urlscan.io logo urlscan.io
SecurityTrails logo

www.3domains.net
107.154.168.215 

Go To Rescan Add Verdict Report
Submitted URL: http://nets.hk/
Effective URL: http://www.3domains.net/hk/index.php
Submission: On September 20 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 53 HTTP transactions. The main IP is 107.154.168.215, located in United States and belongs to INCAPSULA, US. The main domain is www.3domains.net.
This is the only time www.3domains.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    107.154.168.215 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.168.215.ip.incapdns.net
nets.hk
www.3domains.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    172.67.199.120 (United States)

ASN13335 (CLOUDFLARENET, US)
cubichost.net
3    2404:6800:4003:c11::8b (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2404:6800:4003:c05::9d (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2404:6800:4003:c0f::9d (Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4003:c00::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4003:c1c::9b (Singapore)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2404:6800:4003:c06::84 (Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
www.googleadservices.com
2    74.125.200.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f148.1e100.net
ad.doubleclick.net
1    2404:6800:4003:c01::63 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
271 KB
16 3domains.net
www.3domains.net
251 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
ad.doubleclick.net — Cisco Umbrella Rank: 180
47 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
www.googleadservices.com — Cisco Umbrella Rank: 178
600 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
82 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
37 KB
2 cubichost.net
cubichost.net
18 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
81 KB
1 nets.hk
nets.hk
108 B
53 13
Domain Requested by
16 www.3domains.net 1 redirects www.3domains.net
cdn.jsdelivr.net
9 pagead2.googlesyndication.com cubichost.net
pagead2.googlesyndication.com
www.3domains.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
3 www.google-analytics.com www.3domains.net
www.google-analytics.com
www.googletagmanager.com
3 cdn.jsdelivr.net 1 redirects www.3domains.net
2 ad.doubleclick.net 1 redirects www.3domains.net
2 www.googleadservices.com www.3domains.net
2 cubichost.net www.3domains.net
1 www.google.com tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 nets.hk 1 redirects
53 18
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://www.3domains.net/hk/index.php
Frame ID: 188D57C1791BA36B45BBBFF2AED873BF
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: A26787E7C0A91159033097E9CADEBCD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&adk=769381493&adf=1569964852&lmt=1695150520&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695179320632&bpp=3&bdt=1415&idt=85&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1771518330729&frm=20&pv=2&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=105
Frame ID: A9457603AAAE2536D87971F24C8C3D3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Frame ID: 6F37678DB7F5DA10EFDB85B364715D82
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Frame ID: 6E11FADB6384CAB85104193A600CE719
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 192A2C7C53E2F608E116DA83B26E1DBF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5798BFE7AA316C7514F1A5D0634F138
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nets.hk/ HTTP 301
    http://www.3domains.net/ HTTP 302
    http://www.3domains.net/hk/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <[^>]*data-headjs-load
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

