)
4 67.199.150.81 62713 (AS-PUBMATIC)
8 8 35.71.131.137 16509 (AMAZON-02)
2 2 211.120.53.201 4694 (IDCF IDC ...)
2 2 13.225.103.115 16509 (AMAZON-02)
10 14 142.251.175.155 15169 (GOOGLE)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 119.9.108.211 45187 (RACKSPACE...)
6 207.65.33.82 62713 (AS-PUBMATIC)
1 34.124.209.251 396982 (GOOGLE-CL...)
2 4 2406:da18:929... 16509 (AMAZON-02)
13 67.199.150.86 62713 (AS-PUBMATIC)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 2 44.198.9.46 14618 (AMAZON-AES)
2 2 99.86.159.35 16509 (AMAZON-02)
2 2 198.8.71.130 ()
4 6 35.244.154.8 ()
5 5 13.228.126.19 16509 (AMAZON-02)
2 3 151.101.2.49 54113 (FASTLY)
4 4 64.202.112.63 22075 (AS-OUTBRAIN)
1 2 18.138.164.19 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 67.220.228.201 16509 (AMAZON-02)
2 2 54.249.237.55 16509 (AMAZON-02)
1 52.77.135.86 16509 (AMAZON-02)
1 1 2600:9000:20c... 16509 (AMAZON-02)
1 1 13.224.250.83 16509 (AMAZON-02)
1 99.86.178.48 16509 (AMAZON-02)
2 2 54.162.155.223 14618 (AMAZON-AES)
1 23.209.46.77 20940 (AKAMAI-ASN1)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
3 4 103.43.90.54 29990 (ASN-APPNEX)
15 54.238.120.71 16509 (AMAZON-02)
5 5 35.213.12.39 15169 (GOOGLE)
4 5 185.84.60.20 198622 (ADFORM)
2 2 54.147.41.158 14618 (AMAZON-AES)
2 169.197.150.7 398989 (DEEPINTENT)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 1 23.106.127.38 59253 (LEASEWEB-...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.50.93.199 16625 (AKAMAI-AS)
5 207.65.34.74 62713 (AS-PUBMATIC)
1 1 51.255.68.171 ()
1 1 2620:116:800e... ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
1 1 18.138.18.111 ()
1 2 35.186.193.173 ()
1 1 182.161.73.146 ()
1 1 82.145.213.8 ()
1 1 139.162.40.113 ()
2 2 2a02:fa8:c411... ()
1 220.150.223.50 ()
1 35.79.54.179 ()
1 3.1.14.27 ()
1 2 2606:4700::68... ()
1 1 35.214.145.153 ()
1 195.5.165.20 ()
2 2 122.248.253.6 ()
281 81
9    35.227.233.104 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 104.233.227.35.bc.googleusercontent.com
ms-paint.en.softonic.com
softonic.com
3    2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2404:6800:4003:c00::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    2404:6800:4003:c1c::6a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com
16    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
articles-images.sftcdn.net
32    2600:1413:1:5a0::29cc (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
2    2a03:2880:f00c:212:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2404:6800:4003:c01::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    13.226.114.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-114-49.hkg62.r.cloudfront.net
www.datadoghq-browser-agent.com
3    18.67.184.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-184-126.kul50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    13.224.250.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-125.sin52.r.cloudfront.net
tags.crwdcntrl.net
3    2404:6800:4003:c03::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
1    2404:6800:4003:c1c::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    74.125.200.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f148.1e100.net
ad.doubleclick.net
1    2404:6800:4003:c03::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2404:6800:4003:c04::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2404:6800:4003:c1c::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com.sg
1    2404:6800:4003:c05::cf (Singapore, Singapore)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2406:2600:7:100::9 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    2404:6800:4003:c1c::64 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
ampcid.google.com.sg
2    54.251.97.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-97-106.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    199.232.194.49 (United States)

ASN54113 (FASTLY, US)
a.disquscdn.com
1    2600:9000:20b4:a200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
8    2600:1413:b000:1b::17d7:717 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
articles-img.sftcdn.net
2    2404:6800:4003:c0f::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
12    2404:6800:4003:c01::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2404:6800:4003:c05::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    99.86.178.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-178-41.kul50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.33.96.216 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-96-216.sin2.r.cloudfront.net
aax.amazon-adsystem.com
2    2404:6800:4003:c02::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    2404:6800:4003:c05::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2404:6800:4003:c1a::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    51.79.154.9 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip9.ip-51-79-154.net
onetag-sys.com
7    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    35.79.54.63 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-54-63.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    104.65.228.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.52.114.50 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-114-50.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
20    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    67.199.150.81 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    211.120.53.201 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.225.103.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-115.hkg60.r.cloudfront.net
cr-p3.ladsp.com
14    142.251.175.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f155.1e100.net
cm.g.doubleclick.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    119.9.108.211 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
6    207.65.33.82 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    34.124.209.251 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
4    2406:da18:929:5a03:96e9:65cd:3831:2d60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
13    67.199.150.86 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    44.198.9.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-9-46.compute-1.amazonaws.com
i.liadm.com
2    99.86.159.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-35.mxp64.r.cloudfront.net
live.rezync.com
2    198.8.71.130 (None, )

ASN- ()
p.rfihub.com
6    35.244.154.8 (None, )

ASN- ()
idsync.rlcdn.com
5    13.228.126.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    18.138.164.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-164-19.ap-southeast-1.compute.amazonaws.com
dpm.demdex.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.249.237.55 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-237-55.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    52.77.135.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    2600:9000:20c7:a200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    13.224.250.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-83.sin52.r.cloudfront.net
sync.intentiq.com
1    99.86.178.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-178-48.kul50.r.cloudfront.net
sync1.intentiq.com
2    54.162.155.223 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-155-223.compute-1.amazonaws.com
sync.ipredictive.com
1    23.209.46.77 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-209-46-77.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
4    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
15    54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
5    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
5    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    54.147.41.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-41-158.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.50.93.199 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-199.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
5    207.65.34.74 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    51.255.68.171 (None, )

ASN- ()
dsp.nrich.ai
1    2620:116:800e:21:6c50:dbee:bef5:203d (None, )

ASN- ()
cms.quantserve.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    139.162.40.113 (None, )

ASN- ()
gocm.c.appier.net
2    2a02:fa8:c411:12::1050 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    220.150.223.50 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    35.79.54.179 (None, )

ASN- ()
dps.jp.cinarra.com
1    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    35.214.145.153 (None, )

ASN- ()
csync.loopme.me
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
2    122.248.253.6 (None, )

ASN- ()
pm.w55c.net
Apex Domain
Subdomains		 Transfer
56 sftcdn.net
sc.sftcdn.net — Cisco Umbrella Rank: 100634
images.sftcdn.net — Cisco Umbrella Rank: 83321
articles-images.sftcdn.net — Cisco Umbrella Rank: 867622
articles-img.sftcdn.net — Cisco Umbrella Rank: 214563
492 KB
31 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage2.pubmatic.com — Cisco Umbrella Rank: 723
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com
41 KB
31 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
206 KB
26 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
44 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
82 KB
19 googlesyndication.com
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
422 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
5 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
ampcid.google.com — Cisco Umbrella Rank: 2783
analytics.google.com — Cisco Umbrella Rank: 152
108 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
4 KB
9 softonic.com
ms-paint.en.softonic.com
softonic.com — Cisco Umbrella Rank: 70473
224 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
3 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
5 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 rlcdn.com
idsync.rlcdn.com
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
3 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
255 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com
8 KB
4 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13820
ampcid.google.com.sg — Cisco Umbrella Rank: 118381
999 B
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
cdn.id5-sync.com — Cisco Umbrella Rank: 893
36 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 931
api.btloader.com — Cisco Umbrella Rank: 1000
18 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
901 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 287
fonts.googleapis.com — Cisco Umbrella Rank: 29
9 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
13 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
14 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
269 KB
2 w55c.net
pm.w55c.net
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
745 B
2 ctnsnet.com
ipac.ctnsnet.com
664 B
2 pippio.com
pippio.com
881 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
883 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
83 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
523 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
958 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 rfihub.com
p.rfihub.com
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
738 B
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6175
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
581 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
1003 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
952 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
567 B
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9019
998 B
2 disquscdn.com
a.disquscdn.com — Cisco Umbrella Rank: 14745
c.disquscdn.com — Cisco Umbrella Rank: 5837
6 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1018
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
216 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
1 iprom.net
core.iprom.net
279 B
1 loopme.me
csync.loopme.me
226 B
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
38 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 appier.net
gocm.c.appier.net
438 B
1 opera.com
t.adx.opera.com
552 B
1 ambientdsp.com
cm.ambientdsp.com
655 B
1 linksynergy.com
tags.rd.linksynergy.com
406 B
1 quantserve.com
cms.quantserve.com
593 B
1 nrich.ai
dsp.nrich.ai
583 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
817 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
646 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
557 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
280 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
756 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
610 B
1 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
220 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
198 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1445
48 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 4719
591 B
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
281 84
Domain Requested by
32 images.sftcdn.net ms-paint.en.softonic.com
15 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
15 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
rtb.gumgum.com
15 sc.sftcdn.net ms-paint.en.softonic.com
sc.sftcdn.net
14 cm.g.doubleclick.net 10 redirects u.openx.net
s.amazon-adsystem.com
rtb.gumgum.com
13 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
13 simage2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
13 securepubads.g.doubleclick.net ms-paint.en.softonic.com
securepubads.g.doubleclick.net
sc.sftcdn.net
www.datadoghq-browser-agent.com
www.googletagservices.com
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
8 match.adsrvr.org 8 redirects
8 articles-img.sftcdn.net ms-paint.en.softonic.com
8 www.google.com ms-paint.en.softonic.com
www.google.com
securepubads.g.doubleclick.net
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 idsync.rlcdn.com 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 image2.pubmatic.com ads.pubmatic.com
6 ms-paint.en.softonic.com softonic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 x.bidswitch.net 5 redirects
5 ups.analytics.yahoo.com 5 redirects
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 sync.1rx.io 5 redirects
4 simage4.pubmatic.com ads.pubmatic.com
4 b1sync.zemanta.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 image6.pubmatic.com ads.pubmatic.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
4 pagead2.googlesyndication.com www.googletagservices.com
4 www.googletagservices.com securepubads.g.doubleclick.net
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 us-u.openx.net 1 redirects u.openx.net
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
rtb.gumgum.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.google.com.sg ms-paint.en.softonic.com
3 api.btloader.com btloader.com
www.datadoghq-browser-agent.com
3 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 id5-sync.com softonic.com
www.datadoghq-browser-agent.com
3 c.amazon-adsystem.com softonic.com
www.datadoghq-browser-agent.com
3 bat.bing.com ms-paint.en.softonic.com
bat.bing.com
3 softonic.com ms-paint.en.softonic.com
softonic.com
3 www.googletagmanager.com ms-paint.en.softonic.com
www.googletagmanager.com
2 pm.w55c.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 pippio.com 2 redirects
2 creativecdn.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ib.adnxs.com 1 redirects s.amazon-adsystem.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 sync.ipredictive.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 eb2.3lift.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 fonts.googleapis.com 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
2 lb.eu-1-id5-sync.com softonic.com
www.datadoghq-browser-agent.com
2 afs.googleusercontent.com www.google.com
2 gum.criteo.com 1 redirects static.criteo.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
2 ad-delivery.net ms-paint.en.softonic.com
2 www.facebook.com ms-paint.en.softonic.com
2 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
2 connect.facebook.net ms-paint.en.softonic.com
connect.facebook.net
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 t.adx.opera.com 1 redirects
1 dis.criteo.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 hb.yahoo.net s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 match.sharethrough.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 ssbsync-us.smartadserver.com 1 redirects
1 onetag-sys.com s.amazon-adsystem.com
1 cdn.id5-sync.com ms-paint.en.softonic.com
1 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 mug.criteo.com ms-paint.en.softonic.com
1 articles-images.sftcdn.net ms-paint.en.softonic.com
1 c.disquscdn.com ms-paint.en.softonic.com
1 a.disquscdn.com ms-paint.en.softonic.com
1 bcp.crwdcntrl.net www.datadoghq-browser-agent.com
1 ampcid.google.com.sg www.datadoghq-browser-agent.com
1 storage.googleapis.com ms-paint.en.softonic.com
1 analytics.google.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 ad.doubleclick.net ms-paint.en.softonic.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 btloader.com softonic.com
1 www.datadoghq-browser-agent.com softonic.com
1 partner.googleadservices.com www.google.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
281 127

This site contains links to these domains. Also see Links.

Domain
en.softonic.com
roblox.en.softonic.com
chrome.en.softonic.com
best.en.softonic.com
free-pdf-tools.en.softonic.com
www.softonic-ar.com
de.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
images.sftcdn.net
support.microsoft.com
www.facebook.com
x.com
api.whatsapp.com
formfacade.com
ms-paint.softonic.com.tr
ms-paint.softonic-th.com
ms-paint.softonic.kr
ms-paint.fr.softonic.com
ms-paint.softonic.cn
ms-paint.softonic.com.br
ms-paint.softonic.vn
ms-paint.softonic.ru
ms-paint.softonic.nl
ms-paint.softonic-id.com
ms-paint.softonic.jp
ms-paint.softonic.com
ms-paint.softonic-ar.com
ms-paint.it.softonic.com
ms-paint.de.softonic.com
ms-paint.softonic.pl
autocad.en.softonic.com
adobe-photoshop-lightroom.en.softonic.com
adobe-xd.en.softonic.com
painttool-sai.en.softonic.com
powerpaint.en.softonic.com
ez-paint.en.softonic.com
paint.en.softonic.com
mypaint.en.softonic.com
microsoft-paint-3d.en.softonic.com
paint-net.en.softonic.com
hatzek-color-picker.en.softonic.com
blockbench.en.softonic.com
macromedia-flash-8.en.softonic.com
vovsoft-image-combiner.en.softonic.com
blender.en.softonic.com
canva.en.softonic.com
nvidia-canvas.en.softonic.com
trapcode-particular.en.softonic.com
sketchup-make.en.softonic.com
figma.en.softonic.com
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.instagram.com
www.linkedin.com
fetchrss.com
Subject Issuer Validity Valid
*.softonic.com
Don Dominio / MrDomain RSA DV CA		 2022-12-23 -
2023-12-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
s4-san.cloudinary.com
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-15 -
2023-12-14		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
btloader.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-11 -
2024-08-11		 a year crt.sh
a.disquscdn.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-27		 a year crt.sh
s1-sni.cloudinary.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-02-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh

This page contains 52 frames:

Primary Page: https://ms-paint.en.softonic.com/
Frame ID: 4A7CDA8B12965E26A6A65FD8245807DB
Requests: 123 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r4&nocache=5151701938676598&num=0&output=afd_ads&domain_name=ms-paint.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=480&dt=1701938676599&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=7204&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Fms-paint.en.softonic.com%2F
Frame ID: 72E438B48FF73A1917E4F8C8209B655F
Requests: 4 HTTP requests in this frame

Frame: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8EED267C8C3BF5480E2E1581DF36DC4A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ms-paint.en.softonic.com
Frame ID: E28C1CAAF8E77D25613241B572149088
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_vFOxCk019aRLkycAhsSoo_xX0V906F5YyAe0djydEGfQAsvs-wBFJIkrnkGS1tT6iGeAdQqSaTRsRc7ebFow5y6fZu6rlX255VzuGX3GgwwCiGGKXrZETZUg1Bdly_en1tCSAJHTuZ2NJhafHrvP8hySdVwEABv_KC2mRye2Nc_4ev29nwXxW2_yNvw0Ruzy0INBZillnuh3CPTkMcSbvH2f2bXKlIiChLU-Gq97-XmbRmDAjZzD3BBBi_dPyLAVleYhaNOlxycmBdwexRSC2sfFChm2vReClK7YA-ndK0Cqsrc1_z1oACsQCHVhCO5-Ue2zkn1xZfd4NJ9WJa_xoDIlQ2SE4mIY3jXZ72a1_rl0jMvZ-CkOKNPsNtwewb7E3U5uKdj6osgbPQWkRjAYSOXQ_k9HCVILFxidfgVQsQhVslDv&sai=AMfl-YSLj77CHFFSAZ0GVlci6LSIhGConryg2ZT0pg_3jMqrrehkAmnkpjp5esCGu9Y5uNfERPZ0FybDMLeoAAg4TcXWM-aUj4v5mc3B_kkUiceXGU8AhibMwwauBUondh_P-Xfao-soFbOkHw&sig=Cg0ArKJSzAqp-xu030bhEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 76B08533AB50CFDCBB74D4E82A708F06
Requests: 9 HTTP requests in this frame

Frame: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74E5573DC108DE1A1CFF075F56F9270C
Requests: 9 HTTP requests in this frame

Frame: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2CDC147D7A28AE2CB5C11C18E741A45E
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFbI9ghtDZdq_SASHN4MhTmaKLPbXaIKhl-N8bBqFgL_5jEKmBSmdKRzPbj5y7RriMFj37FOomqZ-s9dZtFby5U8h86swvB5nFlQKwc6SPjqivMHOXkeNSZyFpMc4dVJxjypUgH6GQ21Z5wg-zOUL8U1UnO2mJ0C2Ypgjfi8mTOrhWaw2JIlWwytlT1Vrel0SfujbYxEkNx8AJmlINurKKqRYp8brFNcyJOHWa8HCeCDdxpFMzAnjZKO7qHQbwzNATUq7ZGvtVuiN0nIz9dWSAkmzucyJfbS6opZg6kVdsGXlv-7l0CZZLoZ-2A81WeT4o172q3cBJqkAoFOC6W-DN9v7-zkIKGvX2weBKLUk70tRJcRjtG_pqKKLeOcOmSrt19jeDUKx-H1aLoMCAwTCwQ1hkcEiee8dVUBj4hksK&sai=AMfl-YQo_-dmJVcU-1m6ZuLFfsk_N8FKqwDy5wnGK1ceNnyFFUbN3lvv2E_4SwJ-MaO21NEvze_TuQMSPtBen2LyEnOlF9kIRmaEeCjoGTMOOJ7qtSZOS2_GTSzNxNeioTpJyDRI92wU5AqmgQ&sig=Cg0ArKJSzOfC6OJ0u5k0EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 4B23D74BD15F4F3784B61F022BC370E4
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Frame ID: BE673EB6262212EC8627D1E4485C117A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: D1D5FA55C523A46740A685C96B00EFD6
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: BD47E0C5708791B97B82260EC40B4831
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: BFE0D2AFA2197A983DBC4EF0B5BCD443
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: D5AAA22ADE9359D3F420AB5C2E0C3B26
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: AD305006143EDE3AA7F4E5B7C8F828B8
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 9D80C39D49EF3C1A0C70BC49A031E531
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4197819160678337610&gdpr=0&gdpr_consent=
Frame ID: 5826991DBF28367B6391AE7DCBA7D3B6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=686468021487496740601
Frame ID: FD961D13A16AE2931C269E588E4E11E8
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 1F22A95C2866166758022E47E6CB5826
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID898E482A-8587-48B1-8DF4-0EC909AAB31D
Frame ID: E7928832A6777099E98019A6C4AA29B0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5398518111586249670&gdpr=&gdpr_consent=
Frame ID: 98CA41FFCAAFCE46F08E96E108546CA2
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV85ZjNmZjZkYS05OTg3LTQ2YjktOWY0OC02N2UyNDhiZmM3ZTA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DFF4BF0CC1E66F4FE11A6D481EB66732
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 86FC22593B66C68B5B60F7F54DA63B40
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=f1858dea-1fcf-4d3f-814c-f4ca799db28d
Frame ID: BFF897B498D1A11B39857C9C64AE6F13
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZXGF.MCo5sAAAN-iU8oAAAAA
Frame ID: B6D1BFF275A39E4C986EF591188640F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=xwdLfeB16bLROclJlUy6gzOzM9otmBbOu5KeTyakc_c&pi=gumgum&tc=1
Frame ID: 3AA74CA1B497B57E076E7537D0EF53D9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: BBFB762FE10B80C6C0DC7127E70A1006
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent=
Frame ID: 20929CD3806C17F4BF1C38A5B7351EE0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=810364830952993790&gdpr=0&gdpr_consent=
Frame ID: FB55CCF945B9731ED73F992BBCE79A47
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: E8CD0415B1A004B1491472797E85BB05
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2qe0wdSn5ZLBp7LF3_SuxN-l5sDB8eeT26Mt1TJ6
Frame ID: E6EF321E9E041403F64FC921F0D0AAAB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 31D3B8938207E470860B92B070CB8EDC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID898E482A-8587-48B1-8DF4-0EC909AAB31D
Frame ID: F4B9D971BA0DC93DAE7D252082E56DF8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12m8tknef08u
Frame ID: 6E65E838ECA75635316D0A24946741BA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OHTN7wwVWuh3ECxCrf1UeWf-mcw&gdpr=0&gdpr_consent=
Frame ID: B36C35AE56F664233CE9E7DF33EFA1FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b47768211604d6b95371a0e3c2b6b11
Frame ID: FB085E53812C1A6919B1AD1E308FBF5A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3285DA01392B712203C33F382E00687B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: BB410E881E71F4664585AD002ED81BBD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5D54516226CE85B73C4441DC6726373B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3aa81e4daf53477fb69e1bbf11b90dd5
Frame ID: 6B4C903104831A73ECA2C40B44D9D929
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TLgaZw1qDJGRKpI6_IVxZQ
Frame ID: DA3A4FAB16FBB908FFBB2422BA5E6C6C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=898E482A-8587-48B1-8DF4-0EC909AAB31D
Frame ID: F82665F021B87CDA0C2F288796B49FD7
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 9C2BAFB65C50F84561E2702983D505F5
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=898E482A-8587-48B1-8DF4-0EC909AAB31D
Frame ID: DD57A3AA94FC3E4311A9FFE2817A2190
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 13332F3E30914FD4F7A1ED00F3060D4C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1A58811B1926DA904EF79C34AA073E3B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 3E3B5F6308FE9ABAF7BD7E448A2A81F4
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 9180CEBA2D382A3DB5292C579BD7EA74
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 702F07B44629B2CBC87C571314C495D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1TUwym2F1Rb9ZY5&gdpr=0&gdpr_consent=
Frame ID: 711E5513AF1BA37CBEFDD5DE130292FB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084072855796769
Frame ID: FC29FA9639192787D5792999163CCEBC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
Frame ID: A743271C803B90B9CB0DC03ADB2A4FD3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=898E482A-8587-48B1-8DF4-0EC909AAB31D
Frame ID: FF956A3D6ABABC823B4E4EAFD5C4FD0A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MS Paint - Download

