aoutoqw.xyz Open in urlscan Pro
165.22.98.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://to.aoutoqw.xyz/
Effective URL:
https://aoutoqw.xyz/
Submission: On May 31 via manual (May 31st 2023, 2:25:57 am UTC) from ID — Scanned from SG

Summary HTTP 133 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 133 HTTP transactions. The main IP is 165.22.98.83, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is aoutoqw.xyz. The Cisco Umbrella rank of the primary domain is 965794.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.

This is the only time aoutoqw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	128.199.64.249 128.199.64.249	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 23	165.22.98.83 165.22.98.83	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4003:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:d8c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
1 2	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
27	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
2	2404:6800:400... 2404:6800:4003:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c03::9a	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4003:c04::84	15169 (GOOGLE) (GOOGLE)
4 5	2404:6800:400... 2404:6800:4003:c04::67	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4003:c00::8a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
133	17

2 128.199.64.249 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

to.aoutoqw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 165.22.98.83 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.aoutoqw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aoutoqw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c00::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4003:c06::9b (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:d8c (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.193.213.11 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4003:c04::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c04::67 (Singapore) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4003:c00::8a (Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	427 KB
25	aoutoqw.xyz 2 redirects to.aoutoqw.xyz www.aoutoqw.xyz aoutoqw.xyz — Cisco Umbrella Rank: 965794	595 KB
23	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856	59 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	151 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	159 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	266 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	6 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 26240	696 B
2	sovrn.com 1 redirects sovrn.com — Cisco Umbrella Rank: 25495 www.sovrn.com — Cisco Umbrella Rank: 193437	424 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17397 s4.histats.com — Cisco Umbrella Rank: 15071	5 KB
1	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 17715
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	467 B
133	12

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	aoutoqw.xyz	aoutoqw.xyz
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com aoutoqw.xyz
14	pagead2.googlesyndication.com	aoutoqw.xyz pagead2.googlesyndication.com to.aoutoqw.xyz googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	aoutoqw.xyz googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.sg	pagead2.googlesyndication.com
2	to.aoutoqw.xyz	1 redirects
1	e.dtscout.com	s4.histats.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	www.sovrn.com	aoutoqw.xyz
1	sovrn.com	1 redirects
1	s10.histats.com	aoutoqw.xyz
1	www.aoutoqw.xyz	1 redirects
133	20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
linkmonet.com R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
aoutoqw.xyz R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://aoutoqw.xyz/
Frame ID: FD5E4F0F53008603DAB413449E3E73E8
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20190131/zrt_lookup.html
Frame ID: 0F3911ED1DA30BAFFDF782700F7CF645
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&adk=1812271804&adf=3025194257&lmt=1685499952&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Faoutoqw.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952134&bpp=7&bdt=168&idt=76&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8402737208904&frm=20&pv=2&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98
Frame ID: 23FA7A23215C74F8406CFB1ED51792AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952141&bpp=2&bdt=175&idt=94&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=43oERrNulS&p=https%3A//aoutoqw.xyz&dtd=98
Frame ID: 67E4954105DF31258687E77F1F4408CF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3FDCCDE2D7E1774957795CF8EED7C43E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.3807239147~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bbDTdxf2Cf&p=https%3A//aoutoqw.xyz&dtd=42
Frame ID: 4B90BA9CA4A4618F3FEB5247F1830375
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1034840246~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NVtHV1lEkP&p=https%3A//aoutoqw.xyz&dtd=48
Frame ID: C6D710135356762BD9639725EB7F529B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=4070374814&adf=3001769797&pi=t.aa~a.2421250157~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NAVw27x6T9&p=https%3A//aoutoqw.xyz&dtd=88
Frame ID: DEA9CBF45129D70ED35306D0FCA4B732
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=163&adk=2243460501&adf=3434840839&pi=t.aa~a.548476622~rp.4&w=831&lmt=1685499952&nsk=a860b106&rafmt=11&pwprc=4844043208&ad_type=text_image&format=831x163&url=https%3A%2F%2Faoutoqw.xyz%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=1&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i0ahq7lStE&p=https%3A//aoutoqw.xyz&dtd=94
Frame ID: EDD11BB9DE8DA556B0C4210D87E727D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: DA03131AAD6FC1007CF9DF33C7AF506D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1EFB994E1AA02ED288F436562FA19841
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: C3060670109A401F11B1264DCAAF27BC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3802CB5A0D4BDCE877E59B55AE76CE0C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5CFA5EFBBAE467266E8C38733D1DBE0F
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 808686A40CA6AD2EAC0054151D0D223B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 61B52D73CE0347293A024E94BC2BC3DE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E0B9D9847D33CE75384CD3B03DD05D5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 975E5D7F0E5CCFBFC63AC343B140B5C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 024053646D2F8BE2EEB5D21148136F35
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 815ED666325744B592FA938F62FD773B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3304C5672BE36B7D78B471B37816A82E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C990662D2A8C21BEEA5F43779E8160D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blog Of Gaming – Gaming All Day

Page URL History Show full URLs

http://to.aoutoqw.xyz/ HTTP 301
https://to.aoutoqw.xyz/ Page URL
https://www.aoutoqw.xyz/ HTTP 301
https://aoutoqw.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

133
Requests

99 %
HTTPS

75 %
IPv6

12
Domains

20
Subdomains

17
IPs

3
Countries

1668 kB
Transfer

4662 kB
Size

14
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/want-to-be-a-pro-player-at-pubg-mobile-you-must-understand-this-technique-this-conqueror.html&t=Want+to+be+a+Pro+Player+at+PUBG+Mobile%3F+You+Must+Understand+This+Technique+This+Conqueror

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Want+to+be+a+Pro+Player+at+PUBG+Mobile%3F+You+Must+Understand+This+Technique+This+Conqueror&url=https://aoutoqw.xyz/want-to-be-a-pro-player-at-pubg-mobile-you-must-understand-this-technique-this-conqueror.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/this-is-a-list-of-buying-prices-for-heroes-in-mobile-legends-from-free-cheap-to-the-most-expensive.html&t=This+is+a+list+of+buying+prices+for+heroes+in+Mobile+Legends+from+free%2C+cheap+to+the+most+expensive

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=This+is+a+list+of+buying+prices+for+heroes+in+Mobile+Legends+from+free%2C+cheap+to+the+most+expensive&url=https://aoutoqw.xyz/this-is-a-list-of-buying-prices-for-heroes-in-mobile-legends-from-free-cheap-to-the-most-expensive.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/where-and-how-to-contact-mobile-legend-customer-service.html&t=Where+and+How+to+Contact+Mobile+Legend+Customer+Service

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Where+and+How+to+Contact+Mobile+Legend+Customer+Service&url=https://aoutoqw.xyz/where-and-how-to-contact-mobile-legend-customer-service.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/20-list-of-mobile-legend-heroes-who-can-strike-long-distance-deadly-damage.html&t=20+List+of+Mobile+Legend+Heroes+Who+Can+Strike+Long+Distance+Deadly+Damage

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=20+List+of+Mobile+Legend+Heroes+Who+Can+Strike+Long+Distance+Deadly+Damage&url=https://aoutoqw.xyz/20-list-of-mobile-legend-heroes-who-can-strike-long-distance-deadly-damage.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/tips-for-mastering-and-becoming-a-pro-player-in-the-pubg-mobile-game-weapon-secrets-on-each-map.html&t=Tips+for+Mastering+and+Becoming+a+Pro+Player+in+the+PUBG+Mobile+Game%2C+Weapon+Secrets+on+Each+Map