53
Requests

58 %
HTTPS

76 %
IPv6

13
Domains

18
Subdomains

17
IPs

2
Countries

866 kB
Transfer

2100 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nets.hk/ HTTP 301
    http://www.3domains.net/ HTTP 302
    http://www.3domains.net/hk/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js HTTP 301
  • https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Request Chain 11
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 39
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C4VPHOGIKZfvfLoKmoQOsn66IDr_m--dy49vg0dERucHVvbAwEAEgyMnbIWC_BaAB3LOA_gPIAQmoAwHIA8sEqgTYAU_Q6G1Rxe-VWBXkzp8d9J9VBX25Rz4E7WOkbOMEvycVp_-472wggrfV47G7xynuPntiBbBn_SCUaik8cTt5-DKGFeZHybTbxzd7U3YRqzBjIIN8DjVGSWq_ZO1FICcjH7lWMAmO03unaxkeIUWNQ-3Dap9qX4VAUjOmtsVjzciJ9k6i5F6i00lWVV3rONmFBcdB9aBh4hyTIK3Sum4RKfVVvekpy69sgCTxREHXFRZoPsPecCLxMAxrH7rVddyekSp19cLxCGnAdH-5dfJakIXVToYrqdhWkMAEjoiz4_oDiAWP4eXmQJIFBAgEGAGSBQQIBRgEoAYugAfdha2xAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENWkEtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgk9aHR0cHM6Ly90dy5nb2RhZGR5LmNvbS93ZWItc2VjdXJpdHkvc3NsLWNlcnRpZmljYXRlP2lzYz1yb3d6aIAKAcgLAaIMDCoKCgjktLEC7rWxAtoMEQoLEODG5qjv5c6imQESAgED2BMN0BUBgBcBshccChoIABIUcHViLTIzNjU4NzQzMzI4ODY1MjIYAA&sigh=-vtkV4fEm44&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWF8P6lVMsx6FQTA4DNCaUQFXTdy5i_VZkgdk-ct85LbJydldizp6jsCkxQX1hbSHgqkgRK1K7dTFwBFtwCU9Etl1o7uJD97MYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15394a7a353e3c000000000000000000%22,%222%22:%220x88e07991da5d7cd70000000000000000%22,%223%22:%220xc46c5918aee02cf20000000000000000%22,%224%22:%220x5ebd5ddf1bc4fa540000000000000000%22,%225%22:%220x1e9478a9171979a40000000000000000%22},%22debug_key%22:%225508000231640386475%22,%22debug_reporting%22:true,%22destination%22:%22https://godaddy.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%221069554140%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225316042047964816897%22}&andc=true
Request Chain 40
  • https://ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/B27969729.337928234;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/B27969729.337928234;dc_pre=CLfzo4qbuIEDFRagZgIdoysIKg;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&cbvp=2
Request Chain 43
  • http://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js) HTTP 307
  • https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.3domains.net/hk/
Redirect Chain
  • http://nets.hk/
  • http://www.3domains.net/
  • http://www.3domains.net/hk/index.php
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
Apache/2 /
Resource Hash
f513cb0a790e63175d2c6489acd14ed60ff3ef2a15b69e9c5edda7cd8e124f1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 03:08:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=2, max=99
Pragma
no-cache
Server
Apache/2
Transfer-Encoding
chunked
Vary
Accept-Encoding,User-Agent
X-CDN
Imperva
X-Iinfo
14-24608506-24608509 SNNN RT(1695179317515 639) q(0 0 0 -1) r(2 2) U2

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Sep 2023 03:08:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=2, max=100
Location
./hk/index.php
Pragma
no-cache
Server
Apache/2
Vary
User-Agent
X-CDN
Imperva
X-Iinfo
14-24608506-24608509 NNNN CT(182 -1 0) RT(1695179317515 0) q(0 0 2 2) r(3 3) U2
style.min.css
www.3domains.net/hk/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/hk/style.min.css
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
91bb8413814acbeb8b889a2e4deb2867108d3318435c48224baed1e2dc246599

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Feb 2022 05:34:10 GMT
X-CDN
Imperva
Etag
"d27e-5d73eb77f1729-gzip"
Content-Type
text/css
X-Iinfo
14-24608506-24608659 2CNN RT(1695179317515 1116) q(0 0 0 -1) r(0 0) U18
Content-Length
12294
head.min.js
cdn.jsdelivr.net/headjs/1.0.3/
Redirect Chain
  • http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
  • https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
H2
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db917fc3741ec881cde5f77f9d0514a27081219aea5b4cbc81a391345f5ae8ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 03:08:40 GMT
age
962864
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4050
x-served-by
cache-fra-etou8220079-FRA, cache-maa10238-MAA
etag
W/"25cd-lcneMERBF627syGAcP2gCvGHp2o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Date
Wed, 20 Sep 2023 03:08:39 GMT
Server
Varnish
X-Cache
HIT
Location
https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Connection
close
Accept-Ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
0
Retry-After
0
X-Served-By
cache-maa10234-MAA
logo.png
www.3domains.net/hk/static/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/logo.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
7daa3655fc0061350fc8ec06f771276062acc7a7db1ba9b5a4ca1e805a76ffd6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
14-24608506-24572476 2VNN RT(1695179317515 1488) q(0 0 0 -1) r(3 3) U18
Date
Wed, 20 Sep 2023 03:08:39 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:32 GMT
X-CDN
Imperva
Etag
"37a3-5d73eb54528d1"
Content-Length
14243
Content-Type
image/png
feature_records.png
www.3domains.net/hk/static/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/feature_records.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
e19df5be8b1fb415566b5b242e6568a1c7201c6b75273bb9282547272e71aa30