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

281
Requests

81 %
HTTPS

32 %
IPv6

84
Domains

127
Subdomains

81
IPs

9
Countries

2476 kB
Transfer

6288 kB
Size

125
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=softonic.com&sn=ChromeSyncframe&so=0&topUrl=ms-paint.en.softonic.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=woqqdnxZQjdpNEtGRG1PQjV5WjNPdnpCUXJUZEtRWlVYYWMrcGRUUEV5NFVkK0R0ZldONERwbFBWV2xPNGJpa1ByVldhTWRFVFJHMzYxWUhnbWtzTVc5bkhiMFVpZWNubnRLL1VHNnc5TXArTHc1bmdGSGExblhpdmM5VDFkRDRLL2RkWVltRXRhM0dLYzVWSEFldUN6NVdmOURodU5ZS3NJT01mbW9qNnZuYXREbTZvemdqSHpMUEUwdEdqV2l4UFlKOUFQc1FFU3ZTMi9qRHBzTzNFVS8vK09OL2c1d3UzdU9POXdrNTFrNDNSZXVwbERHZGtlcFBNQnJJQXY3YmUzbVg5eTl3K3kwcTMyQ3FXZ1BMMEVMaVJkdlEvYmN2NXNpU3BwV3hwdVNTTEZoMD18&cppv=2
Request Chain 160
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Request Chain 173
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1701938680243 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8582639035 HTTP 302
  • https://sync.1rx.io/usersync/turn/2971446077424645745?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-1c56eab2-34e7-49b1-9654-3eb441994f29-004 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
Request Chain 175
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 178
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 179
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4197819160678337610&gdpr=0&gdpr_consent=
Request Chain 180
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=686468021487496740601
Request Chain 185
  • https://match.adsrvr.org/track/cmf/openx?oxid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0&gdpr_consent=
Request Chain 186
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXGF.MCo5sAAAN-iU8kAAAAA
Request Chain 187
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae8XZJbm9Sslks8AEDmpjqlF_s8AAAGMQ3NS0g
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX254pF2GGKAG0McW9fArE&google_cver=1
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iY5IKoWHSLGN9A7JCaqzHQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 193
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=898E482A-8587-48B1-8DF4-0EC909AAB31D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=898E482A-8587-48B1-8DF4-0EC909AAB31D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4c100884-128f-4d15-9adb-671fbfc8fe4d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=4c100884-128f-4d15-9adb-671fbfc8fe4d%2C%2C
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk4RTQ4MkEtODU4Ny00OEIxLThERjQtMEVDOTA5QUFCMzFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOv9uV19u7jG-7I5Fz1Z1Jo&google_cver=1
Request Chain 200
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=
Request Chain 201
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPUYCIA8-1K-IEF3 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXGF.Blu.Db.7TwYavzkjQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJY6d2gNs37y80ECewdpR5U&google_cver=1&google_hm=2
Request Chain 203
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f89770bb87ef4b359501db06d7e5745c HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f89770bb-87ef-4b35-9501-db06d7e5745c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3ef2aeef-2c9f-45ea-aeed-f324258d4f72%3A1701938682.0760894&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3ef2aeef-2c9f-45ea-aeed-f324258d4f72%253A1701938682.0760894%26_%3D1701938682.0781248&cb=1701938682.0781574 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1972084072855796769&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3ef2aeef-2c9f-45ea-aeed-f324258d4f72%253A1701938682.0760894%26_%3D1701938682.0781248 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3ef2aeef-2c9f-45ea-aeed-f324258d4f72%3A1701938682.0760894&_=1701938682.0781248 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjczZWYyYWVlZi0yYzlmLTQ1ZWEtYWVlZC1mMzI0MjU4ZDRmNzI6MTcwMTkzODY4Mi4wNzYwODk0EAAaDQj7i8arBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBvwrEMGrlKJpszzvNS5nnc&google_cver=1
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKxOIx547uy2yKetc1A09cs&google_cver=1
Request Chain 205
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&expiration=1704530680&gdpr=0&gdpr_consent=
Request Chain 206
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB
Request Chain 207
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXGF_AAFEH22vQAM HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXGF_AAFEH22vQAM&_test=ZXGF_AAFEH22vQAM
Request Chain 208
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nOkEOPEKlbvKaB55YrhD
Request Chain 209
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943
Request Chain 211
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDE4MzNmYmUyOTIyMzdjMWIzYWU2MWI4NjZhMzBkZTM3ZjRjZDMzOA
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqI0ISs120xKI95MCuFEUM&google_cver=1
Request Chain 214
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPUYCIA8-1K-IEF3
Request Chain 215
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=&expires=30
Request Chain 216
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBVWUNJQTgtMUstSUVGMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHLA8AHJQVYoSDBzXRZqXNw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBVWUNJQTgtMUstSUVGMw==&google_push=
Request Chain 217
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ifizyea7yZ4ovBDpZ-zQIsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m07gX4dE2oLbMCk3CtjPJjpg0jg.gBWt.CQufQ--~A
Request Chain 219
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=42d4Yi4xTNqEZzdD8yuQow&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=42d4Yi4xTNqEZzdD8yuQow
Request Chain 220
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeMU7K4wwAABNSZbOUxw&expires=30
Request Chain 221
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPUYCIA8-1K-IEF3
Request Chain 222
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPUYCIA8-1K-IEF3 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPUYCIA8-1K-IEF3 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPUYCIA8-1K-IEF3&ckls=true&ci=nKN4KJw2eE&nc=false&trid=324437238
Request Chain 223
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=96829790-aee9-4ce8-924b-bed8635b2345&expires=30
Request Chain 224
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPUYCIA8-1K-IEF3&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPUYCIA8-1K-IEF3&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VbWtyZ3RWRTJ1R3VXVW9KSll2S1lpMG9JZF9OcjRjN35B&ovsid=LPUYCIA8-1K-IEF3&dpid=58160
Request Chain 225
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPUYCIA8-1K-IEF3&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPUYCIA8-1K-IEF3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 226
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPUYCIA8-1K-IEF3
Request Chain 227
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=810364830952993790
Request Chain 228
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5398518111586249670&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=&gdpr_consent=&us_privacy=
Request Chain 229
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=2a1b1262-166b-0e76-2a0a-e3e2d3246114
Request Chain 230
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3874cdef-0c15-5ae8-7710-2c42adfd5479$ip$103.254.153.204
Request Chain 231
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5JrVpQVE2peKypLUN5SmqkIaHcLa9iZgt.y8~A
Request Chain 232
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=c6e1ffb4-2df7-4ed1-a962-2601967d2e2b
Request Chain 234
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=P7ohSlX4yLeS6ybbUZen
Request Chain 235
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=SpXJeltSXerP&ev=1&pid=558355
Request Chain 236
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5600232837313694723
Request Chain 238
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5398518111586249670&gdpr=&gdpr_consent=
Request Chain 241
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=f1858dea-1fcf-4d3f-814c-f4ca799db28d
Request Chain 242
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXGF.MCo5sAAAN-iU8oAAAAA
Request Chain 243
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=xwdLfeB16bLROclJlUy6gzOzM9otmBbOu5KeTyakc_c&pi=gumgum&tc=1
Request Chain 244
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 247
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPUYCIA8-1K-IEF3 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LPUYCIA8-1K-IEF3
Request Chain 251
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=810364830952993790&gdpr=0&gdpr_consent=
Request Chain 252
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b4f72446-d3fd-4685-aee5-59a74e438dd3&expires=1&user_group=2&ssp=pubmatic&bsw_param=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 253
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2qe0wdSn5ZLBp7LF3_SuxN-l5sDB8eeT26Mt1TJ6
Request Chain 256
  • https://idsync.rlcdn.com/420486.gif?partner_uid=898E482A-8587-48B1-8DF4-0EC909AAB31D HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg5OEU0ODJBLTg1ODctNDhCMS04REY0LTBFQzkwOUFBQjMxRBAAGg0I-4vGqwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1c98922d785a21c51c6c7adcbb0472825c278cea2a0ad72b26554ade57d5e171791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxYzk4OTIyZDc4NWEyMWM1MWM2YzdhZGNiYjA0NzI4MjVjMjc4Y2VhMmEwYWQ3MmIyNjU1NGFkZTU3ZDVlMTcxNzkxNDI2YjU0MTdkY2UyMRAAGgwI-4vGqwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxYzk4OTIyZDc4NWEyMWM1MWM2YzdhZGNiYjA0NzI4MjVjMjc4Y2VhMmEwYWQ3MmIyNjU1NGFkZTU3ZDVlMTcxNzkxNDI2YjU0MTdkY2UyMRAAGgwI-4vGqwYSBAgCEABCAEoA&google_gid=CAESEJZs_iD8Ay16HZvm_oW7av0&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=3ac04a65-889b-4d6c-9963-e7cb5934783d
Request Chain 257
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2971446077424645745&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 258
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=898E482A-8587-48B1-8DF4-0EC909AAB31D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5HiKsCFE2uU8IE0WdJp.gwEQXUjaK2o-~A&gdpr=0
Request Chain 260
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12m8tknef08u
Request Chain 261
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OHTN7wwVWuh3ECxCrf1UeWf-mcw&gdpr=0&gdpr_consent=
Request Chain 262
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b47768211604d6b95371a0e3c2b6b11
Request Chain 265
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 266
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3aa81e4daf53477fb69e1bbf11b90dd5
Request Chain 267
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TLgaZw1qDJGRKpI6_IVxZQ
Request Chain 269
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5398518111586249670
Request Chain 270
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3bac6b4d689b1ff6&is_secure=true&networkId=17100&version=1&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVfk2gWWANUIuZDAAAAAAA&expiration=1702025083&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 277
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 278
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 281
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1TUwym2F1Rb9ZY5&gdpr=0&gdpr_consent=
Request Chain 282
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084072855796769
Request Chain 283
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782626414 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f1858dea-1fcf-4d3f-814c-f4ca799db28d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1c56eab2-34e7-49b1-9654-3eb441994f29-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004

281 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ms-paint.en.softonic.com/ 		335 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
5658a6b4c270353271d28b04a71e55b8c36bee0e27852c7a9baaf4bca4eccff9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
br
content-language
en-US
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:36 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
64
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
2617652a-2fab-47de-9a10-83b35cacbf1c
x-served-by
server-558bcc555d-kwjv2
x-version
1.6107.0
x-xss-protection
1
gtm.js
www.googletagmanager.com/ 		432 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9443534ff3d637060f249ab2bc07aacd9adccfab8f6960aa807308530dfd6d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122947
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Dec 2023 08:44:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
261a0f2e6215bfe9a749dd1da59719d4693c5a8b702386c0ac3adde249a32ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30233
x-xss-protection
0
server
cafe
etag
794 / 19698 / m202311290101 / config-hash: 16835354973066905572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:44:36 GMT
ads.js
www.google.com/adsense/search/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff606d0c65d0a2ea305427f59b6e1018bcbddb7a77b61e3fa2b082b4f366595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"12723889585200011419"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Thu, 07 Dec 2023 08:44:36 GMT
sft-prebid.js
softonic.com/revamp/ 		334 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-prebid.js
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
6339ee00d1aa839c900294f1d30a7879d5aca349310d182a44117f4fc125ecd1

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-version
1.1298.0
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
588
x-cache
MISS, HIT
x-envoy-upstream-service-time
2
x-region
01
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96284
x-request-id
68865da7-2821-49ec-97c7-5df4ac8e22fd
x-served-by
cache-ams21030-AMS, cache-qpg1281-QPG
x-platform-version
NT 10.0
x-browser-version
120.0.6099.62
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1701938676.429409,VS0,VE0
etag
W/"a23ccaffd903d9123b834754dad89dc1"
x-browser-name
Chrome
vary
Accept-Encoding,x-country-code,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
SG
x-cache-hits
0, 2
72c3f-7929f.mjs
sc.sftcdn.net/scripts/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-7929f.mjs
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3af55202f9ae174891b406251142d9842ad8159cf58e78086abd90e1c5ce6f6a

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Tue, 26 Nov 2024 13:29:47 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
846889
x-cache
HIT, HIT
x-envoy-upstream-service-time
8
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13298
x-served-by
cache-ams21073-AMS, cache-qpg1254-QPG
last-modified
Thu, 23 Nov 2023 17:36:16 GMT
server
istio-envoy
x-timer
S1701938676.132220,VS0,VE0
etag
W/"655f8d90-b7a8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
26, 34225
23986-7fb8e.mjs
sc.sftcdn.net/scripts/ 		99 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c9014b92bed451ae20ef7a455f9e7e2590992ba71c735368191fe38af129ff6a

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Tue, 03 Dec 2024 09:24:34 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
256801
x-cache
HIT, HIT
x-envoy-upstream-service-time
7
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21821
x-served-by
cache-ams21081-AMS, cache-qpg1254-QPG
last-modified
Fri, 01 Dec 2023 09:09:01 GMT
server
istio-envoy
x-timer
S1701938676.132206,VS0,VE0
etag
W/"6569a2ad-18b25"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
3, 10426
ms-paint-Download-MS-Paint.jpg
images.sftcdn.net/images/t_app-icon-s/p/ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d/66824738/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d/66824738/ms-paint-Download-MS-Paint.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
3cd9bb9f106c2054bdb86884e6d854ca30a31ffd80eba20e2a13f95433d7ecc7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 16 May 2023 10:32:12 GMT
server
Cloudinary
etag
"50c7f0c314ee88fe7d34afa294964749"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="66824738.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:36.574Z;desc=hit,rtt;dur=1,content-info;desc="width=112,height=112,owidth=500,oheight=500,obytes=44212"
accept-ranges
bytes
timing-allow-origin
*
content-length
1704
ms-paint-MS-Paint-for-Windows-Tools.jpg
images.sftcdn.net/images/t_app-cover-s,f_auto/p/ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d/1842836998/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d/1842836998/ms-paint-MS-Paint-for-Windows-Tools.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
9178323b773bdb24297171e9c0dc06a5a87c03ed2ead03397fa6d15e126cee93
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="1842836998.webp"
server-timing
cld-akam;dur=9;start=2023-12-07T08:44:36.583Z;desc=hit-near,rtt;dur=1,content-info;desc="width=340,height=191,owidth=1200,oheight=675,obytes=93074"
content-length
7014
last-modified
Tue, 16 May 2023 10:47:55 GMT
server
Cloudinary
etag
"abad955f41b34d853e0b9645ae3c5835"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:57 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
19435239
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12698
x-served-by
cache-ams12758-AMS, cache-qpg1254-QPG
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1701938676.132177,VS0,VE0
etag
W/"644801fe-319c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
58, 78328
profile
images.sftcdn.net/images/f_auto,w_48/editor-profiles/dinkar-kamat/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/f_auto,w_48/editor-profiles/dinkar-kamat/profile
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ba1251a4042cdc4b94fe87cd32afca0476a41d020d99c2ddc050beca831b116e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="dinkar-kamat.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:36.582Z;desc=hit,rtt;dur=1,content-info;desc="width=48,height=48,owidth=128,oheight=128,obytes=4536"
content-length
722
last-modified
Wed, 10 Nov 2021 12:32:21 GMT
server
Cloudinary
etag
"dd18592fdc95604034beceaa8acb4da9"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
sft-bundle.js
softonic.com/revamp/ 		326 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
5ad368795609ab32fe1ad9bdf0446289452345306d06317a2d4b9e5d47d0a4c9

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-version
1.1298.0
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
71134
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
x-region
01
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74026
x-request-id
73900b5a-4a56-42ab-a43b-d3e1b7a559a2
x-served-by
cache-ams12763-AMS, cache-qpg1234-QPG
x-platform-version
NT 10.0
x-browser-version
120.0.6099.62
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1701938676.429270,VS0,VE1
etag
W/"9fe9d96c1f212001c1f72cafb2124831"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform,x-platform-id
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
SG
x-cache-hits
1, 6877
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 08:44:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
FGBdjUhIffNCk6Nx2zRhOSRm3nqHJWan57b5bMWFeweYdAasoiLHFsnhFevjD58H4o9HOyfuK1zYIQz4SS1YDQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 07 Dec 2023 08:44:36 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4833A22A23384EC9A1098C341DDE2626 Ref B: SIN30EDGE0808 Ref C: 2023-12-07T08:44:36Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
e1d66-8959c.css
sc.sftcdn.net/styles/ 		107 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-8959c.css
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7e246fd2a4cb8e1634db463b3828532c249d55b60895191a635ff3ef59fe17ea

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 07 Nov 2024 13:38:01 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2487995
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16912
x-served-by
cache-ams21068-AMS, cache-qpg1260-QPG
last-modified
Wed, 08 Nov 2023 11:02:43 GMT
server
istio-envoy
x-timer
S1701938676.424756,VS0,VE0
etag
W/"654b6ad3-1ab8c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
5, 28436
40150-a5fb0.css
sc.sftcdn.net/styles/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-a5fb0.css
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6fbfd9f15b571ccec952647d4fd91e45b42c67b372b042cb9404d00a8d9fac07

