urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/2EXk56
Submission: On December 12 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 5 countries across 55 domains to perform 336 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
2 151.101.1.229 54113 (FASTLY)
5 34.149.98.30 396982 (GOOGLE-CL...)
1 151.101.1.55 54113 (FASTLY)
1 172.217.194.97 15169 (GOOGLE)
1 11 142.251.10.155 15169 (GOOGLE)
5 157.240.235.35 32934 (FACEBOOK)
1 35.244.196.223 396982 (GOOGLE-CL...)
33 157.240.235.1 32934 (FACEBOOK)
3 64.233.170.102 15169 (GOOGLE)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 61.216.47.122 3462 (HINET Dat...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 172.67.150.31 13335 (CLOUDFLAR...)
1 104.17.239.194 13335 (CLOUDFLAR...)
1 34.160.17.71 396982 (GOOGLE-CL...)
1 13.224.167.106 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.187 2635 (AUTOMATTIC)
2 216.239.32.181 15169 (GOOGLE)
2 172.253.118.94 15169 (GOOGLE)
7 203.117.89.148 4657 (STARHUB-I...)
1 3 142.251.175.104 15169 (GOOGLE)
1 182.161.73.129 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 54.192.18.65 16509 (AMAZON-02)
9 172.253.118.132 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 13.224.167.47 16509 (AMAZON-02)
4 74.125.130.156 15169 (GOOGLE)
20 142.251.12.132 15169 (GOOGLE)
5 64.233.170.157 15169 (GOOGLE)
47 64.233.170.156 15169 (GOOGLE)
1 172.217.194.95 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
2 182.161.73.136 55569 (CRITEO-AS...)
1 13.224.167.65 16509 (AMAZON-02)
1 54.179.210.192 16509 (AMAZON-02)
5 34.98.64.218 396982 (GOOGLE-CL...)
2 142.251.12.156 15169 (GOOGLE)
9 14 142.250.4.154 15169 (GOOGLE)
6 10 104.18.36.155 13335 (CLOUDFLAR...)
4 7 103.43.90.114 29990 (ASN-APPNEX)
1 74.125.130.94 15169 (GOOGLE)
7 142.251.12.149 15169 (GOOGLE)
3 3 15.197.193.217 16509 (AMAZON-02)
1 1 124.146.153.162 2514 (INFOSPHER...)
2 2 13.225.103.47 16509 (AMAZON-02)
4 13.226.120.31 16509 (AMAZON-02)
4 74.125.24.157 15169 (GOOGLE)
1 54.192.18.73 16509 (AMAZON-02)
1 35.208.216.174 15169 (GOOGLE)
29 104.17.201.110 13335 (CLOUDFLAR...)
2 74.125.68.95 ()
38 18.211.192.234 ()
1 1 104.69.39.62 ()
2 184.25.222.66 ()
1 2 139.99.122.53 ()
2 5 209.54.182.161 ()
2 104.17.111.249 ()
18 74.125.200.157 ()
14 19 69.173.158.64 ()
2 142.250.186.35 ()
1 1 8.43.72.98 ()
1 13.107.42.14 ()
2 3 52.95.122.74 ()
1 1 54.255.118.208 ()
2 2 13.113.141.188 ()
1 131.153.206.101 ()
1 2 34.111.113.62 ()
1 2 104.18.41.104 ()
1 52.77.135.86 ()
2 2 13.228.126.19 ()
1 23.46.16.190 ()
2 142.251.12.157 ()
336 70
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.1.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com
11    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
5    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
33    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
3    64.233.170.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f102.1e100.net
www.google-analytics.com
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    172.67.150.31 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    104.17.239.194 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    34.160.17.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.17.160.34.bc.googleusercontent.com
www.rayskyinvest.com
1    13.224.167.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-106.hkg54.r.cloudfront.net
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
2    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
www.google.com.sg
7    203.117.89.148 (Singapore, Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
scontent.fsin16-1.fna.fbcdn.net
external.fsin16-1.fna.fbcdn.net
3    142.251.175.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f104.1e100.net
www.google.com
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    54.192.18.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-65.hkg62.r.cloudfront.net
tags.crwdcntrl.net
9    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
cdn.ampproject.org
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    13.224.167.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-47.hkg54.r.cloudfront.net
cnt.trvdp.com
4    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
www.googletagservices.com
20    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
tpc.googlesyndication.com
5    64.233.170.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f157.1e100.net
googleads.g.doubleclick.net
47    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
pagead2.googlesyndication.com
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.gstatic.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    13.224.167.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-65.hkg54.r.cloudfront.net
go.trvdp.com
1    54.179.210.192 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
2    142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
www.googleadservices.com
14    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
cm.g.doubleclick.net
10    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
7    103.43.90.114 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net
fonts.gstatic.com
7    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.153.162 (Kakegawa, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.225.103.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-103-47.hkg60.r.cloudfront.net
cr-p3.ladsp.com
4    13.226.120.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-120-31.hkg62.r.cloudfront.net
stg.truvidplayer.com
4    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
googleads4.g.doubleclick.net
1    54.192.18.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-73.hkg62.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
29    104.17.201.110 (None, )

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
2    74.125.68.95 (None, )

ASN- ()
imasdk.googleapis.com
38    18.211.192.234 (None, )

ASN- ()
p.trvdp.com
1    104.69.39.62 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    184.25.222.66 (None, )

ASN- ()
eus.rubiconproject.com
2    139.99.122.53 (None, )

ASN- ()
ads.stickyadstv.com
5    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
2    104.17.111.249 (None, )

ASN- ()
shared.bannerflow.com
18    74.125.200.157 (None, )

ASN- ()
pubads.g.doubleclick.net
19    69.173.158.64 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
2    142.250.186.35 (None, )

ASN- ()
csi.gstatic.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
3    52.95.122.74 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    54.255.118.208 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    13.113.141.188 (None, )

ASN- ()
match.prod.bidr.io
1    131.153.206.101 (None, )

ASN- ()
prebid.a-mo.net
2    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
2    104.18.41.104 (None, )

ASN- ()
capi.connatix.com
1    52.77.135.86 (None, )

ASN- ()
match.sharethrough.com
2    13.228.126.19 (None, )

ASN- ()
ups.analytics.yahoo.com
1    23.46.16.190 (None, )