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Tips+for+Mastering+and+Becoming+a+Pro+Player+in+the+PUBG+Mobile+Game%2C+Weapon+Secrets+on+Each+Map&url=https://aoutoqw.xyz/tips-for-mastering-and-becoming-a-pro-player-in-the-pubg-mobile-game-weapon-secrets-on-each-map.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/here-are-15-reasons-why-the-mobile-legend-game-has-become-a-very-popular-game-in-the-world.html&t=Here+are+15+reasons+why+the+Mobile+Legend+game+has+become+a+very+popular+game+in+the+world

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Here+are+15+reasons+why+the+Mobile+Legend+game+has+become+a+very+popular+game+in+the+world&url=https://aoutoqw.xyz/here-are-15-reasons-why-the-mobile-legend-game-has-become-a-very-popular-game-in-the-world.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/30-list-of-mobile-legends-heroes-and-tier-lists-to-game-characters.html&t=30+List+of+Mobile+Legends+Heroes+and+Tier+Lists+to+Game+Characters

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=30+List+of+Mobile+Legends+Heroes+and+Tier+Lists+to+Game+Characters&url=https://aoutoqw.xyz/30-list-of-mobile-legends-heroes-and-tier-lists-to-game-characters.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/ini-tips-jago-main-game-state-of-survival-strategi-yang-wajib-anda-tahu.html&t=These+Are+Good+Tips+For+Playing+The+State+of+Survival+game%2C+a+strategy+that+you+must+know

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=These+Are+Good+Tips+For+Playing+The+State+of+Survival+game%2C+a+strategy+that+you+must+know&url=https://aoutoqw.xyz/ini-tips-jago-main-game-state-of-survival-strategi-yang-wajib-anda-tahu.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/this-is-a-list-of-the-20-most-popular-android-games-on-google-play-these-are-the-names-and-types-of-games.html&t=This+is+a+list+of+the+20+most+popular+Android+games+on+Google+Play%2C+these+are+the+names+and+types+of+games

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=This+is+a+list+of+the+20+most+popular+Android+games+on+Google+Play%2C+these+are+the+names+and+types+of+games&url=https://aoutoqw.xyz/this-is-a-list-of-the-20-most-popular-android-games-on-google-play-these-are-the-names-and-types-of-games.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/list-of-free-to-paid-game-download-sites-for-mobile-pcs-to-consoles.html&t=List+of+free+to+paid+game+download+sites+for+mobile+PCs+to+consoles

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=List+of+free+to+paid+game+download+sites+for+mobile+PCs+to+consoles&url=https://aoutoqw.xyz/list-of-free-to-paid-game-download-sites-for-mobile-pcs-to-consoles.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://to.aoutoqw.xyz/ HTTP 301
https://to.aoutoqw.xyz/ Page URL
https://www.aoutoqw.xyz/ HTTP 301
https://aoutoqw.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://to.aoutoqw.xyz/ HTTP 301
https://to.aoutoqw.xyz/

Request Chain 28

https://sovrn.com/ HTTP 301
https://www.sovrn.com/

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

133 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
to.aoutoqw.xyz/
Redirect Chain

http://to.aoutoqw.xyz/
https://to.aoutoqw.xyz/

174 B
379 B

78ms
67ms

Document
text/html

128.199.64.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://to.aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.64.249 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PHP/7.4.33 PleskLin

Resource Hash

5afa6c4c7a1250f1f6598fa68b4cfed77d0875b0c2d66ecfd5bd4dac3a75808e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-length: 151
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 02:25:51 GMT
server: nginx
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33 PleskLin
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 31 May 2023 02:25:51 GMT
Location: https://to.aoutoqw.xyz/
Server: nginx

GET
H2

200

Primary Request / Show response
aoutoqw.xyz/
Redirect Chain

https://www.aoutoqw.xyz/
https://aoutoqw.xyz/

89 KB
17 KB

141ms
105ms

Document
text/html

165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/7.4.27 PleskLin
Resource Hash: 53fc7fd09ae7c2d3a4b82f55627e484aa78015c1b51e3f4f499398eb889187fb

Request headers

Referer: https://to.aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 02:25:51 GMT
link: <https://aoutoqw.xyz/wp-json/>; rel="https://api.w.org/"
server: nginx
x-powered-by: PHP/7.4.27 PleskLin

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 02:25:51 GMT
location: https://aoutoqw.xyz/
server: nginx
x-powered-by: PHP/7.4.27 PleskLin
x-redirect-by: WordPress

GET
H2 200 style.min.css
aoutoqw.xyz/wp-includes/css/dist/block-library/ 95 KB
11 KB 11ms
10ms Stylesheet
text/css 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:51 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-17ced"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 classic-themes.min.css
aoutoqw.xyz/wp-includes/css/ 291 B
331 B 27ms
25ms Stylesheet
text/css 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:51 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
x-accel-version: 0.01
server: nginx
etag: W/"123-5f81845d1b24f"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 27ms
14ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7COpen+Sans%3A100%26subset%3Dno-font-weight%2Ccyrillic

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00f2acadff16c4093222e289271ae495967d00292465555552204c8c8d585d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 02:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 02:25:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 02:25:51 GMT

GET
H2 200 style.css
aoutoqw.xyz/wp-content/themes/ad-mania/ 279 KB
44 KB 17ms
16ms Stylesheet
text/css 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685499951&ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6ca2642ac9f2c0e3b43e177c7d26fa2f14370d866ffed9681c2a703a4de728c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:51 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 14:22:55 GMT
server: nginx
etag: W/"63a1c53f-45aa5"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
aoutoqw.xyz/wp-includes/js/jquery/ 88 KB
30 KB 23ms
22ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:51 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-15ed7"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
aoutoqw.xyz/wp-includes/js/jquery/ 13 KB
5 KB 12ms
11ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:51 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-3470"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 28ms
18ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8367258519230759

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c934fba7a96ca2441e6cf3f7ff924767f341b8b8927e3ed1bd7f40e827ab7551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47466
x-xss-protection: 0
server: cafe
etag: 545504420276932787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:52 GMT

GET
H2 200 logoautoqw.png
aoutoqw.xyz/wp-content/uploads/2023/03/ 21 KB
21 KB 25ms
20ms Image
image/png 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/logoautoqw.png
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 440267acc23dbf11d1f4aafa2b05af63818b829400743bea39fc836b8b7bbf25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Sat, 25 Mar 2023 08:38:38 GMT
server: nginx
etag: "641eb30e-5511"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 21777

GET
H2 200 cara-menjadi-pro-player-pubg-Conqueror-200x150.webp
aoutoqw.xyz/wp-content/uploads/2023/04/ 6 KB
6 KB 19ms
15ms Image
image/webp 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/cara-menjadi-pro-player-pubg-Conqueror-200x150.webp
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 88494fea1985db1d61143f315a980782abef6bb394222593998285d027d836ae

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 13 Apr 2023 05:43:21 GMT
server: nginx
etag: "64379679-1672"
x-powered-by: PleskLin
content-type: image/webp
accept-ranges: bytes
content-length: 5746