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Fri, 08 Nov 2024 11:55:58 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2407717
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3079
x-served-by
cache-ams21046-AMS, cache-qpg1260-QPG
last-modified
Thu, 09 Nov 2023 11:17:56 GMT
server
istio-envoy
x-timer
S1701938676.424714,VS0,VE0
etag
W/"654cbfe4-3377"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
27, 27356
fa090-0d026.svg
sc.sftcdn.net/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:57 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
19435237
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2107
x-served-by
cache-ams21030-AMS, cache-qpg1260-QPG
last-modified
Tue, 25 Apr 2023 16:38:21 GMT
server
istio-envoy
x-timer
S1701938676.424808,VS0,VE0
etag
W/"644801fd-12b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
35, 27039
b94b1-d9c76.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-d9c76.css
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:57 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
19435238
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1856
x-served-by
cache-ams12746-AMS, cache-qpg1260-QPG
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1701938676.424697,VS0,VE0
etag
W/"644801fe-12d9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
35, 25627
585ea-68c47.woff2
sc.sftcdn.net/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:59 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
19435237
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16706
x-served-by
cache-ams21069-AMS, cache-qpg1254-QPG
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1701938676.400804,VS0,VE0
etag
W/"644801fe-4144"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
44, 74172
d1174-0627e.woff2
sc.sftcdn.net/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer
https://ms-paint.en.softonic.com/
Origin
https://ms-paint.en.softonic.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:04:01 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
19435235
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17553
x-served-by
cache-ams21076-AMS, cache-qpg1254-QPG
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1701938676.401735,VS0,VE0
etag
W/"644801fe-4490"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
1388, 74530
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
71dea-14daa.svg
sc.sftcdn.net/images/ 		945 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/71dea-14daa.svg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:58 GMT
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
19435239
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
508
x-served-by
cache-ams21023-AMS, cache-qpg1260-QPG
last-modified
Tue, 25 Apr 2023 16:38:21 GMT
server
istio-envoy
x-timer
S1701938676.424768,VS0,VE0
etag
W/"644801fd-3b1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
19, 11470
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:47:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
7040
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Dec 2024 06:47:16 GMT
truncated
/ 		945 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83a767cbc1f72bb017ae28616c336a85987e4734c00c3fda9d57b8db79258466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72405
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Dec 2023 08:44:36 GMT
448368701978882
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448368701978882?v=2.9.138&r=stable&domain=ms-paint.en.softonic.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:212:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3331ee13d7f5e0ede8dd422b0c716a12549ef079d6f8d8bf433e6cb5dbf1102
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 07 Dec 2023 08:44:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36851
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
H1BcxlCFOmbsQvZGbb8UgWccDhchZdNHJfYE4uAaLWQpoM/ta6/MA5GaL2ybHUDIqPizURx+J46lDHsVL8aXqA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		378 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ms-paint.en.softonic.com&client=softonic&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
575f5c961bdf4a8a14759243182adac1f93eeb873567175469627864415b4799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
240
x-xss-protection
0
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.114.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-114-49.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:11 GMT
content-encoding
br
via
1.1 682c68c029a11c323dfbf4869c1e3734.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
age
28
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
ZHWcsSHf5LC8OQSrYv9hU2XtRK5Uza4TcPiRALMQYg-HJMnirYal1Q==
sft-bundle.js
softonic.com/revamp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softonic.com/revamp/sft-bundle.js?modern=1
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-version
1.1298.0
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
71135
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
x-region
01
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74026
x-request-id
73900b5a-4a56-42ab-a43b-d3e1b7a559a2
x-served-by
cache-ams12763-AMS, cache-qpg1247-QPG
x-platform-version
NT 10.0
x-browser-version
120.0.6099.62
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1701938677.690559,VS0,VE0
etag
W/"9fe9d96c1f212001c1f72cafb2124831"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform,x-platform-id
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
SG
x-cache-hits
1, 7355
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.184.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-184-126.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront), 1.1 ce69143a5462de56d3dccc46968a1a48.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, KUL50-P2
x-amz-server-side-encryption
AES256
etag
W/"ccfaf15c322e197d2e6d0d6bd5642adc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iKbO2tM8on-tSVox5vr69KupuedUNzhr1apuE1tR6vB5HRnfajP2Bg==
tag
btloader.com/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
576d0b36bd8c8201e826aa45ae102594a069c286497b97fd65627b15e18facdf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 08:25:17 GMT
server
cloudflare
age
1029
etag
"4b2b99d2e0ebdf4686bfce5edb054f06"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
831b7cd998799fc1-SIN
content-length
18028
26115935.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26115935.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 07 Dec 2023 08:44:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AD8E6583CB7243C689E293A5AC15B111 Ref B: SIN30EDGE0808 Ref C: 2023-12-07T08:44:36Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26115935&Ver=2&mid=a0aec750-a3b2-4553-b744-03e7b849f31a&sid=da122b0094dc11ee96c389b42ac4a5d5&vid=da124bf094dc11eeb5a1630d6c3308ae&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=MS%20Paint%20-%20Download&p=https%3A%2F%2Fms-paint.en.softonic.com%2F&r=&lt=151&evt=pageLoad&sv=1&rn=99170
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 08:44:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 604BC72AA39640FEBCA2B54D68E0718D Ref B: SIN30EDGE0808 Ref C: 2023-12-07T08:44:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
www.google.com/afs/ Frame 72E4 		15 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r4&nocache=5151701938676598&num=0&output=afd_ads&domain_name=ms-paint.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=480&dt=1701938676599&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=7204&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Fms-paint.en.softonic.com%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
3d3f3571336026392845394cbeed25844c86be2d4b7cac91dd55ed28701e4522
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Yi5NcAQAPtvJNrJgfJCkuQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://ms-paint.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2581
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Yi5NcAQAPtvJNrJgfJCkuQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 07 Dec 2023 08:44:36 GMT
expires
Thu, 07 Dec 2023 08:44:36 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 08:09:57 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2079
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Dec 2023 10:09:57 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
728c7465cfc96e74e89c59caf271d0735b611d2988ca7ff54ab4e10a15aacca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79592
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 08:44:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		799 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=en.softonic.com
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af15553eef809789bf8e2edb7228dc011f0e80edf99d283a0cb29871a66a3d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Thu, 07 Dec 2023 08:44:36 GMT
prebid
id5-sync.com/api/config/ 		135 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ms-paint.en.softonic.com
date
Thu, 07 Dec 2023 08:44:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
event
ms-paint.en.softonic.com/plausible/api/ 		2 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ms-paint.en.softonic.com/plausible/api/event
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
05973c55-c6ab-493a-8c82-731504b916a5
event
ms-paint.en.softonic.com/plausible/api/ 		2 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ms-paint.en.softonic.com/plausible/api/event
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
2627bf00-13c6-4dbd-aeea-0aecea2bdd8c
best-recommended-apps
ms-paint.en.softonic.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ms-paint.en.softonic.com/best-recommended-apps?appId=ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d&categoryId=graphic-design&pageId=app&developerSlug=microsoft-corporation&platformId=windows&locale=en-US&programName=MS+Paint&browserName=chrome&browserVersion=120.0.6099.62&countryCode=SG&deviceType=desktop&isEU=false&isCalifornia=false&region=01&userPlatformId=windows&userPlatformVersion=10.0&placementId=download-intent&position=8
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
701f5737432c12af290a1d53d0fdc81d5b16c45858565c6d340e4b7d01cacbb2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-version
4.415.0
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-server-by
cpi-api
via
1.1 google
x-winner-campaign-logic
control
x-user-platform
windows
x-winner-campaign-id
winzip-compression-ros
x-resource-id
@cpi-api/bestRecommendedApps
x-envoy-upstream-service-time
27
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
98bcf358-e445-4cb8-8795-acde31d3a590
server
istio-envoy
x-publisher-id
softonic
vary
Origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache,no-store,max-age=0,must-revalidate
x-publisher-projection-version
3580
x-suitable-campaigns-count
2
x-country-code
SG
x-page-id
bestRecommendedApps
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Dec 2023 08:44:36 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:18:30 GMT
content-encoding
gzip
via
1.1 0d4aa9f487883216469659ecf56a9a92.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
23175
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
AqH67_e6hYuMT8xbxYtReX7O8Hy_nEm4HbAWsQuiNL9G1SrnAgUBkA==
ads
securepubads.g.doubleclick.net/gampad/ 		745 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=191698288536130&correlator=1157541329319894&eid=31079828%2C31079830%2C21065724&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-en%2CApps%2CProgrampage%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&didk=821598582&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701938676894&lmt=1701938676&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fms-paint.en.softonic.com%2F&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=2017101036.1701938677&ga_sid=1701938677&ga_hid=287666567&ga_fc=false&dlt=1701938676102&idt=646&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtop-wallpaper%26hvi%3Dfalse%26type%3Doop_display_wallpaper&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26file%3Dad1de8c1-a23d-4e96-9b21-0ce5aec78b2d%26reviewvecna%3Dfalse%26recat%3Dmultimedia%252Cgraphic-design%26hosted%3Dfalse%26compliant%3D1%26devel%3D0%26locale%3Den-US%26author%3DMicrosoft%2520Corporation%26content%3Drich%26country%3DSG%26region%3DC%26ab_medium%3Dundefined%26platformId%3Dwindows%26ad_session_id%3D73cd646e-9f7e-4754-a162-65cb3f981285%26pv%3D1%26ab_upr%3D6%26personalized%3D1&adks=3454979113&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35caecfba8aa275cd6bb39228a3e3df33a01aa934f1282bf456d8e0ca6dba237
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
377
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8EED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ms-paint.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 08:44:36 GMT
expires
Fri, 06 Dec 2024 08:44:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1701938676928&cv=11&fst=1701938676928&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fms-paint.en.softonic.com%2F&hn=www.googleadservices.com&frm=0&tiba=MS%20Paint%20-%20Download&auid=341566778.1701938677&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c7cee1a04513a6e53ceee1c963bf6195211fc11906ce74e2bab819424be0791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
www.google.com/adsense/search/ Frame 72E4 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r4&nocache=5151701938676598&num=0&output=afd_ads&domain_name=ms-paint.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=480&dt=1701938676599&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=7204&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Fms-paint.en.softonic.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6f09727d79519fcd64c90dc473bc667cfa33c8e874b7d18fd154edf6dca0567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"5962336006583393112"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Thu, 07 Dec 2023 08:44:36 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448368701978882&ev=PageView&dl=https%3A%2F%2Fms-paint.en.softonic.com%2F&rl=&if=false&ts=1701938676997&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701938676995.1744895063&cs_est=true&ler=empty&it=1701938676587&coo=false&rqm=GET
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Dec 2023 08:44:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448368701978882&ev=ViewContent&dl=https%3A%2F%2Fms-paint.en.softonic.com%2F&rl=&if=false&ts=1701938676999&cd[content_type]=App&cd[content_name]=ms-paint&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701938676995.1744895063&ler=empty&it=1701938676587&coo=false&rqm=GET
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 07 Dec 2023 08:44:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
chunk6-57e90b.mjs
sc.sftcdn.net/scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk6-57e90b.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
14faf867b74b600bc1275d07217ce917b256cce6e077c59381aaeca9a113869c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Tue, 26 Nov 2024 13:29:49 GMT
date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
846887
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3770
x-served-by
cache-ams21056-AMS, cache-qpg1260-QPG
last-modified
Thu, 23 Nov 2023 17:36:16 GMT
server
istio-envoy
x-timer
S1701938677.014535,VS0,VE0
etag
W/"655f8d90-331c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
18, 27812
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 08:44:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
464006
x-guploader-uploadid
ABPtcPpeY9g-Qku13VXNqwRONFJ-QnoUbLSe-7VRMD2qcdKnr0j4CosGQMTO94xUbb29htoUpZdDPeKv3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXQ9iszSuTO59gEhBre3NH5KheGCWJloWQQ7izdfj2dV5tNT6c1vqz7T2TKt5Zr%2FlmQIx9OsblxYQGv7uQDVtTXnLBeSf%2F7pHYYY1v1Hp20fw6FB3AbXpZIDeP4mnDywSAV2qtrBTgUmrVzD3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
831b7cdb882a49cc-SIN
expires
Sat, 02 Dec 2023 00:43:46 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Dec 2023 07:38:06 GMT
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9509688259848808
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
464006
x-guploader-uploadid
ABPtcPpeY9g-Qku13VXNqwRONFJ-QnoUbLSe-7VRMD2qcdKnr0j4CosGQMTO94xUbb29htoUpZdDPeKv3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pXMP2S3RjdyKZ%2FiHwuLXQzH2cP3gdJ6v2%2BClwVdAoym7bpzX%2FX8D5RXEh8gIBc3cbQQ2w6jSpnwfdZe0AlpfLQzyfsGrWEdwzIylx0Yy2YbewLTcfn6toDJVYJC9P3pyK53K4K5P8cI7bFZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
831b7cdb882b49cc-SIN
expires
Sat, 02 Dec 2023 00:43:46 GMT
publisher:getClientId
ampcid.google.com/v1/ 		78 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ms-paint.en.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
0
collect
analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je3bt0v877889940z86335967&_p=1701938676128&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2017101036.1701938677&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701938677&sct=1&seg=0&dl=https%3A%2F%2Fms-paint.en.softonic.com%2F&dt=MS%20Paint%20-%20Download&en=page_view&_fv=1&_ss=1&ep.page_type=program_page&ep.site_language=en&ep.google_click_id=&ep.test_variant=&ep.pv=1&ep.program_id=ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d&ep.program_platform=windows&ep.program_category=multimedia&ep.program_subcategory=graphic-design&ep.program_sources=&ep.program_review_source=dexter&ep.program_download_type=redirectionDownload&ep.program_review_modification_date=2023-10-10&ep.program_opinions=yes&ep.program_review_publication_date=2017-07-24&ep.program_review_editor=Dinkar%20Kamat&ep.program_has_button_buy=no&ep.program_has_button_download=yes&ep.program_has_gallery=yes&ep.program_has_offer=no&epn.program_user_score=8.475728155339805&ep.google_compliant=yes&ep.program_name=MS%20Paint&ep.vertical_id=&ep.ecosystem_id=&ep.ad_session_id=73cd646e-9f7e-4754-a162-65cb3f981285&tfd=1077
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=2017101036.1701938677&gtm=45je3bt0v877889940z86335967&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R5K71YRXMV&cid=2017101036.1701938677&gtm=45je3bt0v877889940z86335967&aip=1&dma=0&gcd=11l1l1l1l1&z=203721363
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ms-paint.en.softonic.com/plausible/api/ 		2 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ms-paint.en.softonic.com/plausible/api/event
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
b77e1bbf-8224-41b0-8fb3-c7501b41e0d1
event
ms-paint.en.softonic.com/plausible/api/ 		2 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ms-paint.en.softonic.com/plausible/api/event
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-bundle.js?modern=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 08:44:36 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
69d17a1b-c3d0-4f12-a828-836bb98046bf
corporate-logo-nb.svg
storage.googleapis.com/storage-proxy-assets/revamp-di-sft/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::cf Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:42:12 GMT
age
145
x-guploader-uploadid
ABPtcPqHG-TEvm7ZUO8Oc6M_TIF9n-hciWa810x7IXMgAlhYPwSk3jzFNdvtTFFrRyoRzLJOydw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6593
last-modified
Wed, 01 Mar 2023 13:19:57 GMT
server
UploadServer
etag
"8a5ec86f9e44863fd94329cebaecb4d1"
x-goog-generation
1677676797280447
x-goog-hash
crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6593
accept-ranges
bytes
expires
Thu, 07 Dec 2023 09:42:12 GMT
winzip-logo
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-logo
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
b6ebd2244153bb9f85eab74cb2097c99965ec579adc640c607fd7a15b60b3e19
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-logo.webp"
server-timing
cld-akam;dur=7;start=2023-12-07T08:44:37.091Z;desc=hit,rtt;dur=1,content-info;desc="width=1800,height=600,owidth=1800,oheight=600,obytes=14375"
content-length
10266
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"c567f65948078ebf902a2488816bb956"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
winzip-feature-A
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-feature-A
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1ada5d6847da8280cb91c16bea3a27c5e0b5c3a5801b11c735f47c4f5a36e3ef
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-feature-A.webp"
server-timing
cld-akam;dur=13;start=2023-12-07T08:44:37.091Z;desc=hit,rtt;dur=1,content-info;desc="width=156,height=111,owidth=156,oheight=111,obytes=7867"
content-length
7276
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"e416811005c90530a730a5287d43a858"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
winzip-feature-B
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-feature-B
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0dfdd88f0f92086884ea4214bc6b6f54119d75b3d72000e4cb83ea48166282ea
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-feature-B.webp"
server-timing
cld-akam;dur=7;start=2023-12-07T08:44:37.097Z;desc=hit,rtt;dur=1,content-info;desc="width=156,height=111,owidth=156,oheight=111,obytes=1651"
content-length
910
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"5c256b0f30e5bda17f7367b7a0034724"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
winzip-feature-C
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-feature-C
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0916fc3d1ca0339e2baa78b1a105e78c99f823d26a8f149a8afd123e040238e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-feature-C.webp"
server-timing
cld-akam;dur=10;start=2023-12-07T08:44:37.097Z;desc=hit,rtt;dur=1,content-info;desc="width=156,height=111,owidth=156,oheight=111,obytes=6265"
content-length
5494
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"7e57fa2e940c7eef3e6d241066b592ab"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
syncframe
gum.criteo.com/ Frame E28C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ms-paint.en.softonic.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0ad5920e3de2d02ca93b81772e599c49917fd42922ea3fbf226b915a23fd062e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ms-paint.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 08:44:36 GMT
server
Kestrel
server-processing-duration-in-ticks
658064
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publisher:getClientId
ampcid.google.com.sg/v1/ 		3 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com.sg/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ms-paint.en.softonic.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1701938676928&cv=11&fst=1701936000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fms-paint.en.softonic.com%2F&frm=0&tiba=MS%20Paint%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNxFwXt8wDaeUVgdNxrFYfjPUOiq6oow&random=3325340313&rmt_tld=0&ipr=y
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.sg/pagead/1p-user-list/631321069/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/pagead/1p-user-list/631321069/?random=1701938676928&cv=11&fst=1701936000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fms-paint.en.softonic.com%2F&frm=0&tiba=MS%20Paint%20-%20Download&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNxFwXt8wDaeUVgdNxrFYfjPUOiq6oow&random=3325340313&rmt_tld=1&ipr=y
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.97.106 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-97-106.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
069285623f9e15629f75d7ccc094c3b420166207eab59c8e7910b4246b482452