ASN- ()
hb.yahoo.net
2    142.251.12.157 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
73 googlesyndication.com
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
ade.googlesyndication.com
350 KB
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
pubads.g.doubleclick.net
329 KB
41 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 38270
go.trvdp.com — Cisco Umbrella Rank: 34674
s.trvdp.com — Cisco Umbrella Rank: 30609
p.trvdp.com
138 KB
38 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent.fsin16-1.fna.fbcdn.net — Cisco Umbrella Rank: 248256
external.fsin16-1.fna.fbcdn.net — Cisco Umbrella Rank: 517649
700 KB
29 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8227
600 KB
23 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
28 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
5 KB
8 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
5 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
120 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
6 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
6 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
49 KB
4 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 27502
17 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
50 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
257 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com
369 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 connatix.com
capi.connatix.com
522 B
2 tapad.com
pixel.tapad.com
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 bannerflow.com
shared.bannerflow.com
126 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
7 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
13 KB
2 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13820
515 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
88 KB
2 re-news.tw
storage.re-news.tw
asset.re-news.tw
435 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
58 KB
1 yahoo.net
hb.yahoo.net
646 B
1 sharethrough.com
match.sharethrough.com
281 B
1 a-mo.net
prebid.a-mo.net
449 B
1 linkedin.com
px.ads.linkedin.com
513 B
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 27242
591 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
849 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3858
107 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
12 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
509 KB
1 creditcards.com.tw
creditcards.com.tw
57 KB
1 racingcharger.tw
img.racingcharger.tw
136 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20760
42 KB
336 55
Domain Requested by
47 pagead2.googlesyndication.com b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
reurl.cc
securepubads.g.doubleclick.net
imasdk.googleapis.com
38 p.trvdp.com
31 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
29 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
20 tpc.googlesyndication.com reurl.cc
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
18 pubads.g.doubleclick.net imasdk.googleapis.com
14 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
google-bidout-d.openx.net
12 pixel.rubiconproject.com 8 redirects
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
9 securepubads.g.doubleclick.net 1 redirects reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
7 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 s0.2mdn.net reurl.cc
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
s0.2mdn.net
imasdk.googleapis.com
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
5 s.amazon-adsystem.com 2 redirects
5 googleads.g.doubleclick.net b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
reurl.cc
pagead2.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 scontent.fsin16-1.fna.fbcdn.net www.facebook.com
reurl.cc
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 storage.reurl.cc reurl.cc
4 googleads4.g.doubleclick.net reurl.cc
4 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
4 www.googletagservices.com securepubads.g.doubleclick.net
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
4 b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 2 redirects
3 match.adsrvr.org 3 redirects
3 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
2 ade.googlesyndication.com
2 ups.analytics.yahoo.com 2 redirects
2 capi.connatix.com 1 redirects
2 pixel.tapad.com 1 redirects
2 match.prod.bidr.io 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 shared.bannerflow.com c.bannerflow.net
2 ads.stickyadstv.com 1 redirects
2 eus.rubiconproject.com s.trvdp.com
eus.rubiconproject.com
2 imasdk.googleapis.com s.trvdp.com
imasdk.googleapis.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 www.googleadservices.com reurl.cc
2 external.fsin16-1.fna.fbcdn.net reurl.cc
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.com.sg reurl.cc
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
2 cdn.jsdelivr.net reurl.cc
1 hb.yahoo.net
1 match.sharethrough.com
1 prebid.a-mo.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 tg.socdm.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 go.trvdp.com cnt.trvdp.com
1 www.gstatic.com b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
1 fonts.googleapis.com b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
336 84

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-12-10 -
2024-03-09		 3 months crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-20 -
2023-12-19		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
tls.automattic.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.fsin16-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2023-10-21 -
2024-01-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-11 -
2024-05-10		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh

This page contains 30 frames:

Primary Page: https://reurl.cc/2EXk56
Frame ID: 29078E6EBF846F202A43A00E77B62F74
Requests: 116 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 50ABE49DBDE4BF0269FC14DF4F607B47
Requests: 43 HTTP requests in this frame

Frame: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 89ED0E487DC3B459B54244204E5BF6B1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-dbtZBqAw_W_7o4rUp_vD0hphXQNsrUM4yGimVTMXjTKxeHzC1ZUo8MWD46-JZTt0jZiPuPLHQCLdrzaubrqZVo9n4GDlQUa61cpJv1I5iCLkyOxZZDTv2b0RSNTtcKphgbt5e8RCIhSQf4HKaCiOJ0Yv17XuxCRMRSN1HXDPs00Q7PhIenmPGP2Q588WzAltYlfzXLfApRDLzyOESOCCkb1La96C53E5EoL-X7AAXGhLXtc6sI4S17CeBoBHnTSLFEteiro--G7Es_2UbfZAoYx5d_zX7cwA8l5rIbBLwDSIF1yERqvPxQLoGJmH7RCvCGzjMY6XUDykayoRg40aQQsdIfYnkZGuBakoXjo7yniHj3X4LhritruUWFqwAZEQI0BRnw&sai=AMfl-YS4FZmm3KxW3V3AsanTaO0OAaw2iIjhuP_X44uJZsKM0H0rZ6l0PpZHbqlfGueovvCfxetM96k0Qr8VRQ_DUqLGIbDn4pAJdnnltcXwLSNlFJgKRGFNtJklyMW_NE7jRx34Q9l4WoFCUJV7ro0uzWo&sig=Cg0ArKJSzIGjeCqjHD5CEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F999E3C66FFEE3EB071EF5BD93A68BB7
Requests: 6 HTTP requests in this frame

Frame: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 298DE90474F69614CCFEDE9D5CE472A1
Requests: 16 HTTP requests in this frame

Frame: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ACD2AD45BE1E10A5670DA2CD43D2E051
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: DD5A638BC9CB0E5F1AFBA9F4FFD1DDFD
Requests: 12 HTTP requests in this frame

Frame: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2824C6900A4A991A9CA2A3527371F244
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXBXD-ECXGsNIqgF-NNOHbiIFbTDWg554OWfj8JrmmgB5Idnlji9_09omhC6DyzVx3dks-tUpJhNT3654qm9_zeX1eQqw
Frame ID: 17FB66AC014965D6C30E6B86CE967B71
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: BE2831D868AC5062F7F4135AF23B0BE0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNUBDdqPk4m7ygwGPUA8u-s4TSINUSbdSmQir3hqL33O2yg2DN0DVM24YT_ghae18YG9HwjFHsCRu5HjRAmd4dxarXL4HQ
Frame ID: 38F112F68B2D99A3541681123380E16F
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 098F8CE72CB322B7D02624D2AF8AF88F
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 61978649AD1AD87FF73393C28710329C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 74285B990E853CF5576557C5FDD8ABDB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: C8E50273869D46BABB6BE5AAD256EB5A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17144318359328784384/SG_Futures_PRSP-1-Singapore-300x250-638333201597143815-c28aeb91-e81b-4494-b1c6-8edbe1aed4db.html?ev=01_250
Frame ID: 9F30F3A3E079BE21847EBF7EF0989D8C
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14948768259145465856/options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html?ev=01_250
Frame ID: 36E5EF21B512B7EA46BABA718F943C9C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA2936C70EA68EFFB54AFB34CBFB39EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CFCF8D1ADB0CC47263A13EDAB03C8E2
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/ccbed7aa-1375-495d-af40-d5aed96f80cd
Frame ID: ECA0D88933EAC96C232918F943AE84FA
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/71229aeb-c93e-4bbf-8826-65e8f119a6cc
Frame ID: F231F7BA9CF8326F904B87274E6992E6
Requests: 1 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=c&geo=SG&timestamp=1702359768&level=1
Frame ID: 4387CADC9FA02073349498937AC60342
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: E866155F6D2AFBF8FD731B07FC72538B
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Frame ID: 560DD51CF5F4D3CAE6DD35198F6CC9B9
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8BCAF7525792F2E7703A92360C72194D
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=135&h=195&q=99&f=webp&rt=contain
Frame ID: B0DDCBDE45BBF53A6915D94558C1773D
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Frame ID: DA82C0BF3B8647249A581CA101D95F98
Requests: 8 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: E38E6592C6C1A986F7A0C513F55D5473
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: E85CEBA9467FF0D94C131A7C76F40E57
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
Frame ID: 55CCFDCDD6AF80AF1E99268DF5355D14
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitcoin Exchange | Cryptocurrency Exchange | Binance