GET
H2 200 daftar-harga-hero-mobile-legends-200x150.png
aoutoqw.xyz/wp-content/uploads/2023/04/ 53 KB
53 KB 12ms
8ms Image
image/png 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/daftar-harga-hero-mobile-legends-200x150.png
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8fc047db1be8c33d8105711394f78c78580fccd69c77d57a276a4fa6f29ec589

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 05:07:32 GMT
server: nginx
etag: "642e5394-d28d"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 53901

GET
H2 200 dimana-letak-customer-service-mobile-legend-200x150.webp
aoutoqw.xyz/wp-content/uploads/2023/04/ 3 KB
3 KB 32ms
28ms Image
image/webp 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/dimana-letak-customer-service-mobile-legend-200x150.webp
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a4549c734916f4ef3a0d6a0bac9423f9dc5a945f1e800d206dcab8ea61c2528b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-ccc"
x-powered-by: PleskLin
content-type: image/webp
accept-ranges: bytes
content-length: 3276

GET
H2 200 Hero-mobile-legend-jarak-jauh-200x150.jpeg
aoutoqw.xyz/wp-content/uploads/2023/04/ 10 KB
10 KB 26ms
22ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/Hero-mobile-legend-jarak-jauh-200x150.jpeg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 80045f756b5847eaad803d8e450b12111dc75199b34e0ecc466782914bd8bc9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-26f5"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 9973

GET
H2 200 tips-agar-bisa-jadi-Proplayer-di-Mobile-legends-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/04/ 7 KB
7 KB 26ms
25ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/tips-agar-bisa-jadi-Proplayer-di-Mobile-legends-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a7705dec66f49a523f90ddfdcb46db34f4694f1fd583321e022ec6909d503e61

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-1cd4"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 7380

GET
H2 200 alasan-mengapa-game-mobile-legend-game-paling-populer-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/04/ 16 KB
16 KB 21ms
10ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/alasan-mengapa-game-mobile-legend-game-paling-populer-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 050519d788fb03adda7a974b3c9aed95057b6f6fd112fd51612101e54920f18e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-3e46"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 15942

GET
H2 200 daftar-karakter-mobile-legends-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/03/ 10 KB
10 KB 19ms
8ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/daftar-karakter-mobile-legends-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1263fbb776fcfc5cc95f29706f6ffea118842170264affb1aaa4ec7f19d6f5b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-287d"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 10365

GET
H2 200 Game-state-of-survival-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/03/ 12 KB
12 KB 14ms
12ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/Game-state-of-survival-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ff4f3571778efcd6f1028d0261211eedfa39e0b513c350f1f80d5d4c28e8b2e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-3107"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 12551

GET
H2 200 game-android-terpopuler-2023-200x150.webp
aoutoqw.xyz/wp-content/uploads/2023/03/ 5 KB
5 KB 18ms
16ms Image
image/webp 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/game-android-terpopuler-2023-200x150.webp
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3195a4101fcf03bde59de0d68edd297c08153eb6ef7a39f4019d577779e3ecba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:20 GMT
server: nginx
etag: "642e33e4-14f4"
x-powered-by: PleskLin
content-type: image/webp
accept-ranges: bytes
content-length: 5364

GET
H2 200 situs-download-game-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/03/ 12 KB
13 KB 19ms
17ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/situs-download-game-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5c1b262223e139980ed78ec64d386e924f6033d8871fdba0a93f10e79ee3c244

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 06 Apr 2023 02:52:20 GMT
server: nginx
etag: "642e33e4-31e4"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 12772

GET
H2 200 mincustom.js Show response
aoutoqw.xyz/wp-content/themes/ad-mania/js/ 457 KB
37 KB 14ms
14ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/js/mincustom.js
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bced9f7acd03baf8e91d56ef78984eb72db91c1b26e625c0e2e2ee47da8ff144

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 14:26:43 GMT
server: nginx
etag: W/"63a1c623-724d6"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 icon.png
aoutoqw.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/ 176 KB
176 KB 19ms
18ms Image
image/png 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8dcfba4a28225c8746c26ef28776e25c1268ed730f9a187cb95bf198e4ed3a68

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Thu, 09 Mar 2023 03:49:25 GMT
server: nginx
etag: "64095745-2be51"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 179793

GET
H2 200 wp-emoji-release.min.js Show response
aoutoqw.xyz/wp-includes/js/ 18 KB
5 KB 21ms
13ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-4904"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 83ms
15ms Script
text/javascript 2606:4700:10::ac43:d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 34034
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7cfbc4cc99cc49ea-SIN
content-length: 4547

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 44ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7COpen+Sans%3A100%26subset%3Dno-font-weight%2Ccyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 23:17:30 GMT
x-content-type-options: nosniff
age: 11302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 23:17:30 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 53ms
14ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7COpen+Sans%3A100%26subset%3Dno-font-weight%2Ccyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 23:16:32 GMT
x-content-type-options: nosniff
age: 11360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 23:16:32 GMT

GET
H2 200 fa-brands-400.woff2
aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/ 64 KB
64 KB 25ms
24ms Font
font/woff2 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/fa-brands-400.woff2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685499951&ver=6.2.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Referer: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685499951&ver=6.2.2
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Tue, 20 Dec 2022 14:26:47 GMT
server: nginx
etag: "63a1c627-ff24"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 65316

GET
H2 200 fa-solid-900.woff2
aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/ 49 KB
49 KB 32ms
31ms Font
font/woff2 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685499951&ver=6.2.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685499951&ver=6.2.2
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
last-modified: Tue, 20 Dec 2022 14:26:50 GMT
server: nginx
etag: "63a1c62a-c4c4"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 50372

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 20ms
19ms Fetch
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47480
x-xss-protection: 0
server: cafe
etag: 11095817905180010826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:52 GMT

HEAD
H2

200

/
www.sovrn.com/
Redirect Chain

https://sovrn.com/
https://www.sovrn.com/

0
0

879ms
872ms

Fetch
text/html

141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sovrn.com/

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:53 GMT
x-cache-group: normal
content-encoding: br
strict-transport-security: max-age=63072000
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
x-powered-by: WP Engine
x-cache: HIT: 2
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yiMbFgf4%2BQ7MJaezHxR9pojH2phANasO1VhPUNhXzQ2vQg0dbb2mmonWQA%2BKLv4%2FltwYxad7BayJnSY4NKJWYdicgouvsoZouZCgOoOCzbEk4Ngyt1MEgZ8ym7cPdI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=600, must-revalidate
cf-ray: 7cfbc4d2eb0c9fbf-SIN
link: <https://www.sovrn.com/wp-json/>; rel="https://api.w.org/", <https://www.sovrn.com/wp-json/wp/v2/pages/25540>; rel="alternate"; type="application/json", <https://www.sovrn.com/>; rel=shortlink

Redirect headers

date: Wed, 31 May 2023 02:25:53 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A53VIoqBgOODqb9xYt7Z7WVeuuhEcFs35maKEfztnNlm6A0KdVpKxJGg7K4s4qGO4LJiz47sA4q68lBFy5cNgiFQJdOXM02iIus3J47sQDoWQ9tarJD7GoYNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.sovrn.com/
cf-ray: 7cfbc4ccfcdb9fbf-SIN
alt-svc: h3=":443"; ma=86400
content-length: 162

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/ 350 KB
118 KB 47ms
34ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8367258519230759