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache
x-server
10.42.21.249
access-control-allow-credentials
true
content-length
235
expires
0
noavatar92.png
a.disquscdn.com/1701457684/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1701457684/images/noavatar92.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=300; includeSubdomains
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
x-amz-cf-pop
SFO53-C1
age
478687
etag
"60395f01-66c"
content-type
image/png
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
content-length
1644
x-amz-cf-id
Y3XK9V49ii_wlpVR5ju2jqaiC4x_FNwfiKhWUPnxnrn_9KN_jMBdfA==
x-xss-protection
1; mode=block
expires
Sun, 31 Dec 2023 19:46:30 GMT
avatar92.jpg
c.disquscdn.com/uploads/users/35186/6877/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/uploads/users/35186/6877/avatar92.jpg?1667048149
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8232f27ea9c740ebbbccb24e7258d83c25c81616f2435dcdd6e780c80e8aabda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 27 Jul 2023 09:15:56 GMT
via
1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P4
age
11489321
x-cache
Hit from cloudfront
content-length
3282
x-xss-protection
1; mode=block
x-served-by
static-web-1
last-modified
Sat, 29 Oct 2022 12:55:50 GMT
server
nginx
etag
"7e16e38b5ea3814a840bafb418bf4a91"
content-type
image/jpeg
cache-control
max-age=31536000, public, immutable
accept-ranges
bytes
x-amz-cf-id
B12dPqZvc5hxuH8vv6jqoi4QyJs3ORO_55qAAXaXz8e3TOJh5AuwwA==
expires
Fri, 26 Jul 2024 09:15:56 GMT
autocad-icon.png
images.sftcdn.net/images/t_app-icon-s/p/8a1acc12-96d0-11e6-b61e-00163ed833e7/481981230/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/8a1acc12-96d0-11e6-b61e-00163ed833e7/481981230/autocad-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
bc2a00f882492f2cd756184bb202b8d55b7cad3a3739697e7f666e5912062882
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:38:56 GMT
server
Cloudinary
etag
"d8fa1e2bf8bcfc02c557181de8afdfb5"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="481981230.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.188Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=800,oheight=800,obytes=412476"
accept-ranges
bytes
timing-allow-origin
*
content-length
1944
adobe-photoshop-lightroom-icon.png
images.sftcdn.net/images/t_app-icon-s/p/756ff246-96d1-11e6-bc27-00163ed833e7/844328541/ 		532 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/756ff246-96d1-11e6-bc27-00163ed833e7/844328541/adobe-photoshop-lightroom-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4a2a5d8b738353a3a5e0ca668aabc590104997bc50a41568f6a8d72bae6a27af
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:36 GMT
server
Cloudinary
etag
"ce6511a9c0179f1e0412b749835b4bcc"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="844328541.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.188Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=512,oheight=499,obytes=10557"
accept-ranges
bytes
timing-allow-origin
*
content-length
532
adobe-xd-adobe%20xd-icon.png
images.sftcdn.net/images/t_app-icon-s/p/a638252f-0f05-48fb-8f84-1f762ac80fa8/1602314670/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/a638252f-0f05-48fb-8f84-1f762ac80fa8/1602314670/adobe-xd-adobe%20xd-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
15143344424614befe8725dad08dcd54d6a9d09c582371982570ccf4644073b0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:48:54 GMT
server
Cloudinary
etag
"b249fa374e17661bd3e56e5c464ddcd8"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1602314670.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.188Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=590,oheight=571,obytes=33785"
accept-ranges
bytes
timing-allow-origin
*
content-length
1268
painttool-sai-Download-PaintTool-SAI.jpg
images.sftcdn.net/images/t_app-icon-s/p/b88f26f6-9a63-11e6-8995-00163ec9f5fa/476869985/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/b88f26f6-9a63-11e6-8995-00163ec9f5fa/476869985/painttool-sai-Download-PaintTool-SAI.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
da3eb947ab985ab9d5285ee72dd2f3ce8a7f6a2abe920f33284e629350a8175e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 16 May 2023 15:55:39 GMT
server
Cloudinary
etag
"6aebb3f9b271b95c3fd21841e4474d87"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="476869985.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.198Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=500,oheight=500,obytes=56269"
accept-ranges
bytes
timing-allow-origin
*
content-length
1758
powerpaint-logo.png
images.sftcdn.net/images/t_app-icon-m/p/0df7a822-96d9-11e6-a6a9-00163ed833e7/1603049781/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/0df7a822-96d9-11e6-a6a9-00163ed833e7/1603049781/powerpaint-logo.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
fdfa93e1320fbadbc2475740faa3e354d34c635586e1a471ba4c8ac3c37384da
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:30 GMT
server
Cloudinary
etag
"f7fa2efd52276fbdb2d7dd39fa25b725"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1603049781.webp"
server-timing
cld-akam;dur=12;start=2023-12-07T08:44:37.198Z;desc=miss,rtt;dur=2,content-info;desc="width=224,height=224,owidth=832,oheight=832,obytes=556831",cloudinary;dur=60;start=2023-12-05T15:38:56.313Z
accept-ranges
bytes
timing-allow-origin
*
content-length
9844
ez-paint-logo.png
images.sftcdn.net/images/t_app-icon-m/p/601172de-9b32-11e6-9e88-00163ec9f5fa/1627856468/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/601172de-9b32-11e6-9e88-00163ec9f5fa/1627856468/ez-paint-logo.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0d204d22c0b57c1f174a5981a56b3a7e54235c69db03f569b6c42f8ef66c7206
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:33:21 GMT
server
Cloudinary
etag
"8b085802a745c067332d68d15ebe6ee3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1627856468.webp"
server-timing
cld-akam;dur=15;start=2023-12-07T08:44:37.197Z;desc=hit-near,rtt;dur=2,content-info;desc="width=224,height=224,owidth=1024,oheight=1024,obytes=636285"
accept-ranges
bytes
timing-allow-origin
*
content-length
4568
paint-apps.24379.14170710832825752.0337f199-11f5-4ef1-848d-cfb7a32bb128.png
images.sftcdn.net/images/t_app-icon-m/p/c8115099-8c74-4909-b8e9-f31be2d1be07/2077811404/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/c8115099-8c74-4909-b8e9-f31be2d1be07/2077811404/paint-apps.24379.14170710832825752.0337f199-11f5-4ef1-848d-cfb7a32bb128.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6d35679b9254f9d664eb0b06d316c4072cb90ba8aa97e460a51d7bf40f928d71
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:33:22 GMT
server
Cloudinary
etag
"f97b7b671cb87c9860576533ab160ee3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="2077811404.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=224,height=224,owidth=1080,oheight=1080,obytes=226606"
accept-ranges
bytes
timing-allow-origin
*
content-length
1544
mypaint-1200px-Mypaint-icon.svg.png
images.sftcdn.net/images/t_app-icon-m/p/3978bd2c-912c-11e6-a715-00163ed833e7/1300436678/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/3978bd2c-912c-11e6-a715-00163ed833e7/1300436678/mypaint-1200px-Mypaint-icon.svg.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
d9f97e047de6ff5c1dcbfcf35fa8ac3b759d1e5603b7ae5ae88f15884c22ce94
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:54:30 GMT
server
Cloudinary
etag
"b81c658da2528f0de3dbce022018cf8e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1300436678.webp"
server-timing
cld-akam;dur=8;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=224,height=224,owidth=1200,oheight=1200,obytes=125680"
accept-ranges
bytes
timing-allow-origin
*
content-length
5382
microsoft-paint-3d-Download-Paint-3D.jpg
images.sftcdn.net/images/t_app-icon-m/p/26bc3ecb-05e7-478a-84d0-e377246b4fb1/104798958/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/26bc3ecb-05e7-478a-84d0-e377246b4fb1/104798958/microsoft-paint-3d-Download-Paint-3D.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
963c3dd6e067326bc278ba4065a93f14a10c3f5a851f3072d5ad5b9e8458b8f9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 10:13:21 GMT
server
Cloudinary
etag
"05e1f8543b6bcbf8d7cf41167f0fbd06"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="104798958.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=224,height=224,owidth=500,oheight=500,obytes=13052"
accept-ranges
bytes
timing-allow-origin
*
content-length
1212
paint-net-3177623560.png
images.sftcdn.net/images/t_app-icon-s/p/561fb8fa-96d0-11e6-b6b7-00163ed833e7/3177623560/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/561fb8fa-96d0-11e6-b6b7-00163ed833e7/3177623560/paint-net-3177623560.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c34db9e89431e06c8672a6775ac1c3b40b6412c2d3285e738110312bf106649e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:28:13 GMT
server
Cloudinary
etag
"b351684df90aeff0f10572b0c745db18"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="3177623560.webp"
server-timing
cld-akam;dur=8;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1600,oheight=1600,obytes=1803297"
accept-ranges
bytes
timing-allow-origin
*
content-length
2060
microsoft-paint-3d-Download-Paint-3D.jpg
images.sftcdn.net/images/t_app-icon-s/p/26bc3ecb-05e7-478a-84d0-e377246b4fb1/104798958/ 		510 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/26bc3ecb-05e7-478a-84d0-e377246b4fb1/104798958/microsoft-paint-3d-Download-Paint-3D.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
abb3310821d9b095e9b585e686496fb3c1afdb13d45a13591b040f7462310335
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 10:12:45 GMT
server
Cloudinary
etag
"17e0eac4f24167dc912d946c04acfa1b"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="104798958.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=500,oheight=500,obytes=13052"
accept-ranges
bytes
timing-allow-origin
*
content-length
510
ez-paint-logo.png
images.sftcdn.net/images/t_app-icon-s/p/601172de-9b32-11e6-9e88-00163ec9f5fa/1627856468/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/601172de-9b32-11e6-9e88-00163ec9f5fa/1627856468/ez-paint-logo.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
6d827e8744c056488de8ec17e127de4f184498516902a206a384587c88e9c08e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:47 GMT
server
Cloudinary
etag
"e139359d16e6ef883ddf34a306170b4b"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1627856468.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1024,oheight=1024,obytes=636285"
accept-ranges
bytes
timing-allow-origin
*
content-length
2098
powerpaint-logo.png
images.sftcdn.net/images/t_app-icon-s/p/0df7a822-96d9-11e6-a6a9-00163ed833e7/1603049781/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/0df7a822-96d9-11e6-a6a9-00163ed833e7/1603049781/powerpaint-logo.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
695acd476f7cdb5c3315418dc9a70449dc5f4c0f966c0ca89dabbbeb2ecfca5f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:57:39 GMT
server
Cloudinary
etag
"b5c65c2db79b9c671dc73a770e142654"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1603049781.webp"
server-timing
cld-akam;dur=9;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=832,oheight=832,obytes=556831"
accept-ranges
bytes
timing-allow-origin
*
content-length
5358
paint-apps.24379.14170710832825752.0337f199-11f5-4ef1-848d-cfb7a32bb128.png
images.sftcdn.net/images/t_app-icon-s/p/c8115099-8c74-4909-b8e9-f31be2d1be07/2077811404/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/c8115099-8c74-4909-b8e9-f31be2d1be07/2077811404/paint-apps.24379.14170710832825752.0337f199-11f5-4ef1-848d-cfb7a32bb128.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f9253b64091899ae1e4666f0986cd97dec15ad2fc3dbf64a77ea5bb02e3600de
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:47 GMT
server
Cloudinary
etag
"f98b073195d9e94e8740659efff46fbb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="2077811404.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.198Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1080,oheight=1080,obytes=226606"
accept-ranges
bytes
timing-allow-origin
*
content-length
1552
mypaint-1200px-Mypaint-icon.svg.png
images.sftcdn.net/images/t_app-icon-s/p/3978bd2c-912c-11e6-a715-00163ed833e7/1300436678/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3978bd2c-912c-11e6-a715-00163ed833e7/1300436678/mypaint-1200px-Mypaint-icon.svg.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1cd5ba7ca4f09f5c63bc6a1f570adb055f9b24f59b2c862fb110d6f06fcdfe88
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:57:26 GMT
server
Cloudinary
etag
"c5af405a4febf5f4c3624f553eb0357c"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1300436678.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1200,oheight=1200,obytes=125680"
accept-ranges
bytes
timing-allow-origin
*
content-length
2646
hatzek-color-picker-HatzeK%20Color%20Picker-icon.png
images.sftcdn.net/images/t_app-icon-s/p/001f5a81-a50f-4e96-9c24-dc644bfc4498/188070687/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/001f5a81-a50f-4e96-9c24-dc644bfc4498/188070687/hatzek-color-picker-HatzeK%20Color%20Picker-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
b0353b2428b1b998266f6e1e09ae90d46988e11510846c5af3f82b65bdc2ab68
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:50:51 GMT
server
Cloudinary
etag
"d1ee031bc1165947759ca44e37948b44"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="188070687.webp"
server-timing
cld-akam;dur=8;start=2023-12-07T08:44:37.202Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1000,oheight=1000,obytes=279926"
accept-ranges
bytes
timing-allow-origin
*
content-length
2244
blockbench-Blockbench-icon.png
images.sftcdn.net/images/t_app-icon-s/p/5d084fb5-93fa-4142-96ff-f30ddc62aed0/1998659800/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/5d084fb5-93fa-4142-96ff-f30ddc62aed0/1998659800/blockbench-Blockbench-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
bb6781c190d7e37a4cc0919b5df551cf6073ffa8c1adba39b1e37d9e2df23e84
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:03:56 GMT
server
Cloudinary
etag
"91bfaa95873b2b25ea316e721a84fdec"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1998659800.webp"
server-timing
cld-akam;dur=19;start=2023-12-07T08:44:37.209Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1000,oheight=1000,obytes=395222"
accept-ranges
bytes
timing-allow-origin
*
content-length
3724
macromedia-flash-8-Macromedia%20Flash%208-icon.png
images.sftcdn.net/images/t_app-icon-s/p/58692776-6e11-4287-8bde-b589b74d774f/3273350187/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/58692776-6e11-4287-8bde-b589b74d774f/3273350187/macromedia-flash-8-Macromedia%20Flash%208-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
3d2ffa22e8456d81ff265d6967dc4172fd680c65750f0932d5fdf97b408747f3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:50:52 GMT
server
Cloudinary
etag
"e2695245de85047e7db5620743e2edd6"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="3273350187.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1000,oheight=1000,obytes=404745"
accept-ranges
bytes
timing-allow-origin
*
content-length
3940
vovsoft-image-combiner-VOVSOFT%20Image%20Combiner-icon.png
images.sftcdn.net/images/t_app-icon-s/p/0b623b68-f5d6-40e5-ad4d-3b186bff1115/4223311942/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/0b623b68-f5d6-40e5-ad4d-3b186bff1115/4223311942/vovsoft-image-combiner-VOVSOFT%20Image%20Combiner-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1891412a5ce7c546a60d3a1f9b04c51a94860eadbf51a9e248daa109ea349796
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:50:51 GMT
server
Cloudinary
etag
"1d18b5fc68b5c2feda1dbe62b2450375"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="4223311942.webp"
server-timing
cld-akam;dur=9;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1000,oheight=1000,obytes=373798"
accept-ranges
bytes
timing-allow-origin
*
content-length
2830
blender-icon.png
images.sftcdn.net/images/t_app-icon-s/p/dfc9dea4-96d1-11e6-97bc-00163ed833e7/3780019931/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/dfc9dea4-96d1-11e6-97bc-00163ed833e7/3780019931/blender-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5a9fbb63184170ae5494679db38323083298244123d6ec538710990657aa3ea5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:52:47 GMT
server
Cloudinary
etag
"bbd510b4ef84673d6e8c27bba494a0b5"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="3780019931.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1251,oheight=1251,obytes=57403"
accept-ranges
bytes
timing-allow-origin
*
content-length
1072
canva-Screenshot_5.png
images.sftcdn.net/images/t_app-icon-s/p/7155f046-ebae-4198-91e2-3aa5c098248a/4083298409/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/7155f046-ebae-4198-91e2-3aa5c098248a/4083298409/canva-Screenshot_5.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
77d4fb7b2ccebfe77a24edc9a92e6cd38d16b177ef1b46bf93f318c94badd546
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 07 Feb 2023 09:46:09 GMT
server
Cloudinary
etag
"4be79ffcd3acada91c4d13e7d6eee145"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="4083298409.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.198Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1152,oheight=1152,obytes=210232"
accept-ranges
bytes
timing-allow-origin
*
content-length
1718
nvidia-canvas-NVIDIA%20Canvas-icon.png
images.sftcdn.net/images/t_app-icon-s/p/f45eb643-9a43-4759-8285-bf0f4d6ef6cc/3363107116/ 		642 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/f45eb643-9a43-4759-8285-bf0f4d6ef6cc/3363107116/nvidia-canvas-NVIDIA%20Canvas-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
44cfd18a9a33a8a73d2f578bc94312cdd788525534222bca0ca45bf32ca99929
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:50:53 GMT
server
Cloudinary
etag
"f6cb5b7d7b7225d4178223611101f6a2"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="3363107116.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.198Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1000,oheight=1000,obytes=338374"
accept-ranges
bytes
timing-allow-origin
*
content-length
642
trapcode-particular-Trapcode%20Particular-icn.jpg
images.sftcdn.net/images/t_app-icon-s/p/f422ad37-a1b4-45f5-bb7b-be3487f0b8cb/1154722674/ 		542 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/f422ad37-a1b4-45f5-bb7b-be3487f0b8cb/1154722674/trapcode-particular-Trapcode%20Particular-icn.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
fc3dbdab60d03bb514386f0848b2b74368ff1582526ebc2d997f2c4a4860dc2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:50:52 GMT
server
Cloudinary
etag
"929ac0ba3d7ae059d55b41c3af1c6810"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1154722674.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.198Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=900,oheight=900,obytes=34348"
accept-ranges
bytes
timing-allow-origin
*
content-length
542
sketchup-make-logo.png
images.sftcdn.net/images/t_app-icon-s/p/6ace56ac-96d1-11e6-9569-00163ed833e7/3551965340/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/6ace56ac-96d1-11e6-9569-00163ed833e7/3551965340/sketchup-make-logo.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c76144afe8f63083deb326395798ca301f228142648e2398bc1bad57db352240
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:55:48 GMT
server
Cloudinary
etag
"73b2d9e4c259e9dee7d3a0240accb4ac"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="3551965340.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.198Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=1600,oheight=1600,obytes=947818"
accept-ranges
bytes
timing-allow-origin
*
content-length
2552
figma-icon.png
images.sftcdn.net/images/t_app-icon-s/p/575a48e6-3c85-4e97-9632-b5283becbe43/1125546683/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/575a48e6-3c85-4e97-9632-b5283becbe43/1125546683/figma-icon.png
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:1:5a0::29cc Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0d76a4535398952947c4cd847cd5c7d1bc406de3adfe3a6140d19bbbc443c397
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:52:46 GMT
server
Cloudinary
etag
"ae4506bd823fc68890ad91907163910f"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="1125546683.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.197Z;desc=hit,rtt;dur=2,content-info;desc="width=112,height=112,owidth=800,oheight=800,obytes=247535"
accept-ranges
bytes
timing-allow-origin
*
content-length
1432
paint-alternatives-768x433.jpg
articles-images.sftcdn.net/wp-content/uploads/sites/3/2017/07/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-images.sftcdn.net/wp-content/uploads/sites/3/2017/07/paint-alternatives-768x433.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cecc9f4c46262cee0cb1e8c3e0296320390e258a717435eb85a1cd15ce1fcdd1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-cache-hits
135
date
Thu, 07 Dec 2023 08:44:37 GMT
via
1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
SIN52-P1
age
716134
x-cache
Hit from cloudfront, HIT
content-length
82725
x-served-by
cache-qpg1260-QPG
last-modified
Tue, 25 Jul 2017 13:04:46 GMT
server
AmazonS3
x-timer
S1701938677.244703,VS0,VE0
etag
"fbc8260eea4fc7172b98128788b499ea"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5Mq41ygWoqU-T9f46mXhjcBhbC2dj4PUb3-QfFHtGr1aKmVKXlj1Fw==
expires
Wed, 25 Jul 2018 13:04:44 GMT
Como-jugar-a-Red-Dead-Redemption.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/3/2023/12/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/3/2023/12/Como-jugar-a-Red-Dead-Redemption.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
46e58095972e34fc952c5f577284edc55c0ef49519de344e5d99df92d48f9a1f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 07 Dec 2023 07:56:51 GMT
server
Cloudinary
etag
"2753ec7d21f545ba2dcc8de88b4e364d"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="Como-jugar-a-Red-Dead-Redemption.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.595Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=33012,owidth=1200,oheight=675,obytes=119076"
accept-ranges
bytes
timing-allow-origin
*
content-length
33012
avatar.jpg
articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/3/2023/12/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/t_article_cover_m/auto-mapping-folder/sites/3/2023/12/avatar.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
9e71d87f1abaef24ebba36673d220ee40098228dc7a40c206b8cf188f78a9c37
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 07 Dec 2023 07:44:38 GMT
server
Cloudinary
etag
"b6c09f1ca44833f453fc745499d94b24"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="avatar.webp"
server-timing
cld-akam;dur=7;start=2023-12-07T08:44:37.597Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=21868,owidth=1200,oheight=675,obytes=81760"
accept-ranges
bytes
timing-allow-origin
*
content-length
21868
HomeKit-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/HomeKit-1.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1ddc103c65fc159d69e01e1ae4832a98210ba08aea92640d6a05f7025c471d64
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="HomeKit-1.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.603Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=30784,owidth=1200,oheight=675,obytes=115664"
content-length
30784
last-modified
Sun, 17 Sep 2023 20:23:39 GMT
server
Cloudinary
etag
"c5358c8a24f7c0d879dfeec87ec9bee0"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
Una-estrella-naciendo-por-la-NAS.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/Una-estrella-naciendo-por-la-NAS.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0c54be6824f193624b8e91c04738961b7ef7ae050addde2af71d702f8fdcdaf4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Una-estrella-naciendo-por-la-NAS.webp"
server-timing
cld-akam;dur=4;start=2023-12-07T08:44:37.600Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=14758,owidth=1200,oheight=675,obytes=49866"
content-length
14758
last-modified
Wed, 20 Sep 2023 07:14:45 GMT
server
Cloudinary
etag
"db43e447e047114bcbabff23f834ad4b"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
el-cuerpo-en-llamas-dest-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/el-cuerpo-en-llamas-dest-1.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
150af49c0a11f1ee04d61d53e3c33f190480de55f9306c7d2b6a4dd1d417da34
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="el-cuerpo-en-llamas-dest-1.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.637Z;desc=hit,rtt;dur=4,content-info;desc="width=768,height=432,owidth=1200,oheight=675,obytes=100248"
content-length
24176
last-modified
Mon, 11 Sep 2023 12:28:21 GMT
server
Cloudinary
etag
"5ded126778479a70e9c3ffd4456b2e8e"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
design-large.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/design-large.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
f5df9763b2dbd0db990559c7d8c8443d3ef61f237d382aeb32675eb7fbb0f0c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="design-large.webp"
server-timing
cld-akam;dur=7;start=2023-12-07T08:44:37.585Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=11970,owidth=1200,oheight=675,obytes=61433"
content-length
11970
last-modified
Mon, 18 Sep 2023 15:35:48 GMT
server
Cloudinary
etag
"f8b0869331d18e4cef5bea13b6874270"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
berlin-serie-estreno-1.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/berlin-serie-estreno-1.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
dcebc3c23c4f678ecdf09c536ed2fa0fa1f5e23f18050900f3d636b164053119
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="berlin-serie-estreno-1.webp"
server-timing
cld-akam;dur=6;start=2023-12-07T08:44:37.610Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=16378,owidth=1200,oheight=675,obytes=71508"
content-length
16378
last-modified
Tue, 19 Sep 2023 13:16:09 GMT
server
Cloudinary
etag
"811e0ca2a10c4f5205b9f616d08051b2"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
Hero.jpg
articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://articles-img.sftcdn.net/f_auto,t_article_cover_m/auto-mapping-folder/sites/3/2023/09/Hero.jpg
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1413:b000:1b::17d7:717 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
64115c42fecf0b475d10cb72b54a5e1412f5c5f7b46bdd031e04359e3b38990e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="Hero.webp"
server-timing
cld-akam;dur=5;start=2023-12-07T08:44:37.609Z;desc=hit,rtt;dur=2,content-info;desc="width=768,height=432,bytes=18976,owidth=1200,oheight=675,obytes=66515"
content-length
18976
last-modified
Sat, 16 Sep 2023 14:40:38 GMT
server
Cloudinary
etag
"7abb9afa034c0b97674182b052d892d9"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
call_to_action_arrow_v2.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 72E4 		209 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow_v2.svg
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r4&nocache=5151701938676598&num=0&output=afd_ads&domain_name=ms-paint.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=480&dt=1701938676599&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=7204&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Fms-paint.en.softonic.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 18:47:54 GMT
age
50203
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Thu, 07 Dec 2023 17:47:54 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 72E4 		200 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?psid=3261714721&client=softonic&r=m&hl=en&rpbu=https%3A%2F%2Fen.softonic.com%2Fs%2F%3Frscp%3D12345678%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301157&format=r4&nocache=5151701938676598&num=0&output=afd_ads&domain_name=ms-paint.en.softonic.com&v=3&bsl=8&pac=0&u_his=2&u_tz=480&dt=1701938676599&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=7204&frm=0&cl=579967862&uio=wi290-&cont=rscontainer&jsid=csa&jsv=579967862&rurl=https%3A%2F%2Fms-paint.en.softonic.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 20:00:16 GMT
age
45861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Thu, 07 Dec 2023 19:00:16 GMT
sid
mug.criteo.com/ Frame E28C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=softonic.com&sn=ChromeSyncframe&so=0&topUrl=ms-paint.en.softonic.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=woqqdnxZQjdpNEtGRG1PQjV5WjNPdnpCUXJUZEtRWlVYYWMrcGRUUEV5NFVkK0R0ZldONERwbFBWV2xPNGJpa1ByVldhTWRFVFJHMzYxWUhnbWtzTVc5bkhiMFVpZWNubnRLL1VHNnc5TXArTHc1bmdGSGExblhpdmM5VD...
438 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=woqqdnxZQjdpNEtGRG1PQjV5WjNPdnpCUXJUZEtRWlVYYWMrcGRUUEV5NFVkK0R0ZldONERwbFBWV2xPNGJpa1ByVldhTWRFVFJHMzYxWUhnbWtzTVc5bkhiMFVpZWNubnRLL1VHNnc5TXArTHc1bmdGSGExblhpdmM5VDFkRDRLL2RkWVltRXRhM0dLYzVWSEFldUN6NVdmOURodU5ZS3NJT01mbW9qNnZuYXREbTZvemdqSHpMUEUwdEdqV2l4UFlKOUFQc1FFU3ZTMi9qRHBzTzNFVS8vK09OL2c1d3UzdU9POXdrNTFrNDNSZXVwbERHZGtlcFBNQnJJQXY3YmUzbVg5eTl3K3kwcTMyQ3FXZ1BMMEVMaVJkdlEvYmN2NXNpU3BwV3hwdVNTTEZoMD18&cppv=2
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
06b7a8bc64b391f4ce451c7594b97e097b88b9f9e5c04deef70198e7fd86da60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1781932
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=woqqdnxZQjdpNEtGRG1PQjV5WjNPdnpCUXJUZEtRWlVYYWMrcGRUUEV5NFVkK0R0ZldONERwbFBWV2xPNGJpa1ByVldhTWRFVFJHMzYxWUhnbWtzTVc5bkhiMFVpZWNubnRLL1VHNnc5TXArTHc1bmdGSGExblhpdmM5VDFkRDRLL2RkWVltRXRhM0dLYzVWSEFldUN6NVdmOURodU5ZS3NJT01mbW9qNnZuYXREbTZvemdqSHpMUEUwdEdqV2l4UFlKOUFQc1FFU3ZTMi9qRHBzTzNFVS8vK09OL2c1d3UzdU9POXdrNTFrNDNSZXVwbERHZGtlcFBNQnJJQXY3YmUzbVg5eTl3K3kwcTMyQ3FXZ1BMMEVMaVJkdlEvYmN2NXNpU3BwV3hwdVNTTEZoMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
339155
content-length
0
expires
0
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=287666567&t=pageview&_s=1&dl=https%3A%2F%2Fms-paint.en.softonic.com%2F&ul=en-us&de=UTF-8&dt=MS%20Paint%20-%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCACAAI~&jid=1692272829&gjid=2059753239&cid=2017101036.1701938677&tid=UA-152357-1&_gid=422360090.1701938677&_slc=1&gtm=45He3bt0n715LWWHPv6335967&cd1=%2Fprogram_page&cd2=1&cd3=windows&cd4=multimedia&cd5=graphic-design&cd6=no&cd7=no&cd8=Dinkar%20Kamat&cd10=yes&cd11=yes&cd12=SG&cd14=free&cd15=2017-07-24&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd17=0&cd18=yes&cd19=8.475728155339805&cd21=ad1de8c1-a23d-4e96-9b21-0ce5aec78b2d&cd52=%2Fprogram_page&cd72=&cd79=MS%20Paint&cd82=redirectionDownload&cd85=2023-10-10&cd94=f609c992-7df9-41d4-9728-1324788fc2a1&cd97=&cd110=&cd112=dexter&gcd=11l1l1l1l1&dma=0&z=997064729
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152357-1&cid=2017101036.1701938677&jid=1692272829&gjid=2059753239&_gid=422360090.1701938677&_u=YCDAgEABAAQCAGAAI~&z=43671865
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 07 Dec 2023 08:44:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk0-106c41.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-106c41.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
04f9eb66f1350f618ef4ba5e353952e140b01a682483c89ccb427d61c30035f8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Sat, 23 Nov 2024 08:24:33 GMT
date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
1124404
x-cache
HIT, HIT
x-envoy-upstream-service-time
11
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7821
x-served-by
cache-ams12726-AMS, cache-qpg1237-QPG
last-modified
Thu, 23 Nov 2023 12:10:24 GMT
server
istio-envoy
x-timer
S1701938677.251628,VS0,VE0
etag
W/"655f4130-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
23, 7018
chunk1-197456.mjs
sc.sftcdn.net/scripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-197456.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c3a7786a81163c5123afd76194895fa5d22dc80cd0da1f1c68fdb64ce5311bba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Tue, 26 Nov 2024 13:29:50 GMT
date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
846888
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5849
x-served-by
cache-ams12782-AMS, cache-qpg1237-QPG
last-modified
Thu, 23 Nov 2023 17:36:16 GMT
server
istio-envoy
x-timer
S1701938677.252307,VS0,VE0
etag
W/"655f8d90-5053"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
18, 7010
chunk7-3851c4.mjs
sc.sftcdn.net/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk7-3851c4.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5e64b65cbeed2febd747cf07f4099feee51448ac4eb3b85233eeeae184bfe7cf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Tue, 26 Nov 2024 13:29:50 GMT
date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
846886
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2920
x-served-by
cache-ams12735-AMS, cache-qpg1237-QPG
last-modified
Thu, 23 Nov 2023 17:36:16 GMT
server
istio-envoy
x-timer
S1701938677.252284,VS0,VE0
etag
W/"655f8d90-27e1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
30, 5985
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152357-1&cid=2017101036.1701938677&jid=1692272829&_u=YCDAgEABAAQCAGAAI~&z=538077872
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152357-1&cid=2017101036.1701938677&jid=1692272829&_u=YCDAgEABAAQCAGAAI~&z=538077872
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=G6vyPsNp&w=5299385968099328&o=5633429348548608&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fms-paint.en.softonic.com%2F&sid=7oFUlY5Tq&pm=true&upapi=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 08:44:37 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
chunk18-c15f71.mjs
sc.sftcdn.net/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk18-c15f71.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-7fb8e.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
b5264fcc9ea70a1630a36b917d208a9fd01e160a9c5e00aa714509ffd23ae1e7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Tue, 26 Nov 2024 13:29:50 GMT
date
Thu, 07 Dec 2023 08:44:37 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
846887
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
851
x-served-by
cache-ams21049-AMS, cache-qpg1237-QPG
last-modified
Thu, 23 Nov 2023 17:36:16 GMT
server
istio-envoy
x-timer
S1701938677.304849,VS0,VE0
etag
W/"655f8d90-692"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
17, 7025
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
711ebc8b23d67272db588ea186216394ed364108b246a18beb5f6918dd2297c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ms-paint.en.softonic.com
date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
691.json
id5-sync.com/g/v2/ 		663 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: softonic.com
URL: https://softonic.com/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5df4c91ff8643e8e503a4fdb21a959c1a3a2b20c8d4cedc36fff63ff5ed1c7d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ms-paint.en.softonic.com
date
Thu, 07 Dec 2023 08:44:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		191 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=191698288536130&correlator=3238190103037896&eid=31079828%2C31079830%2C21065724&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-en%2CApps%2CProgrampage%2CATF_MPU_First%2CATF_Notificationbar%2CATF_Leaderboard_First%2CATF_MPU&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8&prev_iu_szs=300x600%7C300x250%7C300x180%7C300x150%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600%2C320x50%2C1x1%7C970x250%7C970x90%7C960x90%7C950x90%7C728x90%7C500x90%7C468x90%7C468x60%2C300x250%7C300x180%7C250x250%7C200x200%7C180x150&fluid=0%2Cheight%2C0%2C0&ifi=2&didk=3758857423~2641185686~1866715383~2257823739&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da56033b9b8e303be%3AT%3D1701938676%3ART%3D1701938676%3AS%3DALNI_Mb2x1-yznxtM1SzfQH32YyPtwErbA&gpic=UID%3D00000ca685e59f8e%3AT%3D1701938676%3ART%3D1701938676%3AS%3DALNI_Mai2KTf9Mu45RU4nCM5pBo0TKz-jg&abxe=1&dt=1701938677882&lmt=1701938677&adxs=1116%2C0%2C477%2C153&adys=470%2C0%2C258%2C133&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fms-paint.en.softonic.com%2F&vis=1&psz=300x0%7C1600x0%7C970x0%7C300x0&msz=300x0%7C1600x0%7C970x0%7C300x0&fws=512%2C4%2C4%2C512&ohw=0%2C1600%2C970%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=2017101036.1701938677&ga_sid=1701938677&ga_hid=287666567&ga_fc=true&dlt=1701938676102&idt=646&prev_scp=pos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtop-mpu-1%26hvi%3Dfalse%26type%3Dtop_display_mpu%26afcSlotId%3D2833355604%7Cpos%3Dtop%26countryCluster%3DA4%26td-slot%3Dnative-notificationbar%26hvi%3Dfalse%26type%3Dnative_notificationbar%26devicePlatformId%3Dwindows%7Cpos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtop-leaderboard-1%26hvi%3Dfalse%26type%3Dtop_display_leaderboard%7Cpos%3Dtop%26countryCluster%3DA4%26td-slot%3Dtd-top-mpu-bf%26hvi%3Dfalse%26type%3Dtop_display_mpu&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26file%3Dad1de8c1-a23d-4e96-9b21-0ce5aec78b2d%26reviewvecna%3Dfalse%26recat%3Dmultimedia%252Cgraphic-design%26hosted%3Dfalse%26compliant%3D1%26devel%3D0%26locale%3Den-US%26author%3DMicrosoft%2520Corporation%26content%3Drich%26country%3DSG%26region%3DC%26ab_medium%3Dundefined%26platformId%3Dwindows%26ad_session_id%3D73cd646e-9f7e-4754-a162-65cb3f981285%26pv%3D1%26ab_upr%3D6%26personalized%3D1&adks=1913829646%2C3361850746%2C3361797518%2C4177297281&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98df6061403a1428fd8a9fa06f3de2018046912c11af1a5dca62432f01073cae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36290
x-xss-protection
0
google-lineitem-id
5695057376,5694472078,6152614789,6392528629
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138375696042,138349710489,138449331653,138452936427
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 76B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_vFOxCk019aRLkycAhsSoo_xX0V906F5YyAe0djydEGfQAsvs-wBFJIkrnkGS1tT6iGeAdQqSaTRsRc7ebFow5y6fZu6rlX255VzuGX3GgwwCiGGKXrZETZUg1Bdly_en1tCSAJHTuZ2NJhafHrvP8hySdVwEABv_KC2mRye2Nc_4ev29nwXxW2_yNvw0Ruzy0INBZillnuh3CPTkMcSbvH2f2bXKlIiChLU-Gq97-XmbRmDAjZzD3BBBi_dPyLAVleYhaNOlxycmBdwexRSC2sfFChm2vReClK7YA-ndK0Cqsrc1_z1oACsQCHVhCO5-Ue2zkn1xZfd4NJ9WJa_xoDIlQ2SE4mIY3jXZ72a1_rl0jMvZ-CkOKNPsNtwewb7E3U5uKdj6osgbPQWkRjAYSOXQ_k9HCVILFxidfgVQsQhVslDv&sai=AMfl-YSLj77CHFFSAZ0GVlci6LSIhGConryg2ZT0pg_3jMqrrehkAmnkpjp5esCGu9Y5uNfERPZ0FybDMLeoAAg4TcXWM-aUj4v5mc3B_kkUiceXGU8AhibMwwauBUondh_P-Xfao-soFbOkHw&sig=Cg0ArKJSzAqp-xu030bhEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 76B0 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
5826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:07:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 76B0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
3546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:45:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 76B0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:44:38 GMT
1303599499843459178
tpc.googlesyndication.com/simgad/ Frame 76B0 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1303599499843459178
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fd0c16003687620d957e806b317dba9d822a89696390f0f8a5260d0a1793c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:57:07 GMT
x-content-type-options
nosniff
age
92851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69146
x-xss-protection
0
last-modified
Mon, 20 Dec 2021 10:09:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 06:57:07 GMT
l
www.google.com/ads/measurement/ Frame 76B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVAM9KLwEUiKjE9kYdVlF_HSkaXEaM7JMVgVa009ktc9Fs-AaaOxgm2loXsLzCnc6u3mnodijH24ETJWybQ8a3JfMp4w
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
container.html
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74E5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ms-paint.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 08:44:36 GMT
expires
Fri, 06 Dec 2024 08:44:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2CDC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ms-paint.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 08:44:36 GMT
expires
Fri, 06 Dec 2024 08:44:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4B23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFbI9ghtDZdq_SASHN4MhTmaKLPbXaIKhl-N8bBqFgL_5jEKmBSmdKRzPbj5y7RriMFj37FOomqZ-s9dZtFby5U8h86swvB5nFlQKwc6SPjqivMHOXkeNSZyFpMc4dVJxjypUgH6GQ21Z5wg-zOUL8U1UnO2mJ0C2Ypgjfi8mTOrhWaw2JIlWwytlT1Vrel0SfujbYxEkNx8AJmlINurKKqRYp8brFNcyJOHWa8HCeCDdxpFMzAnjZKO7qHQbwzNATUq7ZGvtVuiN0nIz9dWSAkmzucyJfbS6opZg6kVdsGXlv-7l0CZZLoZ-2A81WeT4o172q3cBJqkAoFOC6W-DN9v7-zkIKGvX2weBKLUk70tRJcRjtG_pqKKLeOcOmSrt19jeDUKx-H1aLoMCAwTCwQ1hkcEiee8dVUBj4hksK&sai=AMfl-YQo_-dmJVcU-1m6ZuLFfsk_N8FKqwDy5wnGK1ceNnyFFUbN3lvv2E_4SwJ-MaO21NEvze_TuQMSPtBen2LyEnOlF9kIRmaEeCjoGTMOOJ7qtSZOS2_GTSzNxNeioTpJyDRI92wU5AqmgQ&sig=Cg0ArKJSzOfC6OJ0u5k0EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 4B23 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
5826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:07:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 4B23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
3546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 07:45:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4B23 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:44:38 GMT
5982918287493759456
tpc.googlesyndication.com/simgad/ Frame 4B23 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5982918287493759456
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80bb73a90ab868182222fd3d4bc856e4d09c90e2db8bb64114df261006b6478c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 23:06:02 GMT
x-content-type-options
nosniff
age
34716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101008
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 14:26:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 23:06:02 GMT
l
www.google.com/ads/measurement/ Frame 4B23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnLEAi4KjwFtAQE1AYtV_CnL1EsZIM3OWtNjpRwaLciRw7YZ5ieq-Ej0VgfjQh2e1wduPzdI9Ju2VEhYI8CgTKeDcF1g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
truncated
/ Frame 76B0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9d76b608bb35734b3d3b11e49bdd905f2f05a4ce6a126b6bb5eae886dd476af