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

336
Requests

88 %
HTTPS

0 %
IPv6

55
Domains

84
Subdomains

70
IPs

5
Countries

5891 kB
Transfer

13113 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2F2EXk56&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2F2EXk56&rid=esp&cc=1
Request Chain 130
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 131
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CjzGo0vJ3ZfPBH_PNssUP4puWmAiF-Ye_dP3T0pSBEvzBtauuARABINLMgRpgvwWgAauIrYcDyAEJqQKD_-y0afqoPuACAKgDAcgDywSqBK4CT9A2KQuYnDjQYKLkld_Hl5fyFHz9ybJeJmlpOTz08ddZFdhhP679Cl_d-oS9RkA2QgGSS0zAd3stnrfraPg2syjYXNtgvjib0qUjZbD5H-xtnvmtDUyofplg2oif1KNh0RvdlgDc2zBqdiNpozOfj_wRwB7BllBqbznHU7vnpB3hBL8K1DB4wlzHgr1YLaNRYhSuCbno5mAZ4C67KBR7_qE6c2P_28SAuoTd6zwGLkeY4Jy6olOXFsOtP4oNlmkef130jvBXex-E7i8DwVwKnPVuN7Gl7CuT6QdmRBVD0bmN33IkWWbIDg1Xt3sUmJqYvxxTal1iljj7ekurXan1eoAJr-yMI0HldZRb6ldJkGm_SmPLJiW4MIfRW6vTNSwooaUBsJG--WMC5JeDQY7ABLHl8ZDRBOAEAYgF9Kvbs02SBQQIBBgBkgUECAUYBKAGLoAHtcH5hAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCowwzSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WK25sKeYiYMDmgkmaHR0cHM6Ly9jaGVlcnMuY29tLnNnL2NocmlzdG1hcy1kZWFscy-ACgPICwGYDIae9_nUBKIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKENCv9qaW1aTZMRICAQPiDRMIrYuxp5iJgwMV86asAh3ijQWDuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGbIYAyIBAA&sigh=PYlTQGEJOOY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5770c92734fef6a50000000000000000%22,%222%22:%220x423a7fd2425ed3ba0000000000000000%22,%223%22:%220x8c2dbd14d49d1fe10000000000000000%22,%224%22:%220x2ae125da2b05c7f0000000000000000%22,%225%22:%220xcae18ad38d453bdb0000000000000000%22},%22debug_key%22:%2213136617319782920102%22,%22debug_reporting%22:true,%22destination%22:%22https://cheers.com.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22820724779%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224960405234535923073%22}&andc=true
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
Request Chain 134
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXfy1GBSlLki0kjUiYeJ-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
Request Chain 136
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5MTA5MDc0Mzk4MTY2ODgzMA%3D%3D
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
Request Chain 138
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXfy1EJPpt85Wdbc5XIzPwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
Request Chain 140
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk4OTE2Mjc4MDgwNjYyMzg0OA%3D%3D
Request Chain 155
  • https://match.adsrvr.org/track/cmf/openx?oxid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&ttd_puid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0&gdpr_consent=
Request Chain 156
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXfy1MCo8YUAAAwdiP4AAAAA
Request Chain 157
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeJuUIOiO0ygks8AED41tKp8qc8AAAGMXIyQ9w
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFi3mi29NhEWu5eqKyzvDYY&google_cver=1
Request Chain 219
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Request Chain 221
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=32ee2d3f6657ae91643d7913161c2896&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 259
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LQ1X1XTY-1I-AT2K HTTP 302
  • https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LQ1X1XTY-1I-AT2K
Request Chain 264
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&gdpr=0&gdpr_consent=&expires=30
Request Chain 265
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1X1XTY-1I-AT2K
Request Chain 266
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFExWDFYVFktMUktQVQySw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBzKVGP0H5HkiZPaGdibPAw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWDFYVFktMUktQVQySw==&google_push=
Request Chain 267
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V43zX9n0SZCu-3g0QGidjw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V43zX9n0SZCu-3g0QGidjw
Request Chain 268
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OvepsGhBT12m1WO55120Ag&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OvepsGhBT12m1WO55120Ag
Request Chain 269
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmZhZDNiZDFiYzM4ZmEzMGFmZTQwNjRhYTliOWRjMzgwYWNkYTU3NA
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMQpLOY1jn8RQPKI-QnP9h0&google_cver=1
Request Chain 271
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ1X1XTY-1I-AT2K&ex=d-rubiconproject.com&status=ok
Request Chain 272
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bzpRVaCbD0015Eb_Av-nTMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PP0cQhBE2oLcLWJ9bUsXmcQ38rMwb8h0uiEOoA--~A
Request Chain 273
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB2rk7K7-YAABWK8Z2eoQ&expires=30
Request Chain 274
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1X1XTY-1I-AT2K
Request Chain 275
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ1X1XTY-1I-AT2K
Request Chain 276
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ1X1XTY-1I-AT2K HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ1X1XTY-1I-AT2K
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ1X1XTY-1I-AT2K&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ1X1XTY-1I-AT2K&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1X1XTY-1I-AT2K
Request Chain 279
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ1X1XTY-1I-AT2K&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ1X1XTY-1I-AT2K&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ0VLZlZORTJ1SFFweE1WRXNTT2ZyeGxvQ0NWSVVOcn5B&ovsid=LQ1X1XTY-1I-AT2K&dpid=58160