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec8d308f5ce93300a243c7b4ffe03afa93451f7720f0ba555fbaeef04ff41b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120483
x-xss-protection: 0
server: cafe
etag: 2003879679575153783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20190131/ Frame 0F39 10 KB
5 KB 16ms
5ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8367258519230759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 24691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 19:34:21 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 19:34:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 380 B
515 B 707ms
233ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3492672&@f16&@g1&@h1&@i1&@j1685499952169&@k0&@l1&@mBlog%20Of%20Gaming%20%E2%80%93%20Gaming%20All%20Day&@n0&@ohttps%3A%2F%2Fto.aoutoqw.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-135888543&@b3:1685499952&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Faoutoqw.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: 51ef5ea4a8be774259f1b60d2fce6fec0214377e4f156f117f2660c0846979d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 31 May 2023 02:25:52 GMT
Connection: close
Content-Length: 380
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
467 B 13ms
6ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=aoutoqw.xyz&callback=_gfp_s_&client=ca-pub-8367258519230759

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49824b00be872333e1af6b905f7b779c18669a94971f8a727ce5c02576e550ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 19ms
6ms Script
application/javascript 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 17ms
5ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23FA 515 KB
90 KB 563ms
562ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&adk=1812271804&adf=3025194257&lmt=1685499952&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Faoutoqw.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952134&bpp=7&bdt=168&idt=76&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8402737208904&frm=20&pv=2&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=98

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2defa374df631753464c1b57563b46362f9b58b0c6c708108667a538a82c765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 92386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:52 GMT
expires: Wed, 31 May 2023 02:25:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67E4 103 KB
36 KB 431ms
431ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952141&bpp=2&bdt=175&idt=94&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=43oERrNulS&p=https%3A//aoutoqw.xyz&dtd=98

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc11afd0550251d7607a68aa49df8f1202417ba238815891a5769320f689b041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:52 GMT
expires: Wed, 31 May 2023 02:25:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 67E4 8 KB
4 KB 15ms
4ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952141&bpp=2&bdt=175&idt=94&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=43oERrNulS&p=https%3A//aoutoqw.xyz&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 09:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 09:31:10 GMT

GET
H2 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 67E4 9 KB
4 KB 16ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 20:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 20:08:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 67E4 14 KB
1 KB 8ms
7ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:14:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 02:25:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 67E4 2 KB
973 B 6ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 67E4 22 KB
9 KB 8ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 67E4 3 KB
1 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 67E4 19 KB
8 KB 15ms
3ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67E4 171 KB
53 KB 2462ms
2456ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:55 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 67E4 32 KB
13 KB 9ms
7ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 67E4 0
0 58ms
58ms Fetch
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcGmEMLB2ZK39D86Q1Abv4p6YDsvpxNlw5MyMxpERnriItoMDEAEgm_KzHmC_BaABh_qxiynIAQGoAwHIA8sEqgTCAU_QgErAU9NWR7b8wiJMV3mFYkDesAQJ9BcugccrATqVa-3WcagAO2MLJYKK86jNzOavJvfYzYjTOQtkqxqeEnUCqBBkFozN7A7ourU3ByAG1HR83bZ5fmHEfHDvzC3TLncUvNCVkTvnxBLnsczftiej3YMdTwl7nwzfVYPNW-cK3fwDG_0qi0AMZlKpyyK54tu2p0VHr3qwshFmxoxEXGi82OAlKVA5Z9BaRZx0zDDSpdnKQZHeLYOzAQBmbj61ojoswATjr6SosgSSBQQIBBgBkgUECAUYBIAHh7KC6wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDRqwLSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MzY3MjU4NTE5MjMwNzU5GAA&sigh=SdkcaDRNQTQ&uach_m=[UACH]&cid=CAQSGwBygQiDUJxKtMdMAAD4drobq1APpxghA-bc8hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952141&bpp=2&bdt=175&idt=94&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=43oERrNulS&p=https%3A//aoutoqw.xyz&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 May 2023 02:25:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 May 2023 02:25:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3FDC 143 B
166 B 4ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952141&bpp=2&bdt=175&idt=94&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=43oERrNulS&p=https%3A//aoutoqw.xyz&dtd=98
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 67E4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06781608ab5273cdf8d70b29783b9f963e90f45caa64e92d6c970fa1fe81b0f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3FDC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:52 GMT
expires: Wed, 31 May 2023 02:25:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/ 152 KB
52 KB 17ms
17ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

196246e8793ffe1c85a9cf70004cdd44ed33037e17bb23b6d61505ae9b9dc88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52763
x-xss-protection: 0
server: cafe
etag: 10059767566605223379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:52 GMT

GET
H2 200 ca-pub-8367258519230759 Show response
fundingchoicesmessages.google.com/i/ 133 KB
46 KB 51ms
28ms Script
application/javascript 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8367258519230759?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46a9233391833002c8cface4e8c90826cf4fdec453b498556646f803563a3e8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NbiCQcspwb4ZjVqlTSZdDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-NbiCQcspwb4ZjVqlTSZdDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 500 /
e.dtscout.com/e/ 0
0 501ms
478ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Faoutoqw.xyz%2F&j=https%3A%2F%2Fto.aoutoqw.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3492672&@f16&@g1&@h1&@i1&@j1685499952169&@k0&@l1&@mBlog%20Of%20Gaming%20%E2%80%93%20Gaming%20All%20Day&@n0&@ohttps%3A%2F%2Fto.aoutoqw.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-135888543&@b3:1685499952&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Faoutoqw.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBqDnazX4GNVfIpR3vT1EAH5Ca8jndqNPTOeYEUv4bZ0KA2byHB%2BMcTJ094ChDLEMMt6omx4ue%2FQZx2InmyVr1hZbzUYdPJIs1miGN3cxK4qFg4yBMdLd%2BV%2Feb1PWiLq4x9RTnpIiVBeQ3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-s: mtl1
cf-ray: 7cfbc4d1d9b23dfb-SIN

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 10ms
8ms Script
application/javascript 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 7ms
6ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B90 436 B
232 B 214ms
214ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.3807239147~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bbDTdxf2Cf&p=https%3A//aoutoqw.xyz&dtd=42

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383e5f84d063b2e92441279d49982cb7b6fa04a177f2b19feb879bf16136c7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6D7 436 B
231 B 227ms
226ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1034840246~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NVtHV1lEkP&p=https%3A//aoutoqw.xyz&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80c969ca2ab344bfbd6207b19683a316009b9ac169bb04dedad45ae0bae757ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEA9 436 B
230 B 186ms
186ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=4070374814&adf=3001769797&pi=t.aa~a.2421250157~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685499952&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=NAVw27x6T9&p=https%3A//aoutoqw.xyz&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7e07ea646cd4c7c7f4b4a887a263ed78cafc0caaf1fbd887c426cbb742fc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EDD1 436 B
233 B 217ms
216ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=163&adk=2243460501&adf=3434840839&pi=t.aa~a.548476622~rp.4&w=831&lmt=1685499952&nsk=a860b106&rafmt=11&pwprc=4844043208&ad_type=text_image&format=831x163&url=https%3A%2F%2Faoutoqw.xyz%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685499952894&bpp=1&bdt=928&idt=1&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc89691cd62094b86-22e435628fe1007b%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ&gpic=UID%3D00000c40e6be7b7c%3AT%3D1685499952%3ART%3D1685499952%3AS%3DALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=8402737208904&frm=20&pv=1&ga_vid=814134476.1685499952&ga_sid=1685499952&ga_hid=1587707448&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C44785294%2C44788441%2C44792645%2C44789817&oid=2&psts=ABHeCvhZiKEnFVxK0MVjB8GS09LbG24JFXlZdyATCKethPGtlygxi-tk-ySNEo0eaLnZRApPuPhPeWiIFr7zmmauMYaaSruA&pvsid=820076308497203&tmod=1026180251&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=i0ahq7lStE&p=https%3A//aoutoqw.xyz&dtd=94