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
14-24608506-24608659 2CNN RT(1695179317515 2108) q(0 0 0 -1) r(0 0) U18
Date
Wed, 20 Sep 2023 03:08:39 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:32 GMT
X-CDN
Imperva
Etag
"107d-5d73eb540c7b9"
Content-Length
4221
Content-Type
image/png
feature_easy.png
www.3domains.net/hk/static/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/feature_easy.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
ebdbc54be08c11412e7dbe1bc9adfdfb514c8b873a072d0246a31b36a22d81c4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
14-24608506-24572476 2CNN RT(1695179317515 2370) q(0 0 0 -1) r(0 0) U18
Date
Wed, 20 Sep 2023 03:08:40 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:32 GMT
X-CDN
Imperva
Etag
"f67-5d73eb5434c41"
Content-Length
3943
Content-Type
image/png
feature_safe.png
www.3domains.net/hk/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/feature_safe.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
bd63b6776198e62b47d9446bb600d28860cbe4831926de8a1a7ec991ec89e4f6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
14-24608525-24608907 2CNN RT(1695179317729 2215) q(0 0 0 -1) r(0 0) U18
Date
Wed, 20 Sep 2023 03:08:40 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:32 GMT
X-CDN
Imperva
Etag
"59a-5d73eb5421b91"
Content-Length
1434
Content-Type
image/png
feature_international.png
www.3domains.net/hk/static/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/feature_international.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
171448c8903863c7d352d90cca7856aa3647aa504e989503e8c2796a52a21eb8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
14-24608525-24608947 2CNN RT(1695179317729 2477) q(0 0 0 -1) r(0 0) U18
Date
Wed, 20 Sep 2023 03:08:40 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:32 GMT
X-CDN
Imperva
Etag
"2182-5d73eb541b601"
Content-Length
8578
Content-Type
image/png
feature_support.png
www.3domains.net/hk/static/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/feature_support.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
a35cb4f0ddc0fda688fd80fbd1f3228d0da885f5b52b9042d40fa093e4b1efa5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
13-15447189-15430832 2CNN RT(1695179320208 1) q(0 0 0 -1) r(0 0) U18
Date
Wed, 20 Sep 2023 03:08:40 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:32 GMT
X-CDN
Imperva
Etag
"ca3-5d73eb53e75f9"
Content-Length
3235
Content-Type
image/png
ads.js
cubichost.net/ads/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cubichost.net/ads/ads.js
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
172.67.199.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58df06faf2976cb6d4ebdc7748e6588af9ca1b83572c6a00d37831b3a7445c83

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:39 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 05 Feb 2022 08:47:43 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"688-5d7416bbaaf21-gzip"
Vary
Accept-Encoding,User-Agent
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOXD%2Bbpv1OEMaigNYPBm7QT8HKPzmSiUgu2yyBpcn%2BdN8gKKdAu4El283s7Otj1vlhQt9qY1LsBF67P5ANSMaqY6pLkFwpVMegnA7Fy%2F0YPxgrxCZLJeCOW4bm15UV2t"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8096dd7aebfc18e8-SIN
Content-Length
808
logoV4.png
cubichost.net/images/logo/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cubichost.net/images/logo/logoV4.png
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
172.67.199.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cb7a06661ff87ea7f6ec436880db3482a7609ee9dc2757204adb4b44f54fe5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:40 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 18 May 2015 20:05:42 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"4025-51660b7ed3180"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyAhZes0DVcXABSGcVgU%2F8AZB1EdTj8qgC1xVQRkTx7VH%2BrZtwlgBDimk9YmpUou6XOZDXgUoJPNmdJOlsiMLf6l8qGkYBuCOi0iRqu%2BQ%2FMmC4bG8HSb%2FnQqjh0DQ6mH"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8096dd81886a18e8-SIN
Content-Length
16421
_Incapsula_Resource
www.3domains.net/ 		139 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=773248325
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
aaa56f8f53abf4f03270eeb2c67b5cb9396c72c7beca5f471274fc31d9cceed6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
X-Robots-Tag
noindex
Content-Length
19967
Content-Type
application/javascript
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
H2
Server
2404:6800:4003:c11::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 02:26:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2517
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Sep 2023 04:26:43 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2365874332886522
Requested by
Host: cubichost.net
URL: http://cubichost.net/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b020ac7b26f9a933c516f2fe03015b8a13da0857a42239b0592a6065be326d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.3domains.net/
Origin
http://www.3domains.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50638
x-xss-protection
0
server
cafe
etag
4927584283055619775
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 03:08:40 GMT
dutch.jpg
www.3domains.net/hk/static/images/header/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/hk/static/images/header/dutch.jpg
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/style.min.css
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
a8aacc22a22d1c2bad997d77fcb04636704040bd101e5c9f5ea8401c6748608e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