336 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2EXk56
reurl.cc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
689ff60a7ae5e8b1accec4c461c3d529e7099cd6b265bd214ae45a5e2ccd5fc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 05:42:39 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://tetherusd-reward.moy.su/index.html?rewards
vary
Accept-Encoding Origin
x-request-id
dc1c9a48-5b72-4bbe-8828-0b6fbe2b0ca3
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 05:42:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
23474576
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-qpg1242-QPG
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:27:35 GMT
content-encoding
gzip
via
1.1 google
age
904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
190b6b18-7774-4b20-824d-91eab736efdd
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		177 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Mon, 11 Dec 2023 07:06:39 GMT
date
Tue, 12 Dec 2023 05:42:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
81359
x-guploader-uploadid
ABPtcPrvSnB17Pej8vzqjBmTtLWQOdK3hY2MnSC7naN7CVRATbWfC3dGcQ5bGZhK5-RQ1huaiXo
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42279
x-served-by
cache-tyo11954-TYO, cache-qpg1250-QPG
last-modified
Mon, 20 Nov 2023 09:15:25 GMT
server
UploadServer
x-timer
S1702359760.774723,VS0,VE0
etag
"dc1bad45759bbb89536459f2c34eaa21"
vary
Accept-Encoding
x-goog-generation
1700471725490318
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=3IRkSQ==, md5=3ButRXWbu4lTZFnyw06qIQ==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
42279
accept-ranges
bytes
x-cache-hits
154, 366
pixel.js
storage.reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:02:39 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
27601
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
797d6baf-d3b2-4c0f-824c-a2b84ad0681f
ga2.js
storage.reurl.cc/javascripts/ 		536 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:00:24 GMT
content-encoding
gzip
via
1.1 google
age
20536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-request-id
9c9a9540-deba-449b-a6cb-51f02a45d205
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4d1628d5574dfe02b292b455dfc39cdfbcd02d65673500b051e0a30b57651063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93914
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 05:42:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a85f16d8ac04fbd72937932c3421de5a88b47eb8b510d3ca1d373dc80d1a686c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29429
x-xss-protection
0
server
cafe
etag
315 / 19703 / 31080020 / config-hash: 11999804698944333348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:40 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 05:42:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
12985805
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-qpg1242-QPG
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:16:28 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
12371
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-request-id
7aee53c2-6152-4920-8de4-8fded2d83757
loading.js
storage.reurl.cc/javascripts/ 		134 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:16:28 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
12371
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
edb61df2-0795-45b9-8439-797ee235e7cc
page.php
www.facebook.com/plugins/ Frame 50AB 		93 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
50ed878400e9e3a30e849d745378b9b839b39e3142452c742d33354fad19a661
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:41 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
CHrneY6gjxrfm9XpqZAtGM0eM4HCtmYPor2DrllDB7Cyhvbx/hyTSjoT6Bdu0PhDtbekyQ/BiPPGYvmXPn4tkw==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
8560e8debe09dfa1ce16b81647c4b0900b6575324cddef0d27b43e8f5be8fdfa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:40 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1d24-45olFlNk1BnjmvVgnu3KENxcpHE"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7460
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 12 Dec 2023 05:42:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
r6/uYXD+bQuOqENNB7o6Hj6O00vEPNDdCQ0hQschink9YbGSDCy/gGefFao3jNKvWdS3QD9Lcu5uUlNgFL7QvA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 04:17:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5098
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 06:17:42 GMT
mocpogo_01.jpg
asset.re-news.tw/images/ 		427 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:27:36 GMT
via
1.1 google
age
905
x-guploader-uploadid
ABPtcPoOwUwPZOfegUJvpnBkotEbdB8n85_dRnURhmZivOMQ3qB6e96tBI8DzQMpPFDjmAxJGsZzSpGzYjp_UDxNWyY4NKk6y-UD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437364
last-modified
Wed, 18 Oct 2023 12:58:27 GMT
server
UploadServer
etag
"2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation
1697633907721269
x-goog-hash
crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type
image/jpeg
cache-control
public,max-age=3600
x-goog-stored-content-length
437364
accept-ranges
bytes
2023121204263472.jpg
img.racingcharger.tw/wp-content/uploads/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023121204263472.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
236858260a5b5a35991c9255afe177bdc456c017efd8edffbfa707662484987f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:41 GMT
last-modified
Tue, 12 Dec 2023 04:26:38 GMT
server
Apache
accept-ranges
bytes
content-length
139591
content-type
image/jpeg
%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97-LINE-Pay-%E4%BF%A1%E7%94%A8%E5%8D%A1-%E5%9C%8B%E5%A4%96-2.8-%E5%9B%9E%E9%A5%8B-LINE-Points-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/04/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/04/%E4%B8%AD%E5%9C%8B%E4%BF%A1%E8%A8%97-LINE-Pay-%E4%BF%A1%E7%94%A8%E5%8D%A1-%E5%9C%8B%E5%A4%96-2.8-%E5%9B%9E%E9%A5%8B-LINE-Points-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
452c285b4190ade67a437b5388e4056f52e3d31d3098f477b931c84c25570138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
2.sin _atomic_bur BYPASS
content-length
58160
x-nc
HIT bur 7
last-modified
Sat, 02 Dec 2023 00:36:04 GMT
server
nginx
etag
"61a8b417c894f739"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Mon, 01 Dec 2025 12:36:04 GMT
1702300951-62822785f71b9d22e467747a7505fc98-840x525.png
img.gbyhn.com.tw/2023/12/ 		508 KB
509 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/12/1702300951-62822785f71b9d22e467747a7505fc98-840x525.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ae91e390e5e2738143bfe09cfdd67f215aa3d7ed025ca8e0bb2fb1f18f2ea3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55392
alt-svc
h3=":443"; ma=86400
content-length
520165
last-modified
Mon, 11 Dec 2023 13:22:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2FsOLN1pspdnDR1vHkMiOesouGmnLbSNEiCBs8b3gwQWcEv5KEijPAIdPFQe1%2FlYqyMTanauTj%2FprpcanR4tbseiY3jp2rWrHEGD0ElU%2F%2BuQ4WPyfmjALH6rTa5Hh%2F717W%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8343a53d6acf9fb3-SIN
expires
Mon, 18 Dec 2023 13:23:35 GMT
Azentio_Logo.jpg