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ed7dc42c727f2fc2d0eefdb03f1193f68ad9fba210cde2cfca622ee57af1038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVVBKTcpkAV4t-0t3LXEl7mhP1hq516cmWxDDQfwXZ_mIHYENcJfAq53ArpUVCtxUHtOXm-76CDD1pbeEBh9JM= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 45ms
44ms Script
application/javascript 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVVBKTcpkAV4t-0t3LXEl7mhP1hq516cmWxDDQfwXZ_mIHYENcJfAq53ArpUVCtxUHtOXm-76CDD1pbeEBh9JM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NDk5OTUyLDk5MjAwMDAwMF0sIkVDRTNDMDQ1LTM4RjEtNDU3Ri05QkMxLTIwN0UwQTFBMzlGMCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vYW91dG9xdy54eXovIixudWxsLFtbOCwiZkpYMzVXWURWMkkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzFdXV0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.fJX35WYDV2I.es5.O/d=1/rs=AJlcJMxY9Ym35Pk_cZDaZFcQHHlrbnICag/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa96805d810f32143ecdedd397ac629f0df0bf4858a151c82f4ad6ae5feaefc3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CzWq5Ag-YFBDAmiM4Pv4Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-CzWq5Ag-YFBDAmiM4Pv4Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame DA03 10 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 8760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame 1EFB 10 KB
4 KB 5ms
5ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 8760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame C306 10 KB
4 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 8760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame 3802 10 KB
4 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 8760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame DA03 4 KB
671 B 7ms
7ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 02:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:15:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 02:25:53 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA03 205 B
229 B 7ms
6ms Image
image/png 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 07:22:22 GMT
x-content-type-options: nosniff
age: 327811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 May 2024 07:22:22 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DA03 604 B
628 B 7ms
6ms Image
image/png 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:10:14 GMT
x-content-type-options: nosniff
age: 54939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 May 2024 11:10:14 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/elements/html/ Frame DA03 20 KB
8 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 04:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 04:23:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 1EFB 2 KB
892 B 7ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 1EFB 22 KB
9 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5CFA 143 B
166 B 9ms
8ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 1EFB 3 KB
1 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 1EFB 19 KB
8 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EFB 171 KB
53 KB 2015ms
2014ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:55 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 1EFB 32 KB
13 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame C306 2 KB
892 B 4ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame C306 22 KB
9 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame C306 3 KB
1 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame C306 19 KB
8 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C306 171 KB
53 KB 1993ms
1992ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:55 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame C306 32 KB
13 KB 11ms
10ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 3802 8 KB
4 KB 14ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 09:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 09:31:10 GMT

GET
H3 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 3802 9 KB
4 KB 22ms
13ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 20:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 20:08:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3802 14 KB
1 KB 23ms
14ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 02:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 02:24:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 02:25:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 3802 2 KB
892 B 18ms
9ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 3802 22 KB
9 KB 20ms
11ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 3802 3 KB
1 KB 19ms
10ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 3802 19 KB
8 KB 17ms
9ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3802 171 KB
53 KB 1989ms
1980ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:55 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 3802 32 KB
13 KB 20ms
12ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8086 14 KB
1 KB 7ms
7ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 02:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 00:45:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 02:25:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 8086 2 KB
892 B 5ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 8086 22 KB
9 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61B5 143 B
166 B 10ms
7ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 8086 3 KB
1 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 8086 19 KB
8 KB 10ms
7ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8086 171 KB
53 KB 1950ms
1945ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 02:25:55 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 8086 32 KB
13 KB 11ms
8ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5CFA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

8ms
7ms

Document
text/html

2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
expires: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11298430646273164980/ Frame 3802 706 B
733 B 5ms
5ms Image
image/png 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11298430646273164980/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873041e459a5fe26b40908b7750f4d035e53b43cda18bc9d6501be26dd67acaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:28:30 GMT
x-content-type-options: nosniff
age: 565043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
x-xss-protection: 0
last-modified: Wed, 24 May 2023 05:06:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 May 2024 13:28:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3802 0
0 54ms
53ms Fetch
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C064BMLB2ZNfeD62WssUPvL61wAXO3Z7tcJ3unYelEbfpor3AARABIJvysx5ggQSgAZ6iqZopyAEBqQKiS9Dlh0WSPqgDAaoExgFP0LYmmRdyEavMaT5UYSgxRBv4ChT_hHU2h_ARvd1sQP0H1YOugIcRP2-814xSPZ4hjR9w7aAtV8nCoP6CTihY1mVc-dQ5UNEMA25ONGBa2oRakLWtIx0dL9_dDjyahW6F-s_I8BlDvkO2eYBsLzxz3xf9VoISPnAbRc8mN6cWcFEU1pUI4zrWWhi96VofpMroEQZTgKg-VLQhd0ULdAYtnzm1IpMogpFPIneBFoKzDW_DZJUma5BfNxBb3EEcYWTdblLeKcbABLOl2Yi4BIAHntr5-QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMDiBQB0BUBgBcBshccChoIABIUcHViLTgzNjcyNTg1MTkyMzA3NTkYAA&sigh=J23C5M_4N9w&uach_m=[UACH]&cid=CAQSGwBygQiDQJEz1eyZJb4sn647hsXF8RAsLHo5AhgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 May 2023 02:25:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E0B 143 B
166 B 4ms
4ms Document
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3802 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8103d17278d2d38ab60437ec9757037579f4ec00bb7e933f7d13cecc3657f1e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61B5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
expires: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E0B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

6ms
5ms

Document
text/html

2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
expires: Wed, 31 May 2023 02:25:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 18ms
17ms Image
image/gif 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.6231319141463794

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-7KFojg9FMG4u_0cSMJfSPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-7KFojg9FMG4u_0cSMJfSPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 17ms
16ms Image
image/gif 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.439324468331536

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0oM-ZEwZVX3vYLbGommTWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0oM-ZEwZVX3vYLbGommTWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
16ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nHi_LmPsQUqzbexJd9rHjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nHi_LmPsQUqzbexJd9rHjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adlayer.-text-ads. Show response
fundingchoicesmessages.google.com/f/AGSKWxW1-Xpp-XY24yWeaZrg7kLVV2NXegUJCJU33LwUCeJgycBCMXA5c84IkAMJB0Yu71W2G5TBbfnLTnoIk5V_8OpcpH5eYFIMVXF5P6KG1sJJBuMfmCDODGuoz4oIaoqv7YSXTZO7Kk0hHvlbC3jh0cGBrJGQa... 54 B
109 B 25ms
24ms Script
application/javascript 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1-Xpp-XY24yWeaZrg7kLVV2NXegUJCJU33LwUCeJgycBCMXA5c84IkAMJB0Yu71W2G5TBbfnLTnoIk5V_8OpcpH5eYFIMVXF5P6KG1sJJBuMfmCDODGuoz4oIaoqv7YSXTZO7Kk0hHvlbC3jh0cGBrJGQa9pnFAVZGTNXq2zqf0QWanoAVuhd4vYT/_/AD-970x90./SWMAdPlayer./onead_/adlayer.-text-ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.fJX35WYDV2I.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxY9Ym35Pk_cZDaZFcQHHlrbnICag/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cd54ec9246c1980805c95bacb2a08eccb6e676a0031061e8652e7b80762f923