X-Iinfo
13-15447191-15397697 2CNN RT(1695179320220 0) q(0 0 0 -1) r(0 0) U18
Date
Wed, 20 Sep 2023 03:08:40 GMT
Last-Modified
Sat, 05 Feb 2022 05:33:36 GMT
X-CDN
Imperva
Etag
"15b7c-5d73eb57f9da9"
Content-Length
88956
Content-Type
image/jpeg
fontawesome-webfont.woff
www.3domains.net/hk/static/fontawesome/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/hk/static/fontawesome/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/style.min.css
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
Apache/2 /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
http://www.3domains.net/hk/style.min.css
Origin
http://www.3domains.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:27 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Feb 2022 05:33:31 GMT
Server
Apache/2
X-CDN
Imperva
ETag
"ffac-5d73eb53146f9-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/x-font-woff
X-Iinfo
14-24608506-24572476 2NNN RT(1695179317515 2630) q(0 0 0 -1) r(2 2) U18
x-incap-sess-cookie-hdr
4V1QUoMpOisCbLsHGi//AzhiCmUAAAAAOdosIt4v5gRmJBNim+PcFQ==
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
65453
main.min.js
www.3domains.net/hk/static/script/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/hk/static/script/main.min.js
Requested by
Host: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
Apache/2 /
Resource Hash
c6842b2870483f9f69a773a27a35a9b096f45069748c8970f6d8b2b2d0b96b52

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:28 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Feb 2022 05:33:33 GMT
Server
Apache/2
X-CDN
Imperva
ETag
"891e-5d73eb5534de9-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
X-Iinfo
12-9274019-9263258 2NNN RT(1695179320221 0) q(0 0 0 -1) r(3 3) U18
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
6839
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2365874332886522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51ab28aedf31629c81fbaa1e4cad919d45ae84d1bcb8e13b07261b8f7170e73d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131532
x-xss-protection
0
server
cafe
etag
11315411348529561147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Sep 2023 03:08:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame A267 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2365874332886522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.3domains.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
50893
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Sep 2023 13:00:27 GMT
etag
8554266389219770021
expires
Tue, 03 Oct 2023 13:00:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=497903545&t=pageview&_s=1&dl=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&ul=en-us&de=UTF-8&dt=3Domains%20%E5%85%8D%E8%B2%BB%E5%9F%9F%E5%90%8D%E6%9C%8D%E5%8B%99%20%7C%20%E5%85%8D%E8%B2%BB%E3%80%81%E5%8F%AF%E9%9D%A0%E3%80%81%E5%B1%AC%E6%96%BC%E5%A4%A7%E5%AE%B6%E7%9A%84%E5%9F%9F%E5%90%8D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAAAACAAI~&jid=1003707615&gjid=1466443374&cid=731499440.1695179321&tid=UA-48167488-1&_gid=1790477785.1695179321&_slc=1&z=1465474357
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
074450bfb32c912d76be071bfdebd1443a871fa521883d945158b8ab48a54fab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.3domains.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 03:08:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.3domains.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48167488-1&cid=731499440.1695179321&jid=1003707615&gjid=1466443374&_gid=1790477785.1695179321&_u=YGBAgUABAAAAAGAAI~&z=511368933
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.3domains.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Sep 2023 03:08:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.3domains.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZEQ63XY3Q4&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1617b3c47abd4895569e91f990d907b22d85bfad27a961da29397a4d3e42a111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 03:08:40 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.3domains.net&callback=_gfp_s_&client=ca-pub-2365874332886522
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e728c8d97188f4b0fe9aa6fed44c9d5c7da62ed890d2ebf3bf22cc34169b0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A945 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&adk=769381493&adf=1569964852&lmt=1695150520&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695179320632&bpp=3&bdt=1415&idt=85&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1771518330729&frm=20&pv=2&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=105
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.3domains.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 03:08:40 GMT
expires
Wed, 20 Sep 2023 03:08:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=nav-bar-wrap&ign=false&pw=1600&ph=1200&x=0&y=69.6
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 03:08:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6F37 		123 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2956e2a6837430b0def47bf8fbba536d332debbcab6450fac26e2df31095909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.3domains.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42157
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 03:08:41 GMT
expires
Wed, 20 Sep 2023 03:08:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZEQ63XY3Q4&gtm=45je39i0&_p=497903545&ul=en-us&sr=1600x1200&cid=731499440.1695179321&_eu=ABAI&_s=1&dl=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&dt=3Domains%20%E5%85%8D%E8%B2%BB%E5%9F%9F%E5%90%8D%E6%9C%8D%E5%8B%99%20%7C%20%E5%85%8D%E8%B2%BB%E3%80%81%E5%8F%AF%E9%9D%A0%E3%80%81%E5%B1%AC%E6%96%BC%E5%A4%A7%E5%AE%B6%E7%9A%84%E5%9F%9F%E5%90%8D&sid=1695179320&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZEQ63XY3Q4&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 03:08:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.3domains.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 6F37 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 03:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 02:31:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 03:08:41 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 6F37 		2 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 00:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
7914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 00:56:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 6F37 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 00:54:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 00:54:50 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 6F37 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 00:54:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 00:54:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 6F37 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 00:54:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
8031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 00:54:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F37 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 03:08:41 GMT
c233ef7b00e27d1a3d2fdfcca9f8c94a.js
www.gstatic.com/mysidia/ Frame 6F37 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c233ef7b00e27d1a3d2fdfcca9f8c94a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 20:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15198
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 20:35:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 20:48:44 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13914851482312861859/ Frame 6F37 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13914851482312861859/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
097501cebc7e185ac45a21420255bc8723f7d4bc0006e3c15da2ee610edb19c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 06:03:36 GMT
x-content-type-options
nosniff
age
75905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20516
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 22:27:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Sep 2024 06:03:36 GMT
truncated
/ Frame 6F37 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6F37 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6F37 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe22c7a98614525bd3fe665d9e103b2d7a2cf3455ed8dec951c053988b0af065