mma.prnasia.com/media2/1978771/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1978771/Azentio_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.239.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ec7e2cdfaf63939b2388677506d602546be7d1a21a55e8ab672d34cbe6ea80f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:41 GMT
cf-cache-status
HIT
age
76133
x-powered-by
ASP.NET
server-timing
intid;desc=fcc393aa9963bf29
content-length
11597
cf-bgj
h2pri
last-modified
Mon, 11 Dec 2023 08:33:31 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8343a53d6a2d55c6-SIN
access-control-allow-headers
Content-Type
expires
Mon, 11 Dec 2023 08:33:32 GMT
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		612 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 12 Dec 2023 05:42:41 GMT
expires
Tue, 10 Dec 2024 13:55:48 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-106.hkg54.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-twg7f
date
Tue, 28 Nov 2023 17:48:05 GMT
via
1.1 google, 1.1 523773ea134442f5fb8c61175c2cceca.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
HKG54-C1
age
1166076
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rr-Gvg9Ocfuo0ga5J9PzV2PEIHJiSgoNp_PVPEBFvrmlUX6NmETk-g==
content-length
253615
wix-tracer
2YoZ2ZlGavpPzz0KiBcuUkXxW1M
2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:41 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
109448
x-nc
HIT sin 3
last-modified
Fri, 13 Oct 2023 09:02:46 GMT
server
nginx
etag
"ab5b506272fb167b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires
Sun, 12 Oct 2025 21:02:46 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:41 GMT
strict-transport-security
max-age=31536000
x-ac
2.sin _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Tue, 19 Dec 2023 05:42:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
337
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138171
x-xss-protection
0
server
cafe
etag
7807444821274263820
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 05:37:05 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702359760071&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=889905670.1702359761&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702359760&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F2EXk56&dt=Bitcoin%20Exchange%20%7C%20Cryptocurrency%20Exchange%20%7C%20Binance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2518
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=889905670.1702359761&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=889905670.1702359761&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=505821681
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=865999757&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2F2EXk56&ul=en-us&de=UTF-8&dt=Bitcoin%20Exchange%20%7C%20Cryptocurrency%20Exchange%20%7C%20Binance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=560312307&gjid=1817299708&cid=889905670.1702359761&tid=UA-102456694-1&_gid=1730347951.1702359761&_r=1&_slc=1&z=1501237548
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/2EXk56
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=865999757&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2F2EXk56&ul=en-us&de=UTF-8&dt=Bitcoin%20Exchange%20%7C%20Cryptocurrency%20Exchange%20%7C%20Binance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTE2Ljg2LjU4LjE3MQ&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=889905670.1702359761&tid=UA-102456694-1&_gid=1730347951.1702359761&z=1252930144
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 01:44:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14295
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 12 Dec 2023 05:42:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33827
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
T0cYGrdKizZNA8eAF+OfsJeR7utY5l/lcEMb/QV9QWfjuvb3IzKSy+B2XdkxOTfBa3H9dD4JSnGLgntJ5H6ILg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=889905670.1702359761&jid=560312307&gjid=1817299708&_gid=1730347951.1702359761&_u=IADAAEAAAAAAACAAI~&z=1918633854
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/2EXk56
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 05:42:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/ Frame 50AB 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
25715c52b05e62b783ac4a6ce99e19e7ec57063396afc0971a76082699b41b8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NmMJH89Z3Yb/GJosK675Xg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5165
reporting-endpoints
x-fb-debug
t8L3/wKSLytWmL58MxyXoAtxT4t4lzkv3aa3QYnPsy5d05FUDgMh0KlDsltCQovUmUheX/5N2v7uCEeUgz9aHQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 20:58:11 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/ Frame 50AB 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
738ace8eb2eee87271d7ae9c8607360e0ebfafa0b0b3b10245e58c62d40894ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
T+xNbOAexLgm083Tlab/RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6442
reporting-endpoints
x-fb-debug
eEmcY1ypDhDxdH6PHmlSOZtigueW8ZoJgUSge9b7WI+sDqgSB/BvIDoHUjTocXn2MPyk6/XiS1+h6sstGM942Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:15:37 GMT
n8fbfpzliiN.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/1,cross/ Frame 50AB 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/1,cross/n8fbfpzliiN.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5b20686ed8a48f9b98bbf4f39eda04ae2fa4116cf90e3707802c5358690acc91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G5r/C0kUQr/pRQVQHIQUaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5132
reporting-endpoints
x-fb-debug
XCICRLeKmHn3eTNzs/qcyTfGjnkN8JsfhkSJGIgF0rN16jabs33t70g4VedpPPJIPDNs6/w7PFahs+aSNKXa4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 22:28:06 GMT
NV8BoM1XChV.js
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 50AB 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
74293afa95dcbd91642f02400175667775e99f363ad58444d7463670f89797ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZP2pL7dD2RKnTtIQsIhLQA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93737
reporting-endpoints
x-fb-debug
rCuFcIUk7U5cFbqGqyvm4JEUMFgvrb27F7WMhQm9fqwJMg78bMyfnuUHofk5GUGUkw8qOueqz5L125cD3hF8Lw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 00:00:07 GMT
1Qpe6hO2Mv9.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 50AB 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/1Qpe6hO2Mv9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
c7a230951774a1e4124863cab4f66f6660313eb167e4a09749a8f04082750abe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LJZxppjxNZMWGI/Nv17hSA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27010
reporting-endpoints
x-fb-debug
FbFo95CfZ3aRvf/YQe4S5Ne5NcbxSncWDa5Wy8O+ENmaccyXxRsQn6cXoHyVEoZHak+KHxB2OAXo93gn1Oz1NQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 04:04:53 GMT
z0xXpo6n_z5.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 50AB 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/z0xXpo6n_z5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
2c9a1bcd3d8193197c2b2b66dd5cb5ac0f6c5d7df46302f84fa27d1c61639a31
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Jo5qS84ypYHZRPwP67qqtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1978