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wNcWbll3jJQ_Zh8fnhIQnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wNcWbll3jJQ_Zh8fnhIQnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 82 KB
29 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.fJX35WYDV2I.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxY9Ym35Pk_cZDaZFcQHHlrbnICag/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf721be34aa2ed39022a363f04dfb42c0719360b070aaaefb3de3ac66f41089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 01:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29755
x-xss-protection: 0
server: cafe
etag: 4723517972970122564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 02:49:44 GMT

POST
H3 204 AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 14ms
14ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MrIl5qJ0IS3Piayqv9NyBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MrIl5qJ0IS3Piayqv9NyBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 15ms
15ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6GQlxCCK2s70EatZVHmbjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6GQlxCCK2s70EatZVHmbjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 18ms
17ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6qYRxOSHjBAvjcNu_hPRtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-6qYRxOSHjBAvjcNu_hPRtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 17ms
17ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkA0OnqhJl60LRMqVW7j6Ny88jyqsMS0XUzEN0XYAJyO2_2rxLYSL5oU6UxseY_HSxzW42t5BAZ5B6iNhQIGNHm0Y4YKKHxfytxCJLnJxiXIISmGoVEBTWz_LEyqM7QbR7HwJ9AQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VUaSXwvxrnPTfa3oNL7ixQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-VUaSXwvxrnPTfa3oNL7ixQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXiB9uaFhUFkDjYfqhd72q5BoLGn0KQPXmHopTuZUzal3r2kzBgCQ3rInnw7GfL8hmzCJWaehM0xaQLCae_v_7zBUe_HpYYjdkgre12At4NkXyTqJ-OBi4CptMvoA-nCFhWqtvcNg== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 24ms
24ms Script
application/javascript 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXiB9uaFhUFkDjYfqhd72q5BoLGn0KQPXmHopTuZUzal3r2kzBgCQ3rInnw7GfL8hmzCJWaehM0xaQLCae_v_7zBUe_HpYYjdkgre12At4NkXyTqJ-OBi4CptMvoA-nCFhWqtvcNg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NDk5OTU0LDgzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYW91dG9xdy54eXovIixudWxsLFtbOCwiZkpYMzVXWURWMkkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzFdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dbd3ee49c1cf95e49349b114be92148f82d318382fe3988f64efa8e03bf3f07

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8daqRz_6Lt70M7w6BSlf-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8daqRz_6Lt70M7w6BSlf-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW5EpEED5VLSg69j5J1smBGNPAqmGLW4iOqEhW_3VPSyMks_dZ_d53RD7_bi9KFltoTPk6LaPhD8Of4R9a-MnU= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 20ms
19ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5EpEED5VLSg69j5J1smBGNPAqmGLW4iOqEhW_3VPSyMks_dZ_d53RD7_bi9KFltoTPk6LaPhD8Of4R9a-MnU=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YY1DLrn7wv1bTTsdRYulhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YY1DLrn7wv1bTTsdRYulhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWMH7KO4IQm3QB5dv144FmhX8bSnIYz5Uw4RbeFkVOmToLV75ZpdD0gJOAdJZ2rts4ImuHQDOGvxTdSrCS73dNFs0yN0h6GT0XlMhTY5bvR6FmAB-isY-gIWykLhjJI14b3z0bP-A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 36ms
35ms Script
application/javascript 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWMH7KO4IQm3QB5dv144FmhX8bSnIYz5Uw4RbeFkVOmToLV75ZpdD0gJOAdJZ2rts4ImuHQDOGvxTdSrCS73dNFs0yN0h6GT0XlMhTY5bvR6FmAB-isY-gIWykLhjJI14b3z0bP-A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NDk5OTU0LDg2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYW91dG9xdy54eXovIixudWxsLFtbOCwiZkpYMzVXWURWMkkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzFdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79ba1cd30053524c3e8ac34b7ac3d00844717b6c73ea82102eed9fcbe4610179

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7YODTxh8C2YUmmvf5mjhaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7YODTxh8C2YUmmvf5mjhaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVOTq3jMgSCSLvsCOjR2Adm9TEzEeK8azXf1VXkyR2hloSt2fX7FpeY5nLGaFoy57YpcgXb3zSRBJ8ieNFpb4x-cs_amSnF2cCntFzptLpbCUOZKglymLbYqj2dZRAnHvOQ23Ykjw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 28ms
28ms Script
application/javascript 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOTq3jMgSCSLvsCOjR2Adm9TEzEeK8azXf1VXkyR2hloSt2fX7FpeY5nLGaFoy57YpcgXb3zSRBJ8ieNFpb4x-cs_amSnF2cCntFzptLpbCUOZKglymLbYqj2dZRAnHvOQ23Ykjw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NDk5OTU0LDkwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hb3V0b3F3Lnh5ei8iLG51bGwsW1s4LCJmSlgzNVdZRFYySSJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMV1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f232f6d009bae65ac757b604e12499eac97e50d73cb1088e487b1f5ccf82efe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ummg3VSbjqhG8mY1QImGbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ummg3VSbjqhG8mY1QImGbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWTg6K0rB0T110KJoG2DGuDnIRkOJsqjsjJ-tnHAVMSsDfAuUcpDLVHnJNForgYoM9RKjBRozzR8UaU4-wE0RzCPiHcSA5BsW6pTLpauTWdemkMIwKlR-oQH6-t5neK2poMhuZ_ZA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 14ms
14ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWTg6K0rB0T110KJoG2DGuDnIRkOJsqjsjJ-tnHAVMSsDfAuUcpDLVHnJNForgYoM9RKjBRozzR8UaU4-wE0RzCPiHcSA5BsW6pTLpauTWdemkMIwKlR-oQH6-t5neK2poMhuZ_ZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T60PNwohSfqGhrciHyhOVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-T60PNwohSfqGhrciHyhOVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW5EpEED5VLSg69j5J1smBGNPAqmGLW4iOqEhW_3VPSyMks_dZ_d53RD7_bi9KFltoTPk6LaPhD8Of4R9a-MnU= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 17ms
17ms XHR
text/html 2404:6800:4003:c00::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5EpEED5VLSg69j5J1smBGNPAqmGLW4iOqEhW_3VPSyMks_dZ_d53RD7_bi9KFltoTPk6LaPhD8Of4R9a-MnU=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SlVY1Mj-2B2k7PgqVayedQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 02:25:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-SlVY1Mj-2B2k7PgqVayedQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 67E4 33 KB
33 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 23:16:32 GMT
x-content-type-options: nosniff
age: 11363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 23:16:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 14ms
14ms XHR
application/json 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230525&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3563bc6633f7d8d7dedcc5302a3ef338fd039986a75ca2903c0d760fd0daa38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11280
x-xss-protection: 0