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
_Incapsula_Resource
www.3domains.net/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.3domains.net/_Incapsula_Resource?SWKMTFSR=1&e=0.23471371556611031
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6F37 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 20:42:55 GMT
x-content-type-options
nosniff
age
109546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2024 20:42:55 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6F37
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C4VPHOGIKZfvfLoKmoQOsn66IDr_m--dy49vg0dERucHVvbAwEAEgyMnbIWC_BaAB3LOA_gPIAQmoAwHIA8sEqgTYAU_Q6G1Rxe-VWBXkzp8d9J9VBX25Rz4E7WOkbOMEvycVp_-472wggrf...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15394a7a353e3c000000000000000000%22,%222%22:%220x88e07991da5d7cd70000000000000000%22,%223%22:%220xc46c59...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15394a7a353e3c000000000000000000%22,%222%22:%220x88e07991da5d7cd70000000000000000%22,%223%22:%220xc46c5918aee02cf20000000000000000%22,%224%22:%220x5ebd5ddf1bc4fa540000000000000000%22,%225%22:%220x1e9478a9171979a40000000000000000%22},%22debug_key%22:%225508000231640386475%22,%22debug_reporting%22:true,%22destination%22:%22https://godaddy.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%221069554140%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225316042047964816897%22}&andc=true
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:41 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x15394a7a353e3c000000000000000000","2":"0x88e07991da5d7cd70000000000000000","3":"0xc46c5918aee02cf20000000000000000","4":"0x5ebd5ddf1bc4fa540000000000000000","5":"0x1e9478a9171979a40000000000000000"},"debug_key":"5508000231640386475","debug_reporting":true,"destination":"https://godaddy.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["1069554140"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"5316042047964816897"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 20 Sep 2023 03:08:41 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 20 Sep 2023 03:08:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x15394a7a353e3c000000000000000000","2":"0x88e07991da5d7cd70000000000000000","3":"0xc46c5918aee02cf20000000000000000","4":"0x5ebd5ddf1bc4fa540000000000000000","5":"0x1e9478a9171979a40000000000000000"},"debug_key":"5508000231640386475","debug_reporting":true,"destination":"https://godaddy.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["1069554140"],"4":["09-20"],"6":["true"]},"priority":"500","source_event_id":"5316042047964816897"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
B27969729.337928234;dc_pre=CLfzo4qbuIEDFRagZgIdoysIKg;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/ Frame 6F37
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/B27969729.337928234;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/B27969729.337928234;dc_pre=CLfzo4qbuIEDFRagZgIdoysIKg;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=...
42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/B27969729.337928234;dc_pre=CLfzo4qbuIEDFRagZgIdoysIKg;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&cbvp=2
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
H2
Server
74.125.200.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 03:08:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 03:08:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N797029.3392460GDNPROGRAMMATIC/B27969729.337928234;dc_pre=CLfzo4qbuIEDFRagZgIdoysIKg;dc_trk_aid=530038500;dc_trk_cid=97123117;ord=2886997581;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
pagead2.googlesyndication.com/bg/ Frame 6E11 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1695150520&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2Fhk%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1695179320635&bpp=2&bdt=1418&idt=106&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1771518330729&frm=20&pv=1&ga_vid=731499440.1695179321&ga_sid=1695179321&ga_hid=497903545&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076839%2C31077701%2C42531706&oid=2&pvsid=1241474907259239&tmod=217135367&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=QndFCQgaNh&p=http%3A//www.3domains.net&dtd=113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 06:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
75421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14647
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 06:11:40 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x15394a7a353e3c000000000000000000%22,%222%22:%220x88e07991da5d7cd70000000000000000%22,%223%22:%220xc46c5918aee02cf20000000000000000%22,%224%22:%220x5ebd5ddf1bc4fa540000000000000000%22,%225%22:%220x1e9478a9171979a40000000000000000%22},%22debug_key%22:%225508000231640386475%22,%22debug_reporting%22:true,%22destination%22:%22https://godaddy.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%221069554140%22],%224%22:[%2209-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225316042047964816897%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 03:08:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magni...
cdn.jsdelivr.net/g/
Redirect Chain
  • http://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnifi...
  • https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnif...
215 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)
Requested by
Host: www.3domains.net
URL: http://www.3domains.net/hk/index.php
Protocol
H2
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3b189a485b71fe96fb4f6a22e9c90ee700ed413f97e96fd742d3597d45d5d91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 03:08:41 GMT
age
606529
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
79290
x-served-by
cache-fra-etou8220035-FRA, cache-maa10238-MAA
etag
W/"35aa1-5IK8OdGOK8s1QceN9c1Y/zg++oA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
countries.min.js
www.3domains.net/static/script/ 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/static/script/countries.min.js
Requested by
Host: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
/
Resource Hash
67d7517c05f43a3d158bcf2cc334d3b6bb0ce1f533c1097e7693fbc75db64669