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4B23 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c09c122a316e9abe79c0fc710e7a807ce768041ca4a55887c69111b6dc0de1d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
3177
config.aps.amazon-adsystem.com/configs/ 		505 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3177
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.178.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-178-41.kul50.r.cloudfront.net
Software
CloudFront /
Resource Hash
a52d8c5106a62343fd49bceb847b24dad6e4fb24b284fe76aefccc36b03ba46d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:13:04 GMT
via
1.1 41c06d8a12e9a33e89f3ec25030f08a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
KUL50-C1
age
1894
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
TyPwcgPQVI7I3C0K5NSDARhBFBd4qD5rVBOSuSAHGMPWNOwLrjNNUg==
config
c.amazon-adsystem.com/cdn/prod/ 		487 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fms-paint.en.softonic.com
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.184.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-184-126.kul50.r.cloudfront.net
Software
Server /
Resource Hash
5c4e5cd8435dc7b4a36fa0cfd3aae88b04dfe0da24dfbcee3732d683424cf4a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:44:56 GMT
via
1.1 ce69143a5462de56d3dccc46968a1a48.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-P2
age
3582
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ms-paint.en.softonic.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
487
x-amz-cf-id
WuWA_U19C0LFLQKUL6zZ82ywxJzG_nVOoMjjYqlPRATP71dbVF9Z9g==
bid
aax.amazon-adsystem.com/e/dtb/ 		146 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fms-paint.en.softonic.com%2F&pid=cTw8NQTjCw5EN&cb=0&ws=1600x1200&v=23.1129.2055&t=1000&slots=%5B%7B%22sd%22%3A%22top-mpu-1__ad%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22top-leaderboard-1__ad%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%2C%22500x90%22%2C%22468x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FProgrampage%2FATF_Leaderboard_First%22%7D%2C%7B%22sd%22%3A%22td-top-mpu-bf__ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x180%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-en%2FApps%2FProgrampage%2FATF_MPU%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
8f530598095d8f626ee1f4845b364f1911bc77ce82ad28033b6d08a84c7073e6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:37 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ms-paint.en.softonic.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
146
x-amz-cf-id
iUY3xBl7Qjn3cK1FlX2IPdFEhCJ2EMoJ6ZIkPVNTLGeOpd9InKRF0A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.184.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-184-126.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 4ed2b70a61bf89b1e1499207f6c8d2e6.cloudfront.net (CloudFront)
date
Wed, 06 Dec 2023 11:39:38 GMT
x-amz-cf-pop
KUL50-P2
age
75901
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PWonETgmATuYxvhw2DvYUAt35CSchl25l1GnRjoUo3YB2IQbCea3Cw==
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 74E5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
83906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Dec 2024 09:26:12 GMT
css
fonts.googleapis.com/ Frame 74E5 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=zh-CN
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 08:33:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 08:44:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 74E5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:44:38 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2CDC 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
83906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Dec 2024 09:26:12 GMT
css
fonts.googleapis.com/ Frame 2CDC 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&lang=zh-CN
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 08:34:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 08:44:38 GMT
5604036090557455182
tpc.googlesyndication.com/simgad/ Frame 2CDC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5604036090557455182?
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48bf4eccb27f08f7bc7e47741b957a759794b617f309001d324ecb6b7dd04e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 07:01:44 GMT
x-content-type-options
nosniff
age
92574
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50229
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:05:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 07:01:44 GMT
12877493508109662489
tpc.googlesyndication.com/simgad/ Frame 2CDC 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12877493508109662489?
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a80da7e4f8804a61df30296eb649a6fd485f1e3d8d5e6b5a06b787dde3821421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:43:19 GMT
x-content-type-options
nosniff
age
93679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59390
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:05:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 06:43:19 GMT
2488472094530900443
tpc.googlesyndication.com/simgad/ Frame 2CDC 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2488472094530900443?
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ec28576cc919250e200ae2f88a9be261dc7a4121fc1198a7c4f15971fd2d48c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 07:07:44 GMT
x-content-type-options
nosniff
age
92214
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59668
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:05:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 07:07:44 GMT
6817938780095228570
tpc.googlesyndication.com/simgad/ Frame 2CDC 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6817938780095228570?
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36169d28a058c066b2b0de545eda3607c9c288c1933aae08760ce452a4695f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:54:16 GMT
x-content-type-options
nosniff
age
93022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48026
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:05:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 06:54:16 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2CDC 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 08:44:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 76B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWmEFvVG1zH3vfYza1nnI7-wCcykVGmj0FtfF1Mcw01q2EFUQueYhpTWtwhpKarwiAJBxEQfQOaU_pk4WfFcKXXjKx50LoxK6eMqlGMaLQKIwlBVlN1vHIcO8UTCq9zvwUz3H0vXcgHxoYKQYzAykTPUr5euyFC4JBng06jBo-qz_SbmFRuhYAW_ePBRR-kj7BkK-lKazOkGiOG75-LeSWFivPTGnXzhvToHAXm1UNMr1Iay-Zlygva24vzDN-IIYIz2WMuwFpNkjKmHZhANJiz4DMc3-h-4oo_IypXGr8cJxsF7SP5cp_95V6Y2owRKcrT24msbUqc-XYiYyrX9FLHSuJf-yC2ajMtfsHCxhO5-4KeRoJLiMSiwGjfh1k7zQp2zzyy8pSUS7HTqVhVZh03GAn-e37kduC&sai=AMfl-YRpe77pWCsEnZ8wnb3yrAvXpRmRs5jlI9AMdBuxhRBqRMjVeJcuRD7oBS-uc0n1JqwRW7FHfv2Ydw3TteBZ6UgGPW9Ynf0SVxRXyz_2Vd9iwcjxCM-y82mHytqsmEl6OI3pAPTXKOD_JQ&sig=Cg0ArKJSzByqfJ1EqG9VEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 08:44:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJOAW1sbpkwTzNu8jQO3nD6q0rJSjWY6X9MOtl6vvcEM0H-1ivBx1-zNMam6vjKyKMnMvfFumM9Kxl-7Ru7m4sCOmejzrBLidcO3D0kv76OrUzVuIYxgDRElGX3kZSzmkM_lkJPvYgaXWfGD3G2cQyRJaUaj28xaE8HfdbzCkR7NnxvmH46Cpi8uuvPMv8sJlgmxjr4-yu3fb-qwH6YFjsO0yNIlZCBeo8QGXwmPLwZPZAUFWoKpEoAJ67I3oFYXZ7LT5GEoV7XEFamnzosiWAs2xzNFyywGp3085aEPQpZCETrTDh4mwdYeg3uPXxAUYkA1jiPEifcboEJ2TRJz-nREvMjavA9ucrKPq0KG3k_1NgiQg5GECMY19PShHMubKK8udP4ElR_laSDxgt1yhUOqQj&sai=AMfl-YT9x9FllRUtLlIGKOKVqzKN3L-n6FJIkQoCBl7gLwBdG4Q4ehUy8i99wwiyqAVfJL3xnjD9uzEKa5Fm3d2DDzIuZv-Bs6AgaTCEjzOKV5osP0JGsZ22UlMYal9D69drQkYM0Vv60-xKsA&sig=Cg0ArKJSzFXi_nXnNs9pEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 08:44:38 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
NVC4G5YA5TTRD2WS
age
2957
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
831b7ce5e9515f3f-SIN
x-amz-id-2
+X7QhjkJFl4UQ7piMiYR8XEv8vkdCENlpFeTaKu3wm5iyxtWk8IaZ7bP+8LsUQ/p39BnfojSNOVgTRvZ3qJwcA==
gen_204
www.google.com/afs/ 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=softonic&output=uds_ads_only&zx=r7xhurowshs&aqid=9IVxZdzgMqP1rtoP7v6m6As&psid=3261714721&pbt=bs&adbx=802&adby=1723.84375&adbh=222&adbw=290&adbah=50%2C50%2C50%2C50&adbn=master-1&eawp=partner-softonic&errv=579967862&csala=472%7C174%7C237%7C95%7C77&lle=1&ifv=0&hpt=0
Requested by
Host: ms-paint.en.softonic.com
URL: https://ms-paint.en.softonic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::6a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-zTTnwoFvOm0NsU_eOURb1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-zTTnwoFvOm0NsU_eOURb1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Thu, 07 Dec 2023 08:44:38 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 74E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBqjgrEGQ3nZjOmbEcfXpAvedhayOKNsoPTMn32bEZEvllMybqssUSbA5GPdyqcErJCNTRMHXvoUE72RlAn9GpjpoqDrJqO4n766tjV6gQW8PvShurjaHaU_YNL1Woz1lXfsaysqBoXy-iKC0_isNk8JEuF--y2Cbgz0xUpbJi2VWFEM6t9W6QqAQ3L_2cusrvqo77XLh8zxF37JXmllvBqa7foWvIbxHtxBhGkkODhrX5ZMk-Hylagg34pT_jYPLNcpLBfHXpFMxUQ6yUrjZxA-WEFujk7wM2ErglLRj29b67RVNDxEcTDsABmsmR6q30r3Dyg82_8IlgeMVhG5TnGrPjZt7XULYmMfKx2aGhFGyPxEcWc1ezgMKRR-JulzxFO6kn_vc1RnWg8UAUAMyDTf1VdF0V8h_fmXK1zAQxW8AU9mZaHmh4U9dM0TGT&sai=AMfl-YQLROhrurSH_-PjUnoIJ7heKCsBMdQFCxAA8SSKYH5HTb0bvTF2EWMkW_aFbhCS-eFjMJ8IxHVBBD27HrIQtBzKx0XLfVQxfbmuZWggLEpRQBtLxIiOL6D2oD5B8S8ixcETs6oWf_GdVA&sig=Cg0ArKJSzJo6RFQLZHjUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2CDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYQp6-S02Ds13ymfP74Yj-0ujiNHUMw2w4tsVYXdtJFjtJOCrqsdgVnkLRlFlaCnzwp40YQUmYBb58scjCcAt8C0MTyIaTxXRoRqt_uWA1W1OI_oph9QPGwY-nw5eNGNhA-XSYPBgECDmE10jiKBjU09iWvbZD2DgfaLtWd0FJb2rHHEga0ipNG3-7Otyf2B6XY_eZU3Ce1nZTTtCIM5HUqEVX_EdK-1O6RoDMByh8DrTdKGau4ipcQYfuXq7MxRbsfR2itd-ugLbnb5DvS7edAu7UgBEVv-eSwcwYXg1vZVBIxJPOI7rSfoItngxC-lEUS3Af6SiTOt1VlpRUl_eegW1jJb8xAKy_inwOtQt0MjGl6R9ohhn2V4S3aA3pjd8D0oZ0ByveH5iVPzp-G41B7CTqzH7VIB81nOPHmG_z0G5SrFXDdMOQUiBT5f6p12Y&sai=AMfl-YSfMH0M9qObi_ZY6vUCUaidWtWjuBaIwsjANHBN2KdWtaMwkPoTNzVpJWdieIoPyxeLBuFmgQJxUrC81JCzxHWm_TP5PMuAeaXsZzn5dpgOW_EWdkwGR7GNvQzQomiIVWstaHdpGGfWwg&sig=Cg0ArKJSzJbq9I19_K59EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
URL: https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CDC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=zh-CN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 07:12:52 GMT
x-content-type-options
nosniff
age
91906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 07:12:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2CDC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=zh-CN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:49:15 GMT
x-content-type-options
nosniff
age
93323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 06:49:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2CDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr8N-msI9xVxxEQSViMuJwwBxK_8Fxhrm9vW3CdedSlzkVZrerIXgRbFP7KnwcBpxaVqpDAfq5OEK3k6DhWCJd3O9tbRI8MwLwKtz6jbjFrTrRKV_uNvtjJklZx9nRdKR-Vwyvt1oG6o2W8-I1VyTHUDR3nMp1Tu-Ov352mjAiODrdYzXorsoX868N948dpFqHOIDXxZpQa7WwCaMAoSuDxk_vGAZOz1EnDgTFEXUYJkB0d6aPQSrtFlbKyXmPFM-wwm1mIPIF2SzpMC_ovYzcRLwo6GJHmVG7AALu9C8n5pd0_71RZrfSlghp0HoX9F8ed0VBGkFGl4351ACeXln5DKqMxi2fRy3reKT3lvGXyGEnBQr1RReV-ARJwii5f_EgQeeuDvxmzvcKXG2VFhKb_TPKCSfhiVMUoa0Y7OrQSJI0WVM&sai=AMfl-YQ_SgL9RyTWb7EPM54c77o_eepsvEa3zauB4DFjEjOQIc4i5Uq96MXFNvVfI1S7UDRd2h_LcYUyIQhdyzQKwIHYOX5dY4L7JBkKzkTP5nnHo-URjnwQRoUPhgfLRUkQIBdVi4lcnNd_BQ&sig=Cg0ArKJSzMkpurwUyoByEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 08:44:38 GMT
iu3
s.amazon-adsystem.com/ Frame BE67
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
316 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
651409c0305145e0220539853de45decc6d5374aa3a7a67e2d93b37451eb1765
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ms-paint.en.softonic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
316
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 07 Dec 2023 08:44:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B6EEKPS4W49V5B8T035E