reporting-endpoints
x-fb-debug
0gjTGXykc30xEF9wuyp02AF78GzfFXJJksBTHtSSho0OzBLfLC5/v+pYTLy4wZ8GxeOcxG/qwqRFLS0XTbAddA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 04:04:53 GMT
Zo2PjKxcrx9.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 50AB 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zo2PjKxcrx9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
b82fdbc474d8380a69fa34d303b8af0df698743e7c2d7f6d919c90d06c6279f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ro0k8YNBji3WOW+c8veBZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16922
reporting-endpoints
x-fb-debug
oEv7NYDWV/Irr6uydsPLXLQTdZPvFqhHMfh/iZjPrb8a1Xr/gq5+oeESGUpruxlX5AA2AA91xl0GRbHGL5O9uQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 21:28:11 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 50AB 		507 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
J9U+Oyu0IrySpcUSnAWmoRSK6B9l3zZUPWNgWYogSSfP/efk/nR+5AA6xaDGcd8ZinrkwegoiRbxoZdxuyUaQQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 00:20:20 GMT
3mr-_N1X4DO.js
static.xx.fbcdn.net/rsrc.php/v3iZSi4/yh/l/zh_CN/ Frame 50AB 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iZSi4/yh/l/zh_CN/3mr-_N1X4DO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
0ed52d2d1392d912fef2f22a3d62ad0b89496325dee4bacf6da720290085b64c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/Ip8jdlFY3qV/UfxT1yBeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7935
reporting-endpoints
x-fb-debug
xcJzu7qvDp3Rw/omCIFEVRrnNS5isCn4WKdery4pLzsLXhE+hcF4NQeblSrQGXFWvZv2egxiSxER2dXr4RrCMQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:32:01 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3iTSw4/yv/l/zh_CN/ Frame 50AB 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yv/l/zh_CN/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
7cf8928ddba04f94e9092d0dd6d39dab8e30fa420377f1564069c547b8d5bbc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nvpOi0RUPRCGfbSZNzinIg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20149
reporting-endpoints
x-fb-debug
Dleb2GEEF6yGPWc+xxGxE+VJHlBOs0Y81f3etj1FceApmhlWn49YvNyWxi+ez81L8IV8XTwo7hnMLvtChbWrFQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:08:54 GMT
1eTSsVqlWLK.js
static.xx.fbcdn.net/rsrc.php/v3iva14/yC/l/zh_CN/ Frame 50AB 		344 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iva14/yC/l/zh_CN/1eTSsVqlWLK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
be191a83b016b3636a12f4c8043e306a4eef8edba5b334e2199cdf6e16de6bde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+pSdgijDG5lI5eSZzmdKbQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83190
reporting-endpoints
x-fb-debug
w7B2Vc+SHcyuRLWxFgKHimSkIq6weCsh3tzuQw+G2nLDP7xPOXSUdbF0sSqWa56EEEoZYMsYhpSOOChHEZLOiA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:32:01 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3i4TZ4/yO/l/zh_CN/ Frame 50AB 		398 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4TZ4/yO/l/zh_CN/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
a3579a1bc25be56f318b27bdadca1d332c142b985f579a68bd0804e7b0e90ea9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cHVOhii5BpnB8RdGW2REpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95617
reporting-endpoints
x-fb-debug
Mv8L9KXEeUKP6m7A1vkavHXJjiaLww4h9xhy8YrgKgIXkA1QTxImFbWemGPOvg1UpyJU5P1VqBKfpQeUMHuPvQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 20:37:38 GMT
2JkHYEDy4IG.js
static.xx.fbcdn.net/rsrc.php/v3i7Te4/yE/l/zh_CN/ Frame 50AB 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7Te4/yE/l/zh_CN/2JkHYEDy4IG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
69c6c22a1f80db87cbb8a3fa56216c94a7f6a9a453728bbf04f39eeb1eae7157
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hdkZDUi4DCKBBv852PETAQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17840
reporting-endpoints
x-fb-debug
AtW6S2NnFC8M5t36qJAnSoEbQjeIpp3rHEnWTpuvma2k8bfsxtSrVi/LHxN7/OcVI/WtNUBJ55enY2hjQmk11Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:32:01 GMT
gpyCFiQlHow.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 50AB 		209 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/gpyCFiQlHow.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
77346cbb67be753c266961545d64638a6bd8771c1031ff30846e36fba0b786f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
p9SjMX5ibKDqk9MOqWYI2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61034
reporting-endpoints
x-fb-debug
QpJK7I7lWAJ5oTzlmybYjLW4ZH2bNKTUtWeX0pdAC1P3XQT23C+SNtKbIHbmtghTeKWk3H5+6Rd4XR9DNiH8Sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:12:37 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 50AB 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
vPoFO2G4xl/SSkop9W97P+QFJAtT9Sw3ZvE5PqmaQRFglW6DtM6YlwVdBw3RhWbVQxdtpAgITJpI2IyV0wxMRQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:42:12 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 50AB 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
G85qmZdk/b80tJW9474zJMlMejTl+X8V9Njkf7uqmOrQQ11dDRQF0ffhyvu7aY5kRV/EmTMjrchJ0fLhzb3H4Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 19:09:03 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-6/ Frame 50AB 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=KF7ckY7Fk7IAX8uucRX&_nc_ht=scontent.fsin16-1.fna&edm=ADwHzz8EAAAA&oh=00_AfD_XsV7TGmNTWHKzwdj0o2wAZSL6omZakz_FDXARBoH9w&oe=657D7A05
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBAVr21o7FKkUNKXKsW5IOgfFeq3uckLAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-1/ Frame 50AB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=yWJeOfJyZqcAX8onVDh&_nc_ht=scontent.fsin16-1.fna&edm=ADwHzz8EAAAA&oh=00_AfCLF9jnSoH4xVDrDYT_ZisnmgGkYM7J2UfGpJ1xpOic3A&oe=657C3995
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=889905670.1702359761&jid=560312307&_u=IADAAEAAAAAAACAAI~&z=413832973
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=889905670.1702359761&jid=560312307&_u=IADAAEAAAAAAACAAI~&z=413832973
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702359762337&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702359762334.1999135445&cs_est=true&pm=1&hrl=29aa21&ler=empty&it=1702359761030&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 12 Dec 2023 05:42:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Dec 2023 05:42:43 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
543965
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8343a5455d054cc5-SIN
expires
Fri, 15 Dec 2023 05:42:42 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:21:06 GMT
content-encoding
gzip
age
15696
x-guploader-uploadid
ABPtcPqoef7tqWBsbtt_tv4aqXkSkWC2S4aY3psGwK7OcxIfOMEDUshAWO8-US_W4rNmR16_LYHlU71qiEaUrMYs-m4Gb0fc33A7
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 11 Dec 2024 01:21:06 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
7e9666575f4dce44ff1de53affb67ac5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-65.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:28:57 GMT
content-encoding
gzip
via
1.1 ea3ab3ba863446bb1632fe25698154f4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C2
age
29626
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fQMIeEY6bJgRwSO-GwlNeejIWIg5jy7_lgpakr9OGbwidW_EPY3G_A==