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/hk/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Feb 2022 05:33:34 GMT
X-CDN
Imperva
Etag
"10fe2-5d73eb55af6d9-gzip"
Content-Type
application/javascript
X-Iinfo
12-9274019-9175880 2CNN RT(1695179320221 641) q(0 0 0 -1) r(0 0)
Content-Length
17392
zh-hk.json
www.3domains.net/static/i18n/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.3domains.net/static/i18n/zh-hk.json
Requested by
Host: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)
Protocol
HTTP/1.1
Server
107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.168.215.ip.incapdns.net
Software
Apache/2 /
Resource Hash
adfb49bd66b1451170ae8e9d01f4b7acd342ac4a901b86a6d2456ea1feffacc0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://www.3domains.net/hk/index.php
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 03:08:29 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Feb 2022 05:33:34 GMT
Server
Apache/2
X-CDN
Imperva
ETag
"108f-5d73eb55deca9-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/json
X-Iinfo
12-9274019-9274104 NNNN CT(180 -1 0) RT(1695179320221 1238) q(0 0 2 -1) r(4 4) U18
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
1835
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf60e400ceca7d78458655a76e1acd476f53fe7cffcbba44ae0ab36b95edf8ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12047
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Sep 2023 03:08:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 192A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.3domains.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
411725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 08:46:37 GMT
expires
Sat, 14 Sep 2024 08:46:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E579 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f57192454598ca4eff2d18cff6910c51a565610f5c739419ce3615d00e447f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aW11auVRrJnC2e5xzOU3Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.3domains.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-aW11auVRrJnC2e5xzOU3Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 03:08:42 GMT
expires
Wed, 20 Sep 2023 03:08:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 192A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 08:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