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 975E 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: to.aoutoqw.xyz
URL: https://to.aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 22:08:55 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 0240 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 22:08:55 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 815E 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: to.aoutoqw.xyz
URL: https://to.aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 22:08:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 May 2023 02:25:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3304 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 180470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 00:18:05 GMT
expires: Tue, 28 May 2024 00:18:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6C99 783 B
535 B 8ms
7ms Document
text/html 2404:6800:4003:c04::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::67 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1027243c665007223d596a26aa49238c4b873b62c651b58c6072e435ca557c93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHWvM9SvMwQ7SX2IhcdAjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kHWvM9SvMwQ7SX2IhcdAjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:25:55 GMT
expires: Wed, 31 May 2023 02:25:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C99 0
0 49ms
49ms Image
text/html 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230525&jk=820076308497203&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 3304 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 22:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 May 2024 22:08:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3304 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Bm6qqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:25:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230525&jk=820076308497203&bg=!EBOlE0fNAAZu7ficTu07ADkAdvg8Wl4SG9cqAxER3VQTOhGdPFHbv4LLhIlka-O1EtrWsn9SsoEXbWcGL8tlmDATlQt0C9yWl9cCAAAARVIAAAADaAEHCgCTlCGVcCdoFIOngfXLVnhgUw59tNfk7oRVdoCWXptkClZJf3c7RX3fEs2QAxZC2oOHAYxLJB58GmmbbOraqD6YI-_YNP65se0EC5kcT54A2EcZ1c58scR018kaagsCMOKj5sWs6Cb3BCfcNWkIGsMVyzoGCKkwIESgv3AtgEDQKzc1WQBK9hcofmJP1mWjW-fKuPErmQKsQOs1v8eKcGHUjQ-7k2COA-ZqGuOKxfvGhv_AXCrZNuQ9aT7-lnVDpfyS8aL8sh6MfMAGE4KooqN6dSZ4IS_rDYL19WeQ6FEyKLVbXXlbbCl_mfOVRDVEncWtu2ZF271QhSl9nHB_wJAtiS6iiRID5n6S1QsSv7x6bAuUuOD1hvqdBrhjpvNeiPvlFy-W3RDGzTq47wf6D0-lYnXaIL-nZr6XoVKqkqZql0RnlwkDsUv9017RL8kEtKILV-kNBH14rZauZ4fMisXTYj68TeyfyrDCMi-9J5-tB6QOMbNX0udfVWyhtseyP_Us1n4oWJoddfmsXX-AdhKDDfBGYT_Ymq2gA1TV6qb8Z_KtaEehQMK3S2WuJPUXSrJawcarH34AyrGJJMVxpnfm68gPEuquQb-4hFaW4MeLUXy4uDn_AMtwkOXdPdj7JB3HeOMEuRx1x7wTLz6mQ8oEKVxhaI3Lz2evPBgbXCsAuiUrQNfHNMdL14y5LETRiquGd59gxpPncUUQmvfx2Zn8qWrZCQrNUQQ2an7mGt1f_968WnlqF3zbqHApqwnBSq44itcSPzUAbFlyJm3hFWhE1g0PZ5B3T5vA7y6OtBDtUknwJ-A-PEG5aLS7D6Go-1eS4GiKtgTpmMV51e-wf724Kayoxa2r0LzgUGlc5n2SV15SlpPAvpHjx7c5R2pyhnx3JFSef8jZGV5Dg57a8SclT975h27YD5jX_Ldm0h1N_Ttn-GIwZRYMhbxLwNUWNUlZ4lLwMFSsatC4JxB9APq8BPE2CSMHpCVajhSs-tYEcoEmWqRrqyvZrLiQaDm2ibRpH4v9t6CEIrC2jWcV0r_MRrfkP8daS_eoZNG9Xb_RqEqe-BbhiWUAMqbuzSkufruwwQx5_Gtl_Dv2p-Klk68J7Rai
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 67E4 42 B
64 B 51ms
50ms Fetch
image/gif 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDXgfph-FFnFRHelflFbz93gwvuon7wYaVxOex4aBsLjyAL0rnDQ2J5MJXEDE1YdA0ttmA-p9MK2vP7MEMyz0yPYJdK_e-_OL2ouppI4xhB26vlIIQOZalCvDWZiAmo-AK5no&sai=AMfl-YSNjcXZXM6pZvdL_OyOEtAzIf9zlQe7CyTbnMaiM9zCA9NbzaF1iKOYGo3jL-P2A5dpKoYlgqBRtZxY&sig=Cg0ArKJSzPAbx3eIeXlLEAE&cid=CAQSGwBygQiDUJxKtMdMAAD4drobq1APpxghA-bc8hgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685499952240&rpt=3054&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 02:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3802 42 B
64 B 51ms
51ms Fetch
image/gif 2404:6800:4003:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT14Ff5GGdndxIlKhndeXup-zrVjrvVj8rQcuqbq4qWtbLUEgdlHF51XPenDzko9TPgnxKtXpMhdY5vNfEiQfCYeQcbpuC-ElnXADbvF6tq9tD64na1tRwXr_TNEmguTV5KZEhOvR68jXAjTO_-2LZPQU60Oa3jDZ6Pk5JzS74m-eL4jSLuvWjxhw9RzOorP7ZZKhtV0rhJPHvDlKEUji2At8BIMeBxhN4xvKtFjpBN9FzLWvUFwiEfmOP_x47r1giLiH2cxpMrtncnZeAoePLI1gqEPZQBkHK74Bdvdv30MTUR1daZtwpfYPCVsOSaETOwaoQBloLW0m7awW42gjl8CTSMoEqfe68Su6XAs2d-SQcSuhLQjbkvkrv6wDvWvFGQRjzoPXXUJ2P9RXfl1BKf5-8A0Ph_htOLyTyG5YNVeIkthwEVAV4OJmrbfwu91mTrIBoy8_MU6E429AC0eAI89uQ0eJvROoH6IV-oQD5IcmClRGOubLsK3-llclNL5Ca-0rwiaQ3Gj_agaXwohsCRTPmtdBBWFcJX2Tm-cMZbC4iSqQVvZrPboSlFCBYAh4fF6B6BmW3lIe7y6wTmLKcqX58Dss-yRvyz6tWmZC5AFELehsT8RxtTygV3xrKSW_wSQe-ezWd3nJlUsdoFxKTO-fkKe_NDZQpcWbOL3KXpiDj5M5Yn36-UcAfOBHYBX8fQB3xw-icibHV774SG7CgQpRFzzLZQp39H55O0FkkJiCQRpbsEd0RXh-YCSf3aAPGrmj29dDT_iOgH8YetB3ZPERpqq_nZ_Op99Pwe8U74YH0OpetX1DrnCHL66wtWgM0wC8zfbSXcjMpHl9KxQUMEN8rw3knvnVXeBQ2b4NxnJpWePBaWPwctS0bivjIp-zp7Ve51d159jiyGq6QR0s5gk-9VAUmSPcQxvH2&sai=AMfl-YQUwi6DE4UTdE10wDzfTNIRrP16aMlI-lHzK7qw1gk1ON1lIvqaPmjalx-qvepbtyeUkSMYtk0LBaTFHk6Qm85j6yUyIlysSw&sig=Cg0ArKJSzAw1x98XkMTyEAE&cid=CAQSGwBygQiDQJEz1eyZJb4sn647hsXF8RAsLHo5AhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685499953079&rpt=2235&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 02:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstCfa3492672 Value: 1685499952169
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstCla3492672 Value: 1685499952169
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstCmu3492672 Value: 1685499952169
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstPn3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstPt3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstCnv3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:15	Name: HstCns3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:15	Name: c_ref_3492672 Value: https%3A%2F%2Fto.aoutoqw.xyz%2F