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Dec 2023 08:44:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
2GZ4B8HZB9T8JT5TS5YH
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 74E5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=zh-CN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:49:15 GMT
x-content-type-options
nosniff
age
93323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 06:49:15 GMT
truncated
/ Frame 74E5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
919c89c6baf38c5e9cde1addc182ce472768b6946b43072f962640235633048e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 74E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFadirxsyJV7rTi5rJWqdlA_rFmSk9FqzZWPm2yum0MO1W_-TWPRQcbfSkKjbR7oxP0qxT2NXvm64olOVcpbqtsgh9IwUwGTdOTIcN4P3LADW-RBJ3o0bQzLfsCLUGxQW9IMUnxJ4RPw62XYPbTIAtfxjdkirqi0N8vKs0_YNAvN0pMZwQD_ZTQ6BFEbAL7jhQpNt7miMcp2lik8Y_wvsscoQMilwpLtYQN75fUdBA5j8wnSBhT8HCnETaoD1djmGsctiIJpKVDEq0Y2HhyDkPkajn-mmGu9F3CPrqpijMIZecSil5gg6zx0zM_W_PeDJnEh2IZ7n3-HULKWJ8IK2grbmWbvRHXh2jWOwI7HgjTpx84Ndu6ew7VhXWjgTfmdtQOtdqRz3ggaMoJcfyx6o9M6NVASKfvOblvcDFTI_ux1bz&sai=AMfl-YSI62NZiulWK2KMuuzDQW--PGI91hrmWu9Saejrmp3cs-EKkvgCDsoFWoQTJFpcSCHEA59Z8IOpc1XhQ8TU_LDGkITTyJ4QBwPdHaurp-AWfxSYAdvsoOpGGQfzn0SuE3h3D5aIBUuz_g&sig=Cg0ArKJSzPd5q3Xrr4ZNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 08:44:38 GMT
truncated
/ Frame 2CDC 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fec18ec2a16c51814e2a92a3806d2ae2adbab60c63d224b2f52de40513cdf141

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B23 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstn5VCidstrFMO-MGUG2ZtcxFMQt9BWyZrEH3CPQ0jiQW6bTX4nCR2G4u_UXfoC10YCLMmhdiDaCBK6_QEBym4MRo8YGsyK4fmqQ0n4mrRlwzfvMmnUu-NWsQe1NQb_I1oyPhOtRLcjSw&sai=AMfl-YShP7c-CyxQxRuCmxd5FvnB9wVKltrztmT3Mrr7fIpSo1T0dOs&sig=Cg0ArKJSzLBe8y8aPt1AEAE&id=lidar2&mcvt=1000&p=148,153,398,453&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4177297281&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701938678453&rpt=207&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 76B0 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9Ple92ThT-bgqhczVVF3CZ6OcB4jEzCwKiXQhgu1YOkYa4ug2ppqGBR2yQM3lbd7byMn5HJCli4EGUrordS4PPn7LvPouUtyj6tQgl2iW21yhkdpddG1JExqo02BuHxgS2v_8EjbaNA&sai=AMfl-YTFU_6jsz-OgWj6UwNvavR2NLGt2HZhEdolCncH5QQ5PXIT0Bs&sig=Cg0ArKJSzAe-4f1TNu_WEAE&id=lidar2&mcvt=1003&p=485,1116,1085,1416&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1913829646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701938678410&rpt=210&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CDC 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUGpMMc7Ar-1bpd7kLRjXN9Wvqs4oKBcLpUoMLcjCBzTWovKzkr2-Fe4sYlEPcLGbDtykERnoYrK151Ie8K9ygYM35cjkHF8cPUGJpugZVLzo3r3gzZKD1lse5BYwcTn90dgX44SqBgw&sai=AMfl-YShIu5Orp3tJigI2CS3B2_loRdk-d0X0LE5yG_dlMC8uOU-1bI&sig=Cg0ArKJSzC4SeOIXJBJwEAE&id=lidar2&mcvt=1001&p=148,477,398,1447&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3361797518&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701938678445&rpt=335&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 74E5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFxOEyXWiGws6BTobxhEouqiYVuecUgJtjBK3cdmmiU2x8mqaAcK07fNUfpt7Y7eE_HO0UXihxfVSP-0oYQkbnPx_tXiV1pOS48QH_jGB15Wk9XW8vbAK2e3KgHO24-HuMYN2cVqe8kw&sai=AMfl-YRZ6ZoIzvJUXKDl0-t7D_dTRUNnHkCR1wwqzIC5ovZKPMHjClQ&sig=Cg0ArKJSzLUM3VmmBIm-EAE&id=lidar2&mcvt=1001&p=0,0,48,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=3361850746&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701938678432&rpt=384&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1a::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
711ebc8b23d67272db588ea186216394ed364108b246a18beb5f6918dd2297c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ms-paint.en.softonic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
https://ms-paint.en.softonic.com
date
Thu, 07 Dec 2023 08:44:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pr
s.amazon-adsystem.com/v3/ Frame D1D5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
db4033855f39609b56ff65f2adbd648bda42d09196ca7d5f1dfad14948d4ad73
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2309
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 07 Dec 2023 08:44:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JZFZF54WA2Z0Y7Q8Z1XR
v3
id5-sync.com/gm/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a1a2d09a1f6b6022273dfee5ccab7c74a560b9a30add5f5de4b334c33332f6ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ms-paint.en.softonic.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ms-paint.en.softonic.com
date
Thu, 07 Dec 2023 08:44:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
onetag-sys.com/match/ Frame D1D5 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame D1D5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1701938680243
  • https://ad.turn.com/r/cs?pid=45&rndcb=8582639035
  • https://sync.1rx.io/usersync/turn/2971446077424645745?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-1c56eab2-34e7-49b1-9654-3eb4...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
77VTTM7EHCJCFCTF4YK3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
date
Thu, 07 Dec 2023 08:44:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1c56eab234e749b196543eb441994f29004
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame BD47 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.54.63 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-54-63.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
58c48a1c7ea19145f7e3b27eb0dfc9685076798edffc8d26f482f6539b7252c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 07 Dec 2023 08:44:40 GMT
etag
W/"073afb379519fa10c6a5b4b6f74fadbda"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame BFE0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
878 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed17eda059fb6faf7381191d8bf0a1057197ae51533584e377633ba73df9b5e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
831b7cef2a3c4076-SIN
content-encoding
br
content-type
text/html
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwtBxWTK8zcuWesig82SwzbxbwiKtil8KwMKUjHJD5SNU9d2h99ket8FwMGFfXqzWSJrzv2W9ZCa0skbDyk2mxgwX%2B5Tgo9IsV2r1EMXgO3NGI8Lbj6WYNteIjgzfpNEh%2FZnuP9FsbTbMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
831b7ceefa0a4076-SIN
content-length
0
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF6PoFZ3mp7ALSOSs77oHJ3%2Fvvqk6YWY%2Fyli1emqUbCqWakhUASsbdzcBVQJoDutI26rMiKnLLG4cG1fzRb3NHZpsH%2BpGaFBCrKpTK20anNv6xmhHSAoeEUPr0DQ%2FJVeR%2BF6x1qBD23h1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5AA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71596
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
Fri, 08 Dec 2023 04:37:56 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AD30 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.114.50 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-114-50.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 08:44:40 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 9D80
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
583 B
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b949f7e3fd209921a5a601a4cad901e4206456c2c3a69b75e663735d4b17d73a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
359
content-type
text/html
date
Thu, 07 Dec 2023 08:44:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 07 Dec 2023 08:44:40 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 5826
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4197819160678337610&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4197819160678337610&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8VS2Z92H0QVDMAEMXW4W

Redirect headers

content-length
0
date
Thu, 07 Dec 2023 08:44:39 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4197819160678337610&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame FD96
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=686468021487496740601
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=686468021487496740601
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3ZMEMKYD4E6MJ35TJ0EN

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 07 Dec 2023 08:44:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=686468021487496740601
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame AD30 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.114.50 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-114-50.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3ea93dace34ddfe43019a5390e7a0bcab1f4fee9563b566387e86cb3b77de76

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 08:44:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 01:55:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61807
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 01:54:47 GMT
khaos.json
token.rubiconproject.com/ Frame AD30 		7 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D5AA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82269914&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
57c520c2dcfb1ccf5c5281f4dc40e0f5bb126ebe4a770c4016e4aab6f6524964

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Dec 2023 08:44:40 GMT
content-length
1672
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 9D80 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=85f0ca6f-22d4-8dda-8d7f-71987347abb2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T1KMX2JWPPZP1KKHGJ1C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D80
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0&gdpr_consent=
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=dd26b612-3e7e-3620-4d71-f30f1b746052&gdpr=0&gdpr_consent=
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 9D80
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXGF.MCo5sAAAN-iU8kAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXGF.MCo5sAAAN-iU8kAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 07 Dec 2023 08:44:40 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.204","key":"ZXGF.MCo5sAAAN-iU8kAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad429"}
X-SO-Key
ZXGF.MCo5sAAAN-iU8kAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad429
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXGF.MCo5sAAAN-iU8kAAAAA
Cache-Control
private
X-SO-HostName
m-ad429.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-IP
103.254.153.204
sd
jp-u.openx.net/w/1.0/ Frame 9D80
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae8XZJbm9Sslks8AEDmpjqlF_s8AAAGMQ3NS0g
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae8XZJbm9Sslks8AEDmpjqlF_s8AAAGMQ3NS0g
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 d1ff49308e235acbe8d49c0a59cc806a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
HKG60-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ae8XZJbm9Sslks8AEDmpjqlF_s8AAAGMQ3NS0g
cache-control
no-cache
content-length
0
x-amz-cf-id
v7bgu_TQpB7tp0Y5lvgXYeqaLkQgWYmjVt_TVFKhfWderIe0SaBCAw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9D80 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE0OTY1ZDgtZjcwOS02ODg0LTU4OTEtYTliNmQxOTZhZTMy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX254pF2GGKAG0McW9fArE&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX254pF2GGKAG0McW9fArE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDX254pF2GGKAG0McW9fArE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame 1F22 		0
0
ecm3
s.amazon-adsystem.com/ Frame E792 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID898E482A-8587-48B1-8DF4-0EC909AAB31D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2A3HDW0MRPV2N2KMPFE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iY5IKoWHSLGN9A7JCaqzHQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71596
accept-ranges
bytes
content-length
5622
expires
Fri, 08 Dec 2023 04:37:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame D5AA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=898E482A-8587-48B1-8DF4-0EC909AAB31D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=898E482A-8587-48B1-8DF4-0EC909AAB31D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4c100884-128f-4d15-9adb-671fbfc8fe4d%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=4c100884-128f-4d15-9adb-671fbfc8fe4d%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=4c100884-128f-4d15-9adb-671fbfc8fe4d%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&ttd_puid=4c100884-128f-4d15-9adb-671fbfc8fe4d%2C%2C
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame D5AA 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.97.106 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-97-106.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.26.79
content-length
49
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame D5AA 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=898E482A-8587-48B1-8DF4-0EC909AAB31D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Thu, 07 Dec 2023 08:44:07 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame D5AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk4RTQ4MkEtODU4Ny00OEIxLThERjQtMEVDOTA5QUFCMzFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 01:14:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D5AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOv9uV19u7jG-7I5Fz1Z1Jo&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOv9uV19u7jG-7I5Fz1Z1Jo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOv9uV19u7jG-7I5Fz1Z1Jo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D5AA 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 06 Dec 2023 08:44:40 GMT
898E482A-8587-48B1-8DF4-0EC909AAB31D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D5AA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/898E482A-8587-48B1-8DF4-0EC909AAB31D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a03:96e9:65cd:3831:2d60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D5AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Kestrel
content-length
355
ecm3
s.amazon-adsystem.com/ Frame AD30
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPUYCIA8-1K-IEF3
  • https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6DMHMVBD2F8J43YA8EG8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
crum
dsum-sec.casalemedia.com/ Frame BFE0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXGF.Blu.Db.7TwYavzkjQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJY6d2gNs37y80ECewdpR5U&google_cver=1&google_hm=2
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJY6d2gNs37y80ECewdpR5U&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffq4X1lK0kI4SHmirGIsgMP1ioPk%2Bc9PGPLzbZyAyF9NKXViIThSU5HGGY%2BKNRIVonPQJOrpCzbGe7B9x7FCdgGiQ9XBoFfAElvHEFOzJAkzwx0JK43nKP6O9cP1Yuq5PLQe%2B8KBlNJ8yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831b7cefba139e40-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJY6d2gNs37y80ECewdpR5U&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame BFE0
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f89770bb87ef4b359501db06d7e5745c
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f89770bb-87ef-4b35-9501-db06d7e5745c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=3ef2aeef-2c9f-45ea-aeed-f324258d4f72%3A1701938682.0760894&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D3ef2aeef-2c9f-45ea-aeed-f324258...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1972084072855796769&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D3ef2aeef-2c9f-45ea-ae...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=3ef2aeef-2c9f-45ea-aeed-f324258d4f72%3A1701938682.0760894&_=1701938682.0781248
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjczZWYyYWVlZi0yYzlmLTQ1ZWEtYWVlZC1mMzI0MjU4ZDRmNzI6MTcwMTkzODY4Mi4wNzYwODk0EAAaDQj7i8arBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBvwrEMGrlKJpszzvNS5nnc&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBvwrEMGrlKJpszzvNS5nnc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBvwrEMGrlKJpszzvNS5nnc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BFE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKxOIx547uy2yKetc1A09cs&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKxOIx547uy2yKetc1A09cs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyDRmMcT6AKiYPxWct3GgefpdolJXC8urhhtIXGEtL%2F4fosFlXuFLtaMjAPyAKg4h597Yv0kVk5RGVn3K1ulgJX1bWW%2F1o3RJ0NXKMminSd7y5roc9JqlVaNRD3rHOx92m6fKT87zOtcvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831b7cef99d59e40-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKxOIx547uy2yKetc1A09cs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFE0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&expiration=1704530680&gdpr=0&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&expiration=1704530680&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cesDQuZzF316HbklEX7%2BHX4iocszkZ2xcHxZddC%2FmazouqRa04wSq31qTJ0m3csTy9AV1g12sW9N%2FdcKf%2FaG0Cyzf7EiafmPtIQYdZM9VcQq2IKQ7Wr2Nf4abCepuMPwvMy7X7ouQLaEvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831b7cef9aa44076-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f1858dea-1fcf-4d3f-814c-f4ca799db28d&expiration=1704530680&gdpr=0&gdpr_consent=
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Kestrel
content-length
323
ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BFE0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2406:da18:929:5a03:96e9:65cd:3831:2d60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB
date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame BFE0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZXGF_AAFEH22vQAM
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXGF_AAFEH22vQAM&_test=ZXGF_AAFEH22vQAM
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXGF_AAFEH22vQAM&_test=ZXGF_AAFEH22vQAM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmkmwcpX2EFuXvxmM0KX3NvpSxD048QGbQxecmN6uwdOStzY0HSzGOOkPhQMUdBn496LO%2BlZQMOgso8Stm92CuSNWpy3SfqN1n3M35lAcLXFecIeQUs%2Fm7qcvmBF%2BtBTc4ZF0RN3kHC1lA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831b7cf12c3f9e40-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-qpg1223-QPG
pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701938680.490707,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXGF_AAFEH22vQAM&_test=ZXGF_AAFEH22vQAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame BFE0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nOkEOPEKlbvKaB55YrhD
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nOkEOPEKlbvKaB55YrhD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FLgB0uWW5tQqZvcSf%2FrXXl4FwCq6pjrPwrxv%2FzbMl07p2%2Bs9oITnI82qWuXh2F7KORZdf3jIfm2FUudtGTYrcmiUMxX91d%2BAZSU4IFY5e7yQyzYpzF1gfQsn9rzc6jNRNN3Ng6JsJ4hPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831b7cf68daa9e40-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=nOkEOPEKlbvKaB55YrhD
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame BFE0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
18.138.164.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-164-19.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