67165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 08:29:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E579 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=1241474907259239&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 192A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GUG5ZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 03:08:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F37 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5ECOgqhux4nSaILa1QnKHQnT4iwSIK0bTVTAOHq6qDvyjrcsopNFbzZjkJSlQYjpxhYBf6baFjK7UT1ljvIHRTdxCXWpXK7ZW12dWuA5oNL56gSzJIlLjtZiphtCmsY7wI4sVVW188gkwzvzSLIaaFcrIZIRJuC3OYTSd&sai=AMfl-YQIlM9bsyK2xMNRYGcyGLbCZqaDfYtj9wAGYQs6f3ofN4lM6PdCmh_USCtd6wyeemf36Jb1QKivR2qbQj4Yp-Por5Xbb4f7VaCqHns_P-pBgCHYGAuKQHI6AP0LLBwFVt62KzqL66_e-gO2AQ&sig=Cg0ArKJSzI8iekt8_cP3EAE&cid=CAQSTABpAlJWF8P6lVMsx6FQTA4DNCaUQFXTdy5i_VZkgdk-ct85LbJydldizp6jsCkxQX1hbSHgqkgRK1K7dTFwBFtwCU9Etl1o7uJD97MYAQ&id=lidar2&mcvt=1000&p=0,0,280,970&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=0.39&if=1&vu=1&app=0&itpl=22&adk=3885092059&rs=2&la=1&cr=0&vs=4&r=v&rst=1695179320749&rpt=666&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 03:08:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=1241474907259239&bg=!xcalxonNAAbP3fMH7907ADQBe5WfOLv4fyYIOlfWFlDvXhQ2D6O2EtWeMBD7JSE-V1gcpc9Ea1TPghxeHklfX2_Dos0mAgAAAFdSAAAACmgBBwoAWpDXZcf-1MGSJfRMgZNDZepnsRL4fAmL7Es6-Xm-3HPkZd1hx_Ar-i-kHbROEOSYe0j7-8a4rSmCcr8mUDRLwjfN9iNmnhVnE2i5F1Caeuxh2sX4TQ327PpJ0pkCs47Vj546PYmMJbY4dA_OjLxGi82Uu5iARDOPwbmLg9511XS0sIq09rVpKIBmGxQhcF6UPcQvQCsfFbY4Y_Xc2gXMU9aUEEq6g49arMsQmyNYMeMpJ3PWMn11pytt71GhL6sh30fCxPAQVbnJJIPLBh2c7yrdXftwKkJDgMGZ4waI9uFLghyktaaSEA9V1TMvnK9w4LIXQa_ZxWl-B6jssn_od3_zqOLyYEnqKKhYhopfPXopwgZvBkqT9p5iGucXfESVmGsdXKar6cojUmA9RZ2wMkQZeCj1gus0upzWMUOa4eGq9JZT3f9kcNBCPDwBc1Zp5EFnPduGmWnHFooN1a6VVRHN3fDvDK8JSLY6882pg9Lt3mensG3kklsPtsRnZawoubIl3WzN-VljfUATfCOXsRmNnJ2X56n0S3k5CpqNBv-uWaVMVgM1bAUE3oR_loCKAYEb4YdLyBHOhTLWiO7m7arVMzf30NafiHcEZODkrpD_hxteMou5bG830UWHOoOIaccPIUGPpA-wJ44o_OfB-qONRmEIXQuEAZpztkjNXWHZ8sj0XgQ1cVvYmFrxZsm_weiZEIXC5lFtaQaCLr30Sfpzx3RkxQ7TJ2vdwbL8AzJOn08yOPtwUePq7IV4l2aplGNQKA_AYJNC0lzSF_yx6eThs_yxHPEFjmgDX7CjXvBFYqm1qF07kL9lN0H8NtBcBy6V6YrVAuutusM--s7iOJ7Gu6LAKLFy1td1AmAjYoz2FTKvcr8UDncdyEO1a865S-OUdWVTZYPOztxlyBCn1wqRTKR0TPDuc0iSRhkU9mDtzEl6iHqHpqB39C5h7HERZf_BoauCsbVucxHl9SxqGZXUDTsXpugHU43hBR22JO4jgkjisI8hrsb1aNvmFXMky8H5vzre8XA5nFm_Z3mcfCU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.3domains.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| head string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| googletag number| hexcase function| hex_md5 function| hex_hmac_md5 function| md5_vm_test function| rstr_md5 function| rstr_hmac_md5 function| rstr2hex function| str2rstr_utf8 function| rstr2binl function| binl2rstr function| binl_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol function| $ function| jQuery object| i18n function| jQueryCollapse function| jQueryCollapseSection object| iso object| GoogleGcLKhOms object| jQuery112400030332694861774367