ads
securepubads.g.doubleclick.net/gampad/ 		259 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2892844258581353&correlator=2769453809873383&eid=31079827%2C31080122%2C31080020%2C44807747&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702359762392&lmt=1702359762&adxs=245%2C1005%2C245%2C625&adys=455%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2F2EXk56&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=889905670.1702359761&ga_sid=1702359762&ga_hid=865999757&ga_fc=true&dlt=1702359759292&idt=3054&cust_params=url%3D%252F2EXk56%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e15f3a37ee4e6cf34fc36840b0a5a60d5ddbed696fe966807d40fa16c7ceedd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69637
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2892844258581353&correlator=2769453809873383&eid=31079827%2C31080122%2C31080020%2C44807747&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702359762404&lmt=1702359762&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2F2EXk56&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=889905670.1702359761&ga_sid=1702359762&ga_hid=865999757&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0Iuy5MUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjQi7LkxTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yz4uy5MUxSABSAghkEhcKCHJ0YmhvdXNlGNCLsuTFMUgAUgIIZBIUCgVvcGVueBjQi7LkxTFIAFICCGQ.&dlt=1702359759292&idt=3054&cust_params=url%3D%252F2EXk56%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
6eabe31f4afb0b4370083d5354f5668a9586aea3c670d5a5e482c5f4250c210a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12480
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:43 GMT
expires
Wed, 11 Dec 2024 05:42:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 50AB 		573 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
v5vwrmIydaAyi1M76CCAXx2NoJDeKXX4pI/JR5Nhh6ZEAsCAkFs9s6nhR4jtN8ZX4gQdcvJMNmkSwEBu/qTeUQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 10:42:29 GMT
F_DQGwwgY98.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 50AB 		1 KB
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/F_DQGwwgY98.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
bc62be07d652f0c17d0ac238df52c7f628e1a00836060ac88493bcf1c5f328f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cI8AOHBR2RhP6Z3B54aowA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
425
reporting-endpoints
x-fb-debug
gP1EAOgrLD1FXgQIuDoYgADq2pxu1seN2CK3L0J7ABfKU5lh3l55bvO2Ql8TpYR2/yQ5Za56O6Gm4zc4X3mxeg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:50:45 GMT
0mxAqWR3D1_.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 50AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/0mxAqWR3D1_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
8538ac8affdd67f70b035156cbf6303a83988bff319be7eb3d61cdd61be84926
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zt0dAqHCK5jAyx6WLYktYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
893
reporting-endpoints
x-fb-debug
zOEcFnIHgb87c7iha8r98fnD76bbe19uHpJPqk9cIxLVEZ1mRls5hVg6AdmfPKGvplFpg2Oaosm1/en6UCsslg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:50:45 GMT
Q3gBXmVJO6M.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 50AB 		130 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/Q3gBXmVJO6M.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
6e130a84f32acbb8f10ecc944bc9b0d27131df8e4f823fbaa047f14c84ec5e85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:42 GMT
x-content-type-options
nosniff
content-md5
UtYxDR2cQR7ZR9ot9sseLQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
130
reporting-endpoints
x-fb-debug
RF58ytFLlpVe0M6DOynN2KdlLz1HW+uCp8Fy3QvkI6NLXrsvUV8Gm07idCkb8Qtf3OdR0J9TjCyiVDmVXPZ1Ew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:59:44 GMT
b03rUpj3fKJ.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 50AB 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pG8ZphjXUfeB/6xAtn+7sQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3454
reporting-endpoints
x-fb-debug
yPsPSc+q8hW3IPRyOzM91HmVFJpMt99Qlm78epMQkFtwiM/95OkVs3YHWmEqWOHT37NuB4Q/Dq4va4pGjGn6QQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:13:12 GMT
C8LrV2fV5JS.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 50AB 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uzIAFtOVooYStiVL9khrKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74671
reporting-endpoints
x-fb-debug
0SVGiXKuO4hc0v5GMaB3GP745MZAeOVSeaIims7GIsCx7jkVPBmci6SI7Y/gsdY3y9tU99f/8WGEi96nZaGM1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:18:18 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 50AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
nvI0B84us7n/fRywguwYi8Ad9YROdRtX6PlXKfAk2UwJk8NZ3JhLVXlxrjaHuGXxpGzXCyw0XV6jQSJRFXoC3g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:15:21 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 50AB 		90 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2F2EXk56%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19703.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010353849&__s=%3A%3A0qz9h4&__hsi=7311579497066150390&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yv/l/zh_CN/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
42aa051551a96f11dedce4fe6e7d3de5e6dc3b87ed100efa8d711a61d0efee95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
5gEC6JG1Vp9ZtgWjUzJCPF
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 05:42:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
J+49/aff6JIwUs+Q9v6leDOUhXUFOnh01O9TRSZ7CCvtQ1TO4g93Cvf/e09iHLXkTFyvM4MOmXrzej2naIWSdw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 50AB 		62 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yv/l/zh_CN/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
c9d0079eac6d586130799aa185270e78614f268aa07439386f894361e170c6f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
5gEC6JG1Vp9ZtgWjUzJCPF
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 05:42:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
az7ALwa3gHpJtnGincK7B9YNO2wTWBqif4bksmbqx67D3/RvbPLjZ3NZcdiA/Msy9WITQyXFb5/Mx0h9Mig06Q==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 50AB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
ePkhLhAWK1RljlWqzH2rB/FtQoe8r1008ZK8hAqw7LDAa5geCOHgvcJNg6XP9eiuyggUWeuk7cHY2SMhxt/ohg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 10:31:58 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 50AB 		1 KB
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yv/l/zh_CN/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
24a974b3e7c7bd25a28a932f1b467fa67110a067a58b695d6687a98e7bb5c2e7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
5gEC6JG1Vp9ZtgWjUzJCPF
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 05:42:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
tyHdzwPvM9uwybhZSujJ3PQdCh3y3BqJB8ViKb4jePJYBWYt4BWoq4tAtxhComsJxCEyvM3PWoYwH27XEUi9Yg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2F2EXk56&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2F2EXk56&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2F2EXk56&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1213d8f3e5597bb7e50c81a51edd4306ed609762f0541c716a9887ac4e228116