dcs
dcs-prod-apse-1-v051-0984f4fd8.edge-apse.demdex.com 2 ms
pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
cwmKfLwrSVk=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-apse-1-v051-03ffcf333.edge-apse.demdex.com 0 ms
pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
inZtKu4eQTw=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXGF.Blu.Db.7TwYavzkjQAA%264943
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame BFE0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZXGF-Blu-Db-7TwYavzkjQAAE08AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MDSJ256T8JCRG5PJAHY6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDE4MzNmYmUyOTIyMzdjMWIzYWU2MWI4NjZhMzBkZTM3ZjRjZDMzOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDE4MzNmYmUyOTIyMzdjMWIzYWU2MWI4NjZhMzBkZTM3ZjRjZDMzOA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDE4MzNmYmUyOTIyMzdjMWIzYWU2MWI4NjZhMzBkZTM3ZjRjZDMzOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame AD30
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E0KGZC319YXGVFKNZ357
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPUYCIA8-1K-IEF3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AD30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqI0ISs120xKI95MCuFEUM&google_cver=1
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqI0ISs120xKI95MCuFEUM&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFqI0ISs120xKI95MCuFEUM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame AD30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPUYCIA8-1K-IEF3
0
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPUYCIA8-1K-IEF3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 19C9B143B6494B97BDF741777A61EC98 Ref B: SIN30EDGE0806 Ref C: 2023-12-07T08:44:40Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-source-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYL53qAi7GqRWOxX+wGQg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPUYCIA8-1K-IEF3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AD30
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=&expires=30
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1858dea-1fcf-4d3f-814c-f4ca799db28d&gdpr=0&gdpr_consent=&expires=30
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame AD30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBVWUNJQTgtMUstSUVGMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHLA8AHJQVYoSDBzXRZqXNw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBVWUNJQTgtMUstSUVGMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBVWUNJQTgtMUstSUVGMw==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBVWUNJQTgtMUstSUVGMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AD30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ifizyea7yZ4ovBDpZ-zQIsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m07gX4dE2oLbMCk3CtjPJjpg0jg.gBWt.CQufQ--~A
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m07gX4dE2oLbMCk3CtjPJjpg0jg.gBWt.CQufQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m07gX4dE2oLbMCk3CtjPJjpg0jg.gBWt.CQufQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AD30 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8B7FXQ361Y4VGF08CJT8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AD30
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=42d4Yi4xTNqEZzdD8yuQow&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=42d4Yi4xTNqEZzdD8yuQow
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=42d4Yi4xTNqEZzdD8yuQow
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ESK6WSJJPGYPZJZZZJHJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=42d4Yi4xTNqEZzdD8yuQow
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AD30
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeMU7K4wwAABNSZbOUxw&expires=30
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeMU7K4wwAABNSZbOUxw&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABeMU7K4wwAABNSZbOUxw&expires=30
Date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame AD30
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPUYCIA8-1K-IEF3
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPUYCIA8-1K-IEF3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.77.135.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPUYCIA8-1K-IEF3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame AD30
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPUYCIA8-1K-IEF3
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPUYCIA8-1K-IEF3
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPUYCIA8-1K-IEF3&ckls=true&ci=nKN4KJw2eE&nc=false&trid=324437238
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPUYCIA8-1K-IEF3&ckls=true&ci=nKN4KJw2eE&nc=false&trid=324437238
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
99.86.178.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-178-48.kul50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:41 GMT
via
1.1 592cf76ef794695a59030047d5918a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
LaZfBB4n_qlKglsn11DAIHVoQRH8UWQRbytjIL-LVaLnbLpZd-L-Nw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPUYCIA8-1K-IEF3&ckls=true&ci=nKN4KJw2eE&nc=false&trid=324437238
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
gEj_uc0TtDKDaEBCAwjFs4dWblVQkUtT8RWY2QEoP9sDS67mzDoKrw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AD30
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=96829790-aee9-4ce8-924b-bed8635b2345&expires=30
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=96829790-aee9-4ce8-924b-bed8635b2345&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=96829790-aee9-4ce8-924b-bed8635b2345&expires=30
Date
Thu, 07 Dec 2023 08:44:41 GMT
Connection
keep-alive
X-CI-RTID
e8c05f80-1b65-4359-8158-eeedc3915ec9
Content-Length
144
Content-Type
text/html; charset=utf-8
cksync
hb.yahoo.net/ Frame AD30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPUYCIA8-1K-IEF3&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPUYCIA8-1K-IEF3&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VbWtyZ3RWRTJ1R3VXVW9KSll2S1lpMG9JZF9OcjRjN35B&ovsid=LPUYCIA8-1K-IEF3&dpid=58160
53 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VbWtyZ3RWRTJ1R3VXVW9KSll2S1lpMG9JZF9OcjRjN35B&ovsid=LPUYCIA8-1K-IEF3&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.209.46.77 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-46-77.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 07 Dec 2023 08:44:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 07 Dec 2023 08:44:40 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1VbWtyZ3RWRTJ1R3VXVW9KSll2S1lpMG9JZF9OcjRjN35B&ovsid=LPUYCIA8-1K-IEF3&dpid=58160
date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
capi.connatix.com/us/ Frame AD30
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LPUYCIA8-1K-IEF3&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LPUYCIA8-1K-IEF3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPUYCIA8-1K-IEF3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
831b7cf2cc6ca029-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 07 Dec 2023 08:44:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPUYCIA8-1K-IEF3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
831b7cf17ac7a029-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame AD30
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPUYCIA8-1K-IEF3
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPUYCIA8-1K-IEF3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
an-x-request-uuid
7de2c5cb-baad-444c-aef7-5631b5106f4d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
103.254.153.204; 103.254.153.204; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPUYCIA8-1K-IEF3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=810364830952993790
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=810364830952993790
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:40 GMT
an-x-request-uuid
97f99019-40a3-4300-8c2b-a0de57ac004f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=810364830952993790
x-proxy-origin
103.254.153.204; 103.254.153.204; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5398518111586249670&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 07 Dec 2023 08:44:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=2a1b1262-166b-0e76-2a0a-e3e2d3246114
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=2a1b1262-166b-0e76-2a0a-e3e2d3246114
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Dec 2023 08:44:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=2a1b1262-166b-0e76-2a0a-e3e2d3246114
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3874cdef-0c15-5ae8-7710-2c42adfd5479$ip$103.254.153.204
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-3874cdef-0c15-5ae8-7710-2c42adfd5479$ip$103.254.153.204
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-3874cdef-0c15-5ae8-7710-2c42adfd5479$ip$103.254.153.204
Date
Thu, 07 Dec 2023 08:44:41 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5JrVpQVE2peKypLUN5SmqkIaHcLa9iZgt.y8~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5JrVpQVE2peKypLUN5SmqkIaHcLa9iZgt.y8~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Dec 2023 08:44:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5JrVpQVE2peKypLUN5SmqkIaHcLa9iZgt.y8~A
content-length
0
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=c6e1ffb4-2df7-4ed1-a962-2601967d2e2b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=c6e1ffb4-2df7-4ed1-a962-2601967d2e2b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=c6e1ffb4-2df7-4ed1-a962-2601967d2e2b
Date
Thu, 07 Dec 2023 08:44:41 GMT
Connection
keep-alive
X-CI-RTID
1df8beba-2051-4a04-976d-6fa337140a12
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame BD47 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:40 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=&gdpr_consent=&puid=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=P7ohSlX4yLeS6ybbUZen
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=P7ohSlX4yLeS6ybbUZen
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=P7ohSlX4yLeS6ybbUZen
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=SpXJeltSXerP&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=SpXJeltSXerP&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
zh-SG
location
https://usersync.gumgum.com/usersync?b=pln&i=SpXJeltSXerP&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6fb8fdd894-v9m8k
expires
-1
usersync
usersync.gumgum.com/ Frame BD47
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5600232837313694723
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5600232837313694723
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5600232837313694723
date
Thu, 07 Dec 2023 08:44:40 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame BD47 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YY8K9ZH1GNGWHVXME722
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 98CA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5398518111586249670&gdpr=&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5398518111586249670&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.54.63 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-54-63.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5398518111586249670&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame DFF4 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV85ZjNmZjZkYS05OTg3LTQ2YjktOWY0OC02N2UyNDhiZmM3ZTA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 86FC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=71596
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 07 Dec 2023 08:44:40 GMT
expires
Fri, 08 Dec 2023 04:37:56 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame BFF8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=f1858dea-1fcf-4d3f-814c-f4ca799db28d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=f1858dea-1fcf-4d3f-814c-f4ca799db28d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Thu, 07 Dec 2023 08:44:40 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=f1858dea-1fcf-4d3f-814c-f4ca799db28d
server
Kestrel
usersync
usersync.gumgum.com/ Frame B6D1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZXGF.MCo5sAAAN-iU8oAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZXGF.MCo5sAAAN-iU8oAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Dec 2023 08:44:40 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZXGF.MCo5sAAAN-iU8oAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40290.dc2p.scaleout.jp
X-SO-IP
103.254.153.204
X-SO-Key
ZXGF.MCo5sAAAN-iU8oAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.204","key":"ZXGF.MCo5sAAAN-iU8oAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40290"}
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40290
usersync
usersync.gumgum.com/ Frame 3AA7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=xwdLfeB16bLROclJlUy6gzOzM9otmBbOu5KeTyakc_c&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=xwdLfeB16bLROclJlUy6gzOzM9otmBbOu5KeTyakc_c&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 07 Dec 2023 08:44:41 GMT Thu, 07 Dec 2023 08:44:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=xwdLfeB16bLROclJlUy6gzOzM9otmBbOu5KeTyakc_c&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame BBFB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.114.50 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-114-50.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 08:44:40 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Dec 2023 08:44:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame BBFB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.114.50 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-114-50.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3ea93dace34ddfe43019a5390e7a0bcab1f4fee9563b566387e86cb3b77de76

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 08:44:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 01:55:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61807
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 01:54:47 GMT
khaos.json
token.rubiconproject.com/ Frame BBFB 		7 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPUYCIA8-1K-IEF3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
usersync
usersync.gumgum.com/ Frame BBFB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPUYCIA8-1K-IEF3
  • https://usersync.gumgum.com/usersync?b=mag&i=LPUYCIA8-1K-IEF3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LPUYCIA8-1K-IEF3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 08:44:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LPUYCIA8-1K-IEF3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame D5AA 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:19:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame D5AA 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71837427&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ebec3365bd33c9652370868a09ed1c1a73a7a98fb24c87d1f7bdec09ce3e156b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Dec 2023 08:43:07 GMT
content-length
1220
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 2092 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 07 Dec 2023 08:44:43 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FB55
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=810364830952993790&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=810364830952993790&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
cc5b5fd7-3506-43fb-8bc7-2d3e4da2bdcb
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=810364830952993790&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
103.254.153.204; 103.254.153.204; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E8CD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b4f72446-d3fd-4685-aee5-59a74e438dd3&expires=1&user_group=2&ssp=pubmatic&bsw_param=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Dec 2023 08:44:43 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=96fedecb-6a7e-42a5-b671-afcfabdafc83&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame E6EF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2qe0wdSn5ZLBp7LF3_SuxN-l5sDB8eeT26Mt1TJ6
42 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2qe0wdSn5ZLBp7LF3_SuxN-l5sDB8eeT26Mt1TJ6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 07 Dec 2023 08:44:43 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=2qe0wdSn5ZLBp7LF3_SuxN-l5sDB8eeT26Mt1TJ6
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 31D3 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 07 Dec 2023 08:44:43 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qpg1223-QPG
x-timer
S1701938683.308172,VS0,VE233
ecm3
s.amazon-adsystem.com/ Frame F4B9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID898E482A-8587-48B1-8DF4-0EC909AAB31D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
MAZKDQVT3S7Z8C0J170F
458249.gif
idsync.rlcdn.com/ Frame D5AA
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=898E482A-8587-48B1-8DF4-0EC909AAB31D
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg5OEU0ODJBLTg1ODctNDhCMS04REY0LTBFQzkwOUFBQjMxRBAAGg0I-4vGqwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=1c98922d785a21c51c6c7adcbb0472825c278cea2a0ad72b26554ade57d5e171791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAxYzk4OTIyZDc4NWEyMWM1MWM2YzdhZGNiYjA0NzI4MjVjMjc4Y2VhMmEwYWQ3MmIyNjU1NGFkZTU3ZDVlMTcxNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAxYzk4OTIyZDc4NWEyMWM1MWM2YzdhZGNiYjA0NzI4MjVjMjc4Y2VhMmEwYWQ3MmIyNjU1NGFkZTU3ZDVlMTcxNzkxNDI2YjU0MTdkY2UyMRAAGgwI-4vGqwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=3ac04a65-889b-4d6c-9963-e7cb5934783d
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=3ac04a65-889b-4d6c-9963-e7cb5934783d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.244.154.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 07 Dec 2023 08:44:44 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=3ac04a65-889b-4d6c-9963-e7cb5934783d
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame D5AA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2971446077424645745&gdpr=0&gdpr_consent=&us_privacy=
1 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2971446077424645745&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2971446077424645745&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 07 Dec 2023 08:44:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame D5AA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=898E482A-8587-48B1-8DF4-0EC909AAB31D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5HiKsCFE2uU8IE0WdJp.gwEQXUjaK2o-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5HiKsCFE2uU8IE0WdJp.gwEQXUjaK2o-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:15:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5HiKsCFE2uU8IE0WdJp.gwEQXUjaK2o-~A&gdpr=0
date
Thu, 07 Dec 2023 08:44:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame 86FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96092433&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c87eb7fdf042206d49ad67ea1991ac1c164682341d9f59af0d3209e13ff9f66d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Dec 2023 08:44:43 GMT
content-length
1576
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 6E65
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12m8tknef08u
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12m8tknef08u
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 07 Dec 2023 08:44:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12m8tknef08u
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame B36C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OHTN7wwVWuh3ECxCrf1UeWf-mcw&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OHTN7wwVWuh3ECxCrf1UeWf-mcw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Dec 2023 08:44:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OHTN7wwVWuh3ECxCrf1UeWf-mcw&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame FB08
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b47768211604d6b95371a0e3c2b6b11
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b47768211604d6b95371a0e3c2b6b11
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 07 Dec 2023 08:44:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=1b47768211604d6b95371a0e3c2b6b11
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 3285 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Dec 2023 08:44:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame BB41 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5D54
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 05:56:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 08:44:43 GMT
expires
Thu, 07 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
726503
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 6B4C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3aa81e4daf53477fb69e1bbf11b90dd5
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3aa81e4daf53477fb69e1bbf11b90dd5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3aa81e4daf53477fb69e1bbf11b90dd5
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame DA3A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TLgaZw1qDJGRKpI6_IVxZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TLgaZw1qDJGRKpI6_IVxZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 05:48:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:44 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TLgaZw1qDJGRKpI6_IVxZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
usersync
usersync.gumgum.com/ Frame F826 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=898E482A-8587-48B1-8DF4-0EC909AAB31D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:43 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 86FC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5398518111586249670
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5398518111586249670
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5398518111586249670
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 86FC
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3bac6b4d689b1ff6&is_secure=true&networkId=17100&version=1&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVfk2gWWANUIuZDAAAAAAA&expiration=1702025083&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&...
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVfk2gWWANUIuZDAAAAAAA&expiration=1702025083&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 08:44:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVfk2gWWANUIuZDAAAAAAA&expiration=1702025083&nuid=898E482A-8587-48B1-8DF4-0EC909AAB31D&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame D5AA 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 86FC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:08:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 86FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80048649&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e4cd42e9d72bff4e303d14cd5536f28c9699af670b466efc588bdf3664c074f7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Dec 2023 08:43:10 GMT
content-length
1656
content-type
text/html; charset=UTF-8
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 9C2B 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:47 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame DD57 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=898E482A-8587-48B1-8DF4-0EC909AAB31D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.54.179 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
0
date
Thu, 07 Dec 2023 08:44:47 GMT
bridge
cm.adgrx.com/ Frame 1333 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Thu, 07 Dec 2023 08:44:46 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
i.match
s.tribalfusion.com/z/ Frame 1A58
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
831b7d18d89f4679-SIN
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
831b7d179f314679-SIN
content-type
text/html
date
Thu, 07 Dec 2023 08:44:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
69
Pug
simage2.pubmatic.com/AdServer/ Frame 3E3B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 08:44:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 07 Dec 2023 08:44:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 9180 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:47 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-5daffa235e1f@version_1.578v2
X-core-time
0ms
X-server-arch
v2
141
match.deepintent.com/usersync/ Frame 702F 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
0
date
Thu, 07 Dec 2023 08:44:46 GMT
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 711E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1TUwym2F1Rb9ZY5&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1TUwym2F1Rb9ZY5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Dec 2023 08:44:45 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1TUwym2F1Rb9ZY5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame FC29
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084072855796769
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084072855796769
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 01:14:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 07 Dec 2023 08:44:46 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1972084072855796769
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame A743
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5782626414
  • https://sync.1rx.io/usersync/tradedesk/f1858dea-1fcf-4d3f-814c-f4ca799db28d
  • https://sync.targeting.unrulymedia.com/csync/RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 08:44:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 07 Dec 2023 08:44:46 GMT
etag
RX1c56eab234e749b196543eb441994f29004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
usersync
usersync.gumgum.com/ Frame FF95 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=898E482A-8587-48B1-8DF4-0EC909AAB31D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Dec 2023 08:44:46 GMT
Expires
0
Pragma
no-cache
SPug
simage4.pubmatic.com/AdServer/ Frame 86FC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 08:44:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| dataLayer object| revamp function| gtag function| gtag_report_conversion function| _googCsa object| revampAdRendered object| eventTracker function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| uetq object| webpackJsonp object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady number| googleNDT_ number| googleAltLoader object| google function| __sasCookie number| experimentId_ object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| webpackChunk_softonic_revamp_api function| tdDisplaySlots function| tdDisplayInterstitial object| apstag function| UET function| UET_init function| UET_push object| ueto_fcbc2d20d7 undefined| google_measure_js_timing object| ramp number| google_unique_id object| gaGlobal object| GooglebQhCsO object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| gaplugins object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| DD_RUM object| gaData boolean| __bt_already_invoked function| Waypoint object| _aps boolean| apstagLOADED object| apscustom object| regeneratorRuntime object| ID5 object| __id5_instances