.aoutoqw.xyz/	1970-01-20 21:33:15	Name: __gads Value: ID=c89691cd62094b86-22e435628fe1007b:T=1685499952:RT=1685499952:S=ALNI_MatrxFWxm7eE4MFUKiRMZeCbfLZSQ
.aoutoqw.xyz/	1970-01-20 21:33:15	Name: __gpi Value: UID=00000c40e6be7b7c:T=1685499952:RT=1685499952:S=ALNI_MYQEBl5394RdjjcAEHxsdoTCdRnKg
.doubleclick.net/	1970-01-20 12:11:43	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:47:39	Name: IDE Value: AHWqTUma3HrGAwKE5wmNr406XaYAxkW3kGHB14ecEvH09C75Jfskdeg8YNBB0_WoaW4
.doubleclick.net/	1970-01-20 12:11:40	Name: test_cookie Value: CheckForPermission
.aoutoqw.xyz/	1970-01-20 20:57:15	Name: FCNEC Value: %5B%5B%22AKsRol8oVPYd_WwXA2eJyxz0nWy3tPVjapjQwq8ytAH8g-rCwdhET-q3b-0_0OLcsTJ6OZuQ6PrtRw0iNWAXIM1v-ap30VO1DleRzVqkRVqX_OsseLBTNw4UpI1fPp7EPqYQQGWRuleFRtTVBQ-6M8fGtmXj5oIWUQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Faoutoqw.xyz%2F&j=https%3A%2F%2Fto.aoutoqw.xyz%2F Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.sg
aoutoqw.xyz
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
sovrn.com
to.aoutoqw.xyz
tpc.googlesyndication.com
www.aoutoqw.xyz
www.google.com
www.googletagservices.com
www.gstatic.com
www.sovrn.com
128.199.64.249
141.193.213.11
165.22.98.83
2404:6800:4003:c00::5e
2404:6800:4003:c00::5f
2404:6800:4003:c00::8a
2404:6800:4003:c00::9a
2404:6800:4003:c03::9a
2404:6800:4003:c03::9c
2404:6800:4003:c04::5e
2404:6800:4003:c04::67
2404:6800:4003:c04::84
2404:6800:4003:c06::9b
2606:4700:10::ac43:d8c
2606:4700:21::8d65:780b
54.39.156.32
00f2acadff16c4093222e289271ae495967d00292465555552204c8c8d585d42
050519d788fb03adda7a974b3c9aed95057b6f6fd112fd51612101e54920f18e
06781608ab5273cdf8d70b29783b9f963e90f45caa64e92d6c970fa1fe81b0f3
1027243c665007223d596a26aa49238c4b873b62c651b58c6072e435ca557c93
1263fbb776fcfc5cc95f29706f6ffea118842170264affb1aaa4ec7f19d6f5b6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196246e8793ffe1c85a9cf70004cdd44ed33037e17bb23b6d61505ae9b9dc88a
1f232f6d009bae65ac757b604e12499eac97e50d73cb1088e487b1f5ccf82efe
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2cd54ec9246c1980805c95bacb2a08eccb6e676a0031061e8652e7b80762f923
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3195a4101fcf03bde59de0d68edd297c08153eb6ef7a39f4019d577779e3ecba
383e5f84d063b2e92441279d49982cb7b6fa04a177f2b19feb879bf16136c7d3
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
440267acc23dbf11d1f4aafa2b05af63818b829400743bea39fc836b8b7bbf25
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
46a9233391833002c8cface4e8c90826cf4fdec453b498556646f803563a3e8a
49824b00be872333e1af6b905f7b779c18669a94971f8a727ce5c02576e550ea
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51ef5ea4a8be774259f1b60d2fce6fec0214377e4f156f117f2660c0846979d7
53fc7fd09ae7c2d3a4b82f55627e484aa78015c1b51e3f4f499398eb889187fb
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5afa6c4c7a1250f1f6598fa68b4cfed77d0875b0c2d66ecfd5bd4dac3a75808e
5c1b262223e139980ed78ec64d386e924f6033d8871fdba0a93f10e79ee3c244
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ed7dc42c727f2fc2d0eefdb03f1193f68ad9fba210cde2cfca622ee57af1038
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6ca2642ac9f2c0e3b43e177c7d26fa2f14370d866ffed9681c2a703a4de728c2
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
79ba1cd30053524c3e8ac34b7ac3d00844717b6c73ea82102eed9fcbe4610179
7dbd3ee49c1cf95e49349b114be92148f82d318382fe3988f64efa8e03bf3f07
80045f756b5847eaad803d8e450b12111dc75199b34e0ecc466782914bd8bc9e
80c969ca2ab344bfbd6207b19683a316009b9ac169bb04dedad45ae0bae757ca
8103d17278d2d38ab60437ec9757037579f4ec00bb7e933f7d13cecc3657f1e3
873041e459a5fe26b40908b7750f4d035e53b43cda18bc9d6501be26dd67acaf
88494fea1985db1d61143f315a980782abef6bb394222593998285d027d836ae
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8dcfba4a28225c8746c26ef28776e25c1268ed730f9a187cb95bf198e4ed3a68
8fc047db1be8c33d8105711394f78c78580fccd69c77d57a276a4fa6f29ec589
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a2defa374df631753464c1b57563b46362f9b58b0c6c708108667a538a82c765
a4549c734916f4ef3a0d6a0bac9423f9dc5a945f1e800d206dcab8ea61c2528b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7705dec66f49a523f90ddfdcb46db34f4694f1fd583321e022ec6909d503e61
aa96805d810f32143ecdedd397ac629f0df0bf4858a151c82f4ad6ae5feaefc3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
adf721be34aa2ed39022a363f04dfb42c0719360b070aaaefb3de3ac66f41089
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bced9f7acd03baf8e91d56ef78984eb72db91c1b26e625c0e2e2ee47da8ff144
c934fba7a96ca2441e6cf3f7ff924767f341b8b8927e3ed1bd7f40e827ab7551
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
dc11afd0550251d7607a68aa49df8f1202417ba238815891a5769320f689b041
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3563bc6633f7d8d7dedcc5302a3ef338fd039986a75ca2903c0d760fd0daa38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec8d308f5ce93300a243c7b4ffe03afa93451f7720f0ba555fbaeef04ff41b94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb7e07ea646cd4c7c7f4b4a887a263ed78cafc0caaf1fbd887c426cbb742fc0a
ff4f3571778efcd6f1028d0261211eedfa39e0b513c350f1f80d5d4c28e8b2e9

aoutoqw.xyz Open in urlscan Pro 165.22.98.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

99 %HTTPS

75 %IPv6

12 Domains

20 Subdomains

17 IPs

3 Countries

1668 kBTransfer

4662 kBSize

14 Cookies

20 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aoutoqw.xyz Open in urlscan Pro
165.22.98.83 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

99 %
HTTPS

75 %
IPv6

12
Domains

20
Subdomains

17
IPs

3
Countries

1668 kB
Transfer

4662 kB
Size

14
Cookies

133 HTTP transactions
2 data transactions