14 Cookies

Domain/Path Name / Value
www.3domains.net/hk Name: cookie
Value: 1
www.3domains.net/ Name: PHPSESSID
Value: msbf3b481n68a2865gl1ub6st5
.3domains.net/ Name: visid_incap_128425
Value: 1/RgF5pJTfiiOsc2jrDXbzViCmUAAAAAQUIPAAAAAAA+/S3RpCWqcxVcITyAAORC
.3domains.net/ Name: incap_ses_288_128425
Value: 87wIZMxza0cCbLsHGi//AzViCmUAAAAAFZPRGnRdsM3HBXNxIE0qow==
www.3domains.net/ Name: language
Value: zh-hk
.3domains.net/ Name: _ga
Value: GA1.2.731499440.1695179321
.3domains.net/ Name: _gid
Value: GA1.2.1790477785.1695179321
.3domains.net/ Name: _gat
Value: 1
.3domains.net/ Name: _ga_ZEQ63XY3Q4
Value: GS1.2.1695179320.1.0.1695179320.0.0.0
.3domains.net/ Name: __gads
Value: ID=de638f9e539633c0:T=1695179320:RT=1695179320:S=ALNI_Ma17FpKrbqawqHKnHdtoKn61VKrWw
.3domains.net/ Name: __gpi
Value: UID=00000c4d68c32d09:T=1695179320:RT=1695179320:S=ALNI_MaGss3bSwCTqnRepnBngI3E-YOWpg
.doubleclick.net/ Name: IDE
Value: AHWqTUkSup3nVNLfYN_pOpOCcQxIRLpCi6jAfhkVNNXGV-wi4HbdYhz1nkzgI3jIbK8
.doubleclick.net/ Name: APC
Value: AfxxVi7txps0b1zWVTLL7OG1t3YNRw4dgpuCace8NzIN8nVZ6qRMLw
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.jsdelivr.net
cubichost.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
nets.hk
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.3domains.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
107.154.168.215
142.251.10.154
172.67.199.120
2404:6800:4003:c00::61
2404:6800:4003:c01::63
2404:6800:4003:c02::5e
2404:6800:4003:c03::5e
2404:6800:4003:c03::9c
2404:6800:4003:c04::5f
2404:6800:4003:c05::9d
2404:6800:4003:c06::84
2404:6800:4003:c0f::9d
2404:6800:4003:c11::8b
2404:6800:4003:c1c::9b
2a04:4e42:200::485
2a04:4e42:600::485
74.125.200.148
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
074450bfb32c912d76be071bfdebd1443a871fa521883d945158b8ab48a54fab
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
097501cebc7e185ac45a21420255bc8723f7d4bc0006e3c15da2ee610edb19c3
0e728c8d97188f4b0fe9aa6fed44c9d5c7da62ed890d2ebf3bf22cc34169b0cd
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
1617b3c47abd4895569e91f990d907b22d85bfad27a961da29397a4d3e42a111
171448c8903863c7d352d90cca7856aa3647aa504e989503e8c2796a52a21eb8
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
23cb7a06661ff87ea7f6ec436880db3482a7609ee9dc2757204adb4b44f54fe5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3f57192454598ca4eff2d18cff6910c51a565610f5c739419ce3615d00e447f7
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
51ab28aedf31629c81fbaa1e4cad919d45ae84d1bcb8e13b07261b8f7170e73d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58df06faf2976cb6d4ebdc7748e6588af9ca1b83572c6a00d37831b3a7445c83
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67d7517c05f43a3d158bcf2cc334d3b6bb0ce1f533c1097e7693fbc75db64669
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06
7daa3655fc0061350fc8ec06f771276062acc7a7db1ba9b5a4ca1e805a76ffd6
91bb8413814acbeb8b889a2e4deb2867108d3318435c48224baed1e2dc246599
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a2956e2a6837430b0def47bf8fbba536d332debbcab6450fac26e2df31095909
a35cb4f0ddc0fda688fd80fbd1f3228d0da885f5b52b9042d40fa093e4b1efa5
a8aacc22a22d1c2bad997d77fcb04636704040bd101e5c9f5ea8401c6748608e
aaa56f8f53abf4f03270eeb2c67b5cb9396c72c7beca5f471274fc31d9cceed6
adfb49bd66b1451170ae8e9d01f4b7acd342ac4a901b86a6d2456ea1feffacc0
b020ac7b26f9a933c516f2fe03015b8a13da0857a42239b0592a6065be326d37
b3b189a485b71fe96fb4f6a22e9c90ee700ed413f97e96fd742d3597d45d5d91
b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234
bd63b6776198e62b47d9446bb600d28860cbe4831926de8a1a7ec991ec89e4f6
c6842b2870483f9f69a773a27a35a9b096f45069748c8970f6d8b2b2d0b96b52
cf60e400ceca7d78458655a76e1acd476f53fe7cffcbba44ae0ab36b95edf8ce
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db917fc3741ec881cde5f77f9d0514a27081219aea5b4cbc81a391345f5ae8ac
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e19df5be8b1fb415566b5b242e6568a1c7201c6b75273bb9282547272e71aa30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebdbc54be08c11412e7dbe1bc9adfdfb514c8b873a072d0246a31b36a22d81c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f513cb0a790e63175d2c6489acd14ed60ff3ef2a15b69e9c5edda7cd8e124f1a
fe22c7a98614525bd3fe665d9e103b2d7a2cf3455ed8dec951c053988b0af065