125 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDWFg
.en.softonic.com/ Name: _usr_orgn
Value: direct
.en.softonic.com/ Name: _swo_pos
Value: 995
.softonic.com/ Name: _gcl_au
Value: 1.1.341566778.1701938677
.softonic.com/ Name: session.pv
Value: 1
.softonic.com/ Name: persistent.fpmUserId
Value: f609c992-7df9-41d4-9728-1324788fc2a1
.softonic.com/ Name: session.fpmSessionId
Value: 430cd144-c5b8-4fbe-8e28-1188743cb7bd
.softonic.com/ Name: rv_prebid_position
Value: 999
.softonic.com/ Name: rv_test_position
Value: 576
.softonic.com/ Name: rv_fp_ad_session_id
Value: 73cd646e-9f7e-4754-a162-65cb3f981285
.softonic.com/ Name: rv_fp_pv
Value: 1
.softonic.com/ Name: _uetsid
Value: da122b0094dc11ee96c389b42ac4a5d5
.softonic.com/ Name: _uetvid
Value: da124bf094dc11eeb5a1630d6c3308ae
.bing.com/ Name: MUID
Value: 0F88DCDE54DA61A11223CF3E55806039
.bat.bing.com/ Name: MR
Value: 0
.softonic.com/ Name: rv_google_ppid
Value: 2309780c-6650-45d2-9f49-92a0fc7af130
.softonic.com/ Name: __gsas
Value: ID=17aee5f4e42a199c:T=1701938676:RT=1701938676:S=ALNI_MbErX3vnqd-sITV_2FVSjgyWEcZ7A
.softonic.com/ Name: _fbp
Value: fb.1.1701938676995.1744895063
.softonic.com/ Name: _ga_R5K71YRXMV
Value: GS1.1.1701938677.1.0.1701938677.60.0.0
.softonic.com/ Name: lotame_domain_check
Value: softonic.com
.criteo.com/ Name: uid
Value: 7837a662-13b5-480e-8d0c-6c5241faa3c7
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.softonic.com/ Name: __gads
Value: ID=a56033b9b8e303be:T=1701938676:RT=1701938676:S=ALNI_Mb2x1-yznxtM1SzfQH32YyPtwErbA
.softonic.com/ Name: __gpi
Value: UID=00000ca685e59f8e:T=1701938676:RT=1701938676:S=ALNI_Mai2KTf9Mu45RU4nCM5pBo0TKz-jg
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: ee11717cc29587d412f1b0ea8e016088
.softonic.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic.com/ Name: _ga
Value: GA1.2.2017101036.1701938677
.softonic.com/ Name: _gid
Value: GA1.2.422360090.1701938677
.softonic.com/ Name: _dc_gtm_UA-152357-1
Value: 1
.ms-paint.en.softonic.com/ Name: _ga
Value: GA1.4.2017101036.1701938677
.ms-paint.en.softonic.com/ Name: _gid
Value: GA1.4.422360090.1701938677
.softonic.com/ Name: _cc_id
Value: ee11717cc29587d412f1b0ea8e016088
.softonic.com/ Name: panoramaId_expiry
Value: 1702543477182
.softonic.com/ Name: panoramaId
Value: 32adef09434449f9a955ea142eeb185ca02caa7482e008ad64b35c3cc1344ac1
.softonic.com/ Name: panoramaIdType
Value: panoDevice
.softonic.com/ Name: cto_bundle
Value: boNHiV9QWEhMb0pTWkg0YUMybm83aHlHdmI1NSUyQk1nOGVsM0dSUVpMektWck00M0h6YSUyRmJqSnZuWHUycWljZG9IJTJCcGhuWkFtZ2NtMTc1cVd2a0dXdiUyRm84OHZRTkFaTFBEcyUyQldWbDA2NTdoZFYyMFNKb3lUY2trRlpqQmYwWmVMcTRmY0hOcThNY3p6THJjMHBqR3dBUnlEJTJGQUElM0QlM0Q
.id5-sync.com/ Name: 3pi
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUnXpImRE4ymaPB_jaonPbcFT3ZS11rb7icDr3356KPqtIahvg1OnJrJBz6QXWA
.google.com/ Name: NID
Value: 511=KG6x60MaTZ-oW1kB4_ZTEDIiNP570qe0hS8WVvigRSFlsmd-k6LP7ZzfXaw8LcaUjoSqFpYEwgr6vDKjZpnwIcp81KCYseC9uXwoLLjZH9YHKb8VIkKuXix0BWz0f6yICG5CnBXz4WADbYF3z8Q95ZFcLtA-gV15zQgpX-O__CA
.amazon-adsystem.com/ Name: ad-id
Value: A5RvRgaop0f0g3R4Ca5EIvI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.openx.net/ Name: i
Value: 0e8a894b-97f9-09d7-17a7-3be77f5353af|1701938680
.openx.net/ Name: pd
Value: v2|1701938680|jElYiuvOhI
.casalemedia.com/ Name: CMID
Value: ZXGF.Blu.Db.7TwYavzkjQAA
.casalemedia.com/ Name: CMPS
Value: 4943
.casalemedia.com/ Name: CMPRO
Value: 4943
.id5-sync.com/ Name: id5
Value: 9b7c2ab2-6831-7f08-bbfe-82e39916093d#1701938678279#2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 898E482A-8587-48B1-8DF4-0EC909AAB31D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1703116800%3A245_226_201%7C1701993600%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1703116800%3A21_13_7_71_54_220
.rubiconproject.com/ Name: khaos
Value: LPUYCIA8-1K-IEF3
.adsrvr.org/ Name: TDID
Value: f1858dea-1fcf-4d3f-814c-f4ca799db28d
.simpli.fi/ Name: suid
Value: 1C83D2CB6402494DB6007ADCDCC13599
.openx.net/ Name: univ_id
Value: 537072971|f1858dea-1fcf-4d3f-814c-f4ca799db28d|1701938680245575
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOv9uV19u7jG-7I5Fz1Z1Jo&KRTB&23025-CAESEOv9uV19u7jG-7I5Fz1Z1Jo&KRTB&23386-CAESEOv9uV19u7jG-7I5Fz1Z1Jo
.pubmatic.com/ Name: PugT
Value: 1701938680
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-f1858dea-1fcf-4d3f-814c-f4ca799db28d&KRTB&22918-f1858dea-1fcf-4d3f-814c-f4ca799db28d&KRTB&22926-f1858dea-1fcf-4d3f-814c-f4ca799db28d&KRTB&23031-f1858dea-1fcf-4d3f-814c-f4ca799db28d
.3lift.com/ Name: tluid
Value: 686468021487496740601
.tapad.com/ Name: TapAd_TS
Value: 1701938680313
.tapad.com/ Name: TapAd_DID
Value: 4c100884-128f-4d15-9adb-671fbfc8fe4d
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.turn.com/ Name: uid
Value: 2971446077424645745
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004%22%7D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8192
.gumgum.com/ Name: vst
Value: a_9f3ff6da-9987-46b9-9f48-67e248bfc7e0
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2fgw:19e0~2fgw"
.yahoo.com/ Name: A3
Value: d=AQABBPiFcWUCEHoAjzJWb9qruRg1cZyFJz4FEgEBAQHXcmV7ZQAAAAAA_eMAAA&S=AQAAAjQKIfuATZa6mFIsZvuI9RM
.ladsp.com/ Name: cr
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXGF_AAFEH22vQAM
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI7L64itnCuzwQBRIWCgdydWJpY29uEgsIqKuoi9nCuzwQBRIUCgV0YXBhZBILCPj--ovZwrs8EAUYASABKAIyCwikneW578K7PBAFOAFaBmd1bWd1bWAC
.demdex.net/ Name: demdex
Value: 34016802713548416754576573469994298400
.dpm.demdex.net/ Name: dpm
Value: 34016802713548416754576573469994298400
.sharethrough.com/ Name: stx_user_id
Value: c90fc863-0457-4734-92f7-a7b3686081ed
.hb.yahoo.net/ Name: visitor-id
Value: 3449402803876464000V10
.hb.yahoo.net/ Name: data-mag
Value: LPUYCIA8-1K-IEF3~~63
.primis.tech/ Name: csuuid
Value: 657185f87b19d
.ladsp.com/ Name: smn_uid
Value: QnJRVk-yY-Yfpx22L_a4OxA5qY6pRf4
.ladsp.com/ Name: lum
Value: CNKlzZvEMRIFCAMQ0AU
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAxOTM4NjgwfQ
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1c56eab2-34e7-49b1-9654-3eb441994f29-004%22%7D
.adform.net/ Name: C
Value: 1
.socdm.com/ Name: SOC
Value: ZXGF.MCo5sAAAN-iU8oAAAAA
.adform.net/ Name: uid
Value: 5398518111586249670
.bidr.io/ Name: bito
Value: AABeMU7K4wwAABNSZbOUxw
.bidr.io/ Name: bitoIsSecure
Value: ok
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2Il^LM%cX!@wnf-Te9(S@mqC2lWGcn#L^Cq3V^NXpnptqkraL2JbK6kT6?RP-HC_#tt?g(L?d4
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQVVlDSUE4LTFLLUlFRjMiLCJleHBpcmVzIjoiMjAyNC0wMy0wNlQwODo0NDo0MFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0wN1QwODo0NDo0MFoifQ==
.connatix.com/ Name: cnx_userId
Value: 33e16bfa94c04a2ca195af5ee24dac73
.intentiq.com/ Name: intentIQ
Value: nKN4KJw2eE
.intentiq.com/ Name: IQver
Value: 1.9
.bidswitch.net/ Name: tuuid
Value: 96fedecb-6a7e-42a5-b671-afcfabdafc83
.bidswitch.net/ Name: c
Value: 1701938680
.bidswitch.net/ Name: tuuid_lu
Value: 1701938680
.adnxs.com/ Name: uuid2
Value: 810364830952993790
.smartadserver.com/ Name: pid
Value: 5600232837313694723
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.intentiq.com/ Name: IQPData
Value: 1744738764#1701938681008#0#1701938681008
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeGsxR0JM
.intentiq.com/ Name: intentIQCDate
Value: 1701938681010
.intentiq.com/ Name: ASDT
Value: 0
.creativecdn.com/ Name: u
Value: CFlsXEKo1dbAK765bbOP
.creativecdn.com/ Name: g
Value: CFlsXEKo1dbAK765bbOP_1701938681102
.creativecdn.com/ Name: ts
Value: 1701938681
.liadm.com/ Name: lidid
Value: f89770bb-87ef-4b35-9501-db06d7e5745c
.linkedin.com/ Name: bcookie
Value: "v=2&1d48acb6-9a74-4f9c-8fab-96f3ef62fd6c"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2663:u=1:x=1:i=1701938680:t=1702025080:v=2:sig=AQF5IBSq9fIyN52Wxt1F2xqvQF0vFfv4"
.ipredictive.com/ Name: cu
Value: 96829790-aee9-4ce8-924b-bed8635b2345|1701938681362
.rubiconproject.com/ Name: audit
Value: 1|CBTC7bc8vriHLcKIITwxkZjLssNbjGMewZREjsFkOx3E50xgAul76eMTAVqJMfflS3Iz2ReR7//qFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3874cdef-0c15-5ae8-7710-2c42adfd5479.1v1UATZKmsu8FUhAK1hyN5ufnqYGS%2FkVCe3lch2o0Lk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3874cdef-0c15-5ae8-7710-2c42adfd5479.1v1UATZKmsu8FUhAK1hyN5ufnqYGS%2FkVCe3lch2o0Lk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOHTN7wwVWuh3ECxCrf1UeWf-mcw.wwB%2BlH6PRMOkOfFsCdt7Wfn12jwDeSEmS3x3T6jjfoA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOHTN7wwVWuh3ECxCrf1UeWf-mcw.wwB%2BlH6PRMOkOfFsCdt7Wfn12jwDeSEmS3x3T6jjfoA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIIoP7xV85V8ppDQN-Fkf8adqoYgedKGN-3RvTbzGwOTQEHwYBCD5i8arBjABOgS53G8PQgTqkgYo.qNbAlBG9molsrJJeD6I3gsVlk%2FoSaUIDxQ4sEnL%2BdGc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIIoP7xV85V8ppDQN-Fkf8adqoYgedKGN-3RvTbzGwOTQEHwYBCD5i8arBjABOgS53G8PQgTqkgYo.qNbAlBG9molsrJJeD6I3gsVlk%2FoSaUIDxQ4sEnL%2BdGc
.zemanta.com/ Name: zuid
Value: P7ohSlX4yLeS6ybbUZen
ms-paint.en.softonic.com/ Name: _dd_s
Value: rum=0&expire=1701939577129
.rezync.com/ Name: zync-uuid
Value: 3ef2aeef-2c9f-45ea-aeed-f324258d4f72:1701938682.0760894
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiM2VmMmFlZWYtMmM5Zi00NWVhLWFlZWQtZjMyNDI1OGQ0ZjcyOjE3MDE5Mzg2ODIuMDc2MDg5NCJ9.ZXGF-g.cZ1jL2yu91V-siusH5sLu6zQV6s
.contextweb.com/ Name: V
Value: SpXJeltSXerP
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oer|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ca3d19172c02e472
.pubmatic.com/ Name: SPugT
Value: 1701937142

1 Console Messages

Source Level URL
Text
other warning URL: https://www.google.com/adsense/search/ads.js(Line 211)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58bbce6f042fd3f665c04197710801f8.safeframe.googlesyndication.com
a.disquscdn.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
afs.googleusercontent.com
ampcid.google.com
ampcid.google.com.sg
analytics.google.com
api.btloader.com
articles-images.sftcdn.net
articles-img.sftcdn.net
b1sync.zemanta.com
bat.bing.com
bcp.crwdcntrl.net
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c.disquscdn.com
c1.adform.net
capi.connatix.com
cdn.id5-sync.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
csync.loopme.me
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.sftcdn.net
ipac.ctnsnet.com
jp-u.openx.net
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
ms-paint.en.softonic.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
sc.sftcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
softonic.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
storage.googleapis.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm-supply-web.gammaplatform.com
sync.mathtag.com
103.43.90.54
104.65.228.208
107.178.254.65
119.9.108.211
122.248.253.6
13.107.21.200
13.224.250.125
13.224.250.83
13.225.103.115
13.226.114.49
13.228.126.19
13.33.96.216
130.211.23.194
139.162.40.113
141.95.98.65
142.251.175.155
151.101.1.91
151.101.2.49
162.19.138.82
169.197.150.7
172.64.146.152
172.64.151.101
18.138.164.19
18.138.18.111
18.67.184.126
182.161.73.136
182.161.73.146
185.184.8.90
185.84.60.20
195.5.165.20
198.8.71.130
199.232.194.49
2001:4860:4802:36::178
2001:4860:4802:36::181
2001:df2:a300:bbbb::135
207.65.33.82
207.65.34.74
211.120.53.201
220.150.223.50
23.105.12.143
23.106.127.38
23.209.46.77
23.50.93.199
23.52.114.50
2404:6800:4003:c00::61
2404:6800:4003:c00::9c
2404:6800:4003:c01::84
2404:6800:4003:c01::9b
2404:6800:4003:c02::5f
2404:6800:4003:c03::84
2404:6800:4003:c03::8b
2404:6800:4003:c04::9c
2404:6800:4003:c05::5e
2404:6800:4003:c05::9b
2404:6800:4003:c05::cf
2404:6800:4003:c0f::84
2404:6800:4003:c1a::9a
2404:6800:4003:c1c::5e
2404:6800:4003:c1c::64
2404:6800:4003:c1c::6a
2404:6800:4003:c1c::9d
2406:2600:7:100::1
2406:2600:7:100::9
2406:da18:929:5a03:96e9:65cd:3831:2d60
2600:1413:1:5a0::29cc
2600:1413:b000:1b::17d7:717
2600:9000:20b4:a200:6:8656:f5c0:93a1
2600:9000:20c7:a200:1a:5235:f980:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:4ad8
2606:4700:20::681a:346
2606:4700::6812:18ad
2620:116:800e:21:6c50:dbee:bef5:203d
2620:1ec:21::14
2a02:fa8:c411:12::1050
2a03:2880:f00c:212:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
3.1.14.27
34.111.113.62
34.124.209.251
34.98.64.218
34.98.67.3
35.186.193.173
35.213.12.39
35.214.145.153
35.227.233.104
35.244.154.8
35.71.131.137
35.71.178.8
35.79.54.179
35.79.54.63
44.198.9.46
51.255.68.171
51.79.154.9
52.46.155.104
52.77.135.86
54.147.41.158
54.162.155.223
54.238.120.71
54.249.237.55
54.251.97.106
64.202.112.63
67.199.150.81
67.199.150.86
67.220.228.201
69.173.158.64
74.118.186.107
74.125.200.148
74.214.196.131
8.43.72.98
82.145.213.8
99.86.159.35
99.86.178.41
99.86.178.48
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
04f9eb66f1350f618ef4ba5e353952e140b01a682483c89ccb427d61c30035f8
069285623f9e15629f75d7ccc094c3b420166207eab59c8e7910b4246b482452
06b7a8bc64b391f4ce451c7594b97e097b88b9f9e5c04deef70198e7fd86da60
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0916fc3d1ca0339e2baa78b1a105e78c99f823d26a8f149a8afd123e040238e3
0ad5920e3de2d02ca93b81772e599c49917fd42922ea3fbf226b915a23fd062e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c54be6824f193624b8e91c04738961b7ef7ae050addde2af71d702f8fdcdaf4
0d204d22c0b57c1f174a5981a56b3a7e54235c69db03f569b6c42f8ef66c7206
0d76a4535398952947c4cd847cd5c7d1bc406de3adfe3a6140d19bbbc443c397
0dfdd88f0f92086884ea4214bc6b6f54119d75b3d72000e4cb83ea48166282ea
14faf867b74b600bc1275d07217ce917b256cce6e077c59381aaeca9a113869c
150af49c0a11f1ee04d61d53e3c33f190480de55f9306c7d2b6a4dd1d417da34
15143344424614befe8725dad08dcd54d6a9d09c582371982570ccf4644073b0
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1891412a5ce7c546a60d3a1f9b04c51a94860eadbf51a9e248daa109ea349796
1ada5d6847da8280cb91c16bea3a27c5e0b5c3a5801b11c735f47c4f5a36e3ef
1cd5ba7ca4f09f5c63bc6a1f570adb055f9b24f59b2c862fb110d6f06fcdfe88
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddc103c65fc159d69e01e1ae4832a98210ba08aea92640d6a05f7025c471d64
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
261a0f2e6215bfe9a749dd1da59719d4693c5a8b702386c0ac3adde249a32ab1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35caecfba8aa275cd6bb39228a3e3df33a01aa934f1282bf456d8e0ca6dba237
36169d28a058c066b2b0de545eda3607c9c288c1933aae08760ce452a4695f88
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3af55202f9ae174891b406251142d9842ad8159cf58e78086abd90e1c5ce6f6a
3cd9bb9f106c2054bdb86884e6d854ca30a31ffd80eba20e2a13f95433d7ecc7
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d2ffa22e8456d81ff265d6967dc4172fd680c65750f0932d5fdf97b408747f3
3d3f3571336026392845394cbeed25844c86be2d4b7cac91dd55ed28701e4522
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff606d0c65d0a2ea305427f59b6e1018bcbddb7a77b61e3fa2b082b4f366595
44cfd18a9a33a8a73d2f578bc94312cdd788525534222bca0ca45bf32ca99929
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e58095972e34fc952c5f577284edc55c0ef49519de344e5d99df92d48f9a1f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a2a5d8b738353a3a5e0ca668aabc590104997bc50a41568f6a8d72bae6a27af
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c09c122a316e9abe79c0fc710e7a807ce768041ca4a55887c69111b6dc0de1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5658a6b4c270353271d28b04a71e55b8c36bee0e27852c7a9baaf4bca4eccff9
575f5c961bdf4a8a14759243182adac1f93eeb873567175469627864415b4799
576d0b36bd8c8201e826aa45ae102594a069c286497b97fd65627b15e18facdf
57c520c2dcfb1ccf5c5281f4dc40e0f5bb126ebe4a770c4016e4aab6f6524964
58c48a1c7ea19145f7e3b27eb0dfc9685076798edffc8d26f482f6539b7252c3
5a9fbb63184170ae5494679db38323083298244123d6ec538710990657aa3ea5
5ad368795609ab32fe1ad9bdf0446289452345306d06317a2d4b9e5d47d0a4c9
5c4e5cd8435dc7b4a36fa0cfd3aae88b04dfe0da24dfbcee3732d683424cf4a6
5c7cee1a04513a6e53ceee1c963bf6195211fc11906ce74e2bab819424be0791
5df4c91ff8643e8e503a4fdb21a959c1a3a2b20c8d4cedc36fff63ff5ed1c7d6
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e64b65cbeed2febd747cf07f4099feee51448ac4eb3b85233eeeae184bfe7cf
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6339ee00d1aa839c900294f1d30a7879d5aca349310d182a44117f4fc125ecd1
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64115c42fecf0b475d10cb72b54a5e1412f5c5f7b46bdd031e04359e3b38990e
651409c0305145e0220539853de45decc6d5374aa3a7a67e2d93b37451eb1765
695acd476f7cdb5c3315418dc9a70449dc5f4c0f966c0ca89dabbbeb2ecfca5f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d35679b9254f9d664eb0b06d316c4072cb90ba8aa97e460a51d7bf40f928d71
6d827e8744c056488de8ec17e127de4f184498516902a206a384587c88e9c08e
6ec28576cc919250e200ae2f88a9be261dc7a4121fc1198a7c4f15971fd2d48c
6fbfd9f15b571ccec952647d4fd91e45b42c67b372b042cb9404d00a8d9fac07
701f5737432c12af290a1d53d0fdc81d5b16c45858565c6d340e4b7d01cacbb2
711ebc8b23d67272db588ea186216394ed364108b246a18beb5f6918dd2297c6
728c7465cfc96e74e89c59caf271d0735b611d2988ca7ff54ab4e10a15aacca0
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
77d4fb7b2ccebfe77a24edc9a92e6cd38d16b177ef1b46bf93f318c94badd546
7e246fd2a4cb8e1634db463b3828532c249d55b60895191a635ff3ef59fe17ea
7fd0c16003687620d957e806b317dba9d822a89696390f0f8a5260d0a1793c9c
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
80bb73a90ab868182222fd3d4bc856e4d09c90e2db8bb64114df261006b6478c
8232f27ea9c740ebbbccb24e7258d83c25c81616f2435dcdd6e780c80e8aabda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a767cbc1f72bb017ae28616c336a85987e4734c00c3fda9d57b8db79258466
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f530598095d8f626ee1f4845b364f1911bc77ce82ad28033b6d08a84c7073e6
9178323b773bdb24297171e9c0dc06a5a87c03ed2ead03397fa6d15e126cee93
919c89c6baf38c5e9cde1addc182ce472768b6946b43072f962640235633048e
9443534ff3d637060f249ab2bc07aacd9adccfab8f6960aa807308530dfd6d87
963c3dd6e067326bc278ba4065a93f14a10c3f5a851f3072d5ad5b9e8458b8f9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
98df6061403a1428fd8a9fa06f3de2018046912c11af1a5dca62432f01073cae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e71d87f1abaef24ebba36673d220ee40098228dc7a40c206b8cf188f78a9c37
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a2d09a1f6b6022273dfee5ccab7c74a560b9a30add5f5de4b334c33332f6ba
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a52d8c5106a62343fd49bceb847b24dad6e4fb24b284fe76aefccc36b03ba46d
a80da7e4f8804a61df30296eb649a6fd485f1e3d8d5e6b5a06b787dde3821421
abb3310821d9b095e9b585e686496fb3c1afdb13d45a13591b040f7462310335
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af15553eef809789bf8e2edb7228dc011f0e80edf99d283a0cb29871a66a3d79
b0353b2428b1b998266f6e1e09ae90d46988e11510846c5af3f82b65bdc2ab68
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3331ee13d7f5e0ede8dd422b0c716a12549ef079d6f8d8bf433e6cb5dbf1102
b5264fcc9ea70a1630a36b917d208a9fd01e160a9c5e00aa714509ffd23ae1e7
b6ebd2244153bb9f85eab74cb2097c99965ec579adc640c607fd7a15b60b3e19
b6f09727d79519fcd64c90dc473bc667cfa33c8e874b7d18fd154edf6dca0567
b949f7e3fd209921a5a601a4cad901e4206456c2c3a69b75e663735d4b17d73a
b9d76b608bb35734b3d3b11e49bdd905f2f05a4ce6a126b6bb5eae886dd476af
ba1251a4042cdc4b94fe87cd32afca0476a41d020d99c2ddc050beca831b116e
bb6781c190d7e37a4cc0919b5df551cf6073ffa8c1adba39b1e37d9e2df23e84
bc2a00f882492f2cd756184bb202b8d55b7cad3a3739697e7f666e5912062882
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34db9e89431e06c8672a6775ac1c3b40b6412c2d3285e738110312bf106649e
c3a7786a81163c5123afd76194895fa5d22dc80cd0da1f1c68fdb64ce5311bba
c76144afe8f63083deb326395798ca301f228142648e2398bc1bad57db352240
c87eb7fdf042206d49ad67ea1991ac1c164682341d9f59af0d3209e13ff9f66d
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9014b92bed451ae20ef7a455f9e7e2590992ba71c735368191fe38af129ff6a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cecc9f4c46262cee0cb1e8c3e0296320390e258a717435eb85a1cd15ce1fcdd1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d48bf4eccb27f08f7bc7e47741b957a759794b617f309001d324ecb6b7dd04e0
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9f97e047de6ff5c1dcbfcf35fa8ac3b759d1e5603b7ae5ae88f15884c22ce94
da3eb947ab985ab9d5285ee72dd2f3ce8a7f6a2abe920f33284e629350a8175e
db4033855f39609b56ff65f2adbd648bda42d09196ca7d5f1dfad14948d4ad73
dcebc3c23c4f678ecdf09c536ed2fa0fa1f5e23f18050900f3d636b164053119
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea93dace34ddfe43019a5390e7a0bcab1f4fee9563b566387e86cb3b77de76
e4cd42e9d72bff4e303d14cd5536f28c9699af670b466efc588bdf3664c074f7
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ebec3365bd33c9652370868a09ed1c1a73a7a98fb24c87d1f7bdec09ce3e156b
ed17eda059fb6faf7381191d8bf0a1057197ae51533584e377633ba73df9b5e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5df9763b2dbd0db990559c7d8c8443d3ef61f237d382aeb32675eb7fbb0f0c8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9253b64091899ae1e4666f0986cd97dec15ad2fc3dbf64a77ea5bb02e3600de
f9dc00a29bb76d8400dcdc45c36a160d3e5bd4b3b376712f0673279f0bf84ddb
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fc3dbdab60d03bb514386f0848b2b74368ff1582526ebc2d997f2c4a4860dc2c
fdfa93e1320fbadbc2475740faa3e354d34c635586e1a471ba4c8ac3c37384da
fec18ec2a16c51814e2a92a3806d2ae2adbab60c63d224b2f52de40513cdf141