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-mDPpwP2m2m8F9NRylJXZ5s9mjKk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 12 Dec 2023 05:42:43 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2F2EXk56&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 50AB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
1yPg4l37NU6nG2DIBb4f0qu/SmPOYjTFcM7QtkuIeMNeOUHYVc4OmbsRtN3q3TO12/p84hJhFRu9O+2U1RwKbg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 13:32:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F999 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-dbtZBqAw_W_7o4rUp_vD0hphXQNsrUM4yGimVTMXjTKxeHzC1ZUo8MWD46-JZTt0jZiPuPLHQCLdrzaubrqZVo9n4GDlQUa61cpJv1I5iCLkyOxZZDTv2b0RSNTtcKphgbt5e8RCIhSQf4HKaCiOJ0Yv17XuxCRMRSN1HXDPs00Q7PhIenmPGP2Q588WzAltYlfzXLfApRDLzyOESOCCkb1La96C53E5EoL-X7AAXGhLXtc6sI4S17CeBoBHnTSLFEteiro--G7Es_2UbfZAoYx5d_zX7cwA8l5rIbBLwDSIF1yERqvPxQLoGJmH7RCvCGzjMY6XUDykayoRg40aQQsdIfYnkZGuBakoXjo7yniHj3X4LhritruUWFqwAZEQI0BRnw&sai=AMfl-YS4FZmm3KxW3V3AsanTaO0OAaw2iIjhuP_X44uJZsKM0H0rZ6l0PpZHbqlfGueovvCfxetM96k0Qr8VRQ_DUqLGIbDn4pAJdnnltcXwLSNlFJgKRGFNtJklyMW_NE7jRx34Q9l4WoFCUJV7ro0uzWo&sig=Cg0ArKJSzIGjeCqjHD5CEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:42:43 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame F999 		535 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-47.hkg54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 10:59:32 GMT
via
1.1 55d83db5a50536e07b14c7703770b8d0.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
HKG54-C1
age
16051391
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
oMCoj5fM4LUxzVzoCN4llvBTfcTfymQ-hfosF_oroAtu1SfDgf7-CQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F999 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:43 GMT
container.html
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 298D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:43 GMT
expires
Wed, 11 Dec 2024 05:42:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACD2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:43 GMT
expires
Wed, 11 Dec 2024 05:42:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame DD5A 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 07:53:20 GMT
age
78563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 07:53:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD5A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 07:53:20 GMT
age
78564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 07:53:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD5A 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 07:53:20 GMT
age
78564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 07:53:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD5A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Dec 2023 07:53:20 GMT
age
78564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Dec 2024 07:53:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DD5A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Dec 2023 03:11:34 GMT
age
9070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Dec 2024 03:11:34 GMT
truncated
/ Frame DD5A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf818741d89b8858ebc0068986712987c2caaa8d044a3095b1ba24fe7d912ecb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
container.html
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2824 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:43 GMT
expires
Wed, 11 Dec 2024 05:42:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14079477985285925672
tpc.googlesyndication.com/daca_images/simgad/ Frame DD5A 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14079477985285925672
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
9c9521893fa13addb40a46af5a54983bca24dca5f09a5f21f5d96fa3c73a0f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 02:46:11 GMT
x-content-type-options
nosniff
age
269792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40869
x-xss-protection
0
last-modified
Wed, 21 Jun 2023 09:44:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 02:46:11 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DD5A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:46:12 GMT
x-content-type-options
nosniff
server
cafe
age
86191
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:46:12 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DD5A 		344 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:15:57 GMT
x-content-type-options
nosniff
server
cafe
age
62806
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:15:57 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 17FB 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXBXD-ECXGsNIqgF-NNOHbiIFbTDWg554OWfj8JrmmgB5Idnlji9_09omhC6DyzVx3dks-tUpJhNT3654qm9_zeX1eQqw
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame ACD2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACD2 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACFSDjIAo5OgIrCXm1LSXXHTXFTAB8H2JFKOnK8YjZNYy7lY_ZlPk9HalxyVgHYtmtnvudv_rGDrgzM7-0Qt8dPe5MziGWYORKutwwKAUO2GtxgaY
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ACD2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame ACD2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ACD2 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:43 GMT
css
fonts.googleapis.com/ Frame 298D 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:32:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 05:42:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 298D 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:01:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 05:01:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 298D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
32222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Dec 2023 20:45:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 298D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 298D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:53 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 298D 		225 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 05:56:43 GMT
x-content-type-options
nosniff
server
cafe
age
85560
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:56:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 298D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:43 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 298D 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 10:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 10:31:26 GMT
7349714616098660700
tpc.googlesyndication.com/simgad/ Frame 298D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7349714616098660700?w=100&h=100&tw=1&q=75
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d9d82fda9aab8d3c10f09220d42b49e5cec40920940a144c93de042f0e5e2456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:40:50 GMT
x-content-type-options
nosniff
age
28913
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3824
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:54:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 21:40:50 GMT
truncated
/ Frame 298D 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 298D 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
syncframe
gum.criteo.com/ Frame BE28 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0ad5920e3de2d02ca93b81772e599c49917fd42922ea3fbf226b915a23fd062e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:43 GMT
server
Kestrel
server-processing-duration-in-ticks
758733
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
pixel
googleads.g.doubleclick.net/xbbe/ Frame 38F1 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNUBDdqPk4m7ygwGPUA8u-s4TSINUSbdSmQir3hqL33O2yg2DN0DVM24YT_ghae18YG9HwjFHsCRu5HjRAmd4dxarXL4HQ
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2824 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2824 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AFSOk82yN2CrCkWeZhTO64NvUuQxIP-3-1Y9yNZnbf8lZJnc2AyBaXSpJqn9z2q5tW4KMba2bqBx5o3dM3j_9kS1SnX1VFwFW6MaVEVfIOBuWbklI
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2824 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2824 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
13730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2824 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 05:42:43 GMT
2Yd4YbKG5Pn.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/ Frame 50AB 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/2Yd4YbKG5Pn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
d9bf15bff194c24e180cde56d1126881b90d85c38a06e977d5ef225d3888dc6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2K3i2lGw5P1ctWVCNew+xg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5750
reporting-endpoints
x-fb-debug
upR8QngLzGu6Toyz4c0EnkRIEcVRh78RkTEW9Cqem/kSrrpHxe+uWTIRlGdVHJuPf5G2OKWSEDFYvJGNu8EqYQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 18:31:06 GMT
truncated
/ Frame 50AB 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
uAMMUd1P0Xp.js
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 50AB 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/uAMMUd1P0Xp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
ebf59dfe9a31ceef06700f1754e8f180cf7cdc831e1fc22bd8a200ad0afe9b71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jW9R/cHPu1cDFmUiRIOgMg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15945
reporting-endpoints
x-fb-debug
F1PX9fclrQXcAHzfdwSVohnx+xrxc/voP/sAFOb7Rza9LTWNt3NYizvNMpX+QqqZfD2v9RNxcyLuv4PE4dwN4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:12:44 GMT
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 50AB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9fmJr3THTP07qrIGN3DNCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2755
reporting-endpoints
x-fb-debug
NcZ/bgWUeOQavU+byZs6Bu7Nv42wue5LCmJrWBywGbkTTYKZJThogKbblXbyRjct8KoOvD2qg0JNWzuzexRckQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 16:09:07 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 50AB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
reporting-endpoints
x-fb-debug
VYxGW+HhmI06SE2HPpz6BiH+aIG+r7lcMzQgUBnw9BQmtqSuoxtvdOFZwGbF7zXS+KOO1czLTJo4WP3Cn4LbWA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:12:41 GMT
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.167.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-167-65.hkg54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:00:29 GMT
via
1.1 0cfddac687b0e42e0853cfa412519154.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
HKG54-C1
age
13336
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
dxJmBXzQ97XVt4n8eF2fpS3r1RQoLKCJtvM7gZRgM__PNy6daFiWgQ==
map
bcp.crwdcntrl.net/6/ 		235 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.210.192 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-210-192.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e34227557e8309f359ef824733c25736bc0e2104c38c86c307142ef6d721b147

Request headers

Referer
https://reurl.cc/2EXk56
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.24.124
access-control-allow-credentials
true
content-length
235
expires
0
305964663_450890893727816_1742559653774706626_n.jpg
scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-1/ Frame 50AB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=yWJeOfJyZqcAX8onVDh&_nc_ht=scontent.fsin16-1.fna&oh=00_AfB-krB2hdKIz_6HvD3O-4lpDb0RBwRjA4d5v_YvZTmXyw&oe=657C3995
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
10041237451703642184
external.fsin16-1.fna.fbcdn.net/emg1/v/t13/ Frame 50AB 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external.fsin16-1.fna.fbcdn.net/emg1/v/t13/10041237451703642184?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2FCoupang%E9%85%B7%E6%BE%8E%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGej5YhRdZMvkGclJqi_3TUnAPdN4kOemaQ-4GGrcrbHg&oe=65797C6A&_nc_sid=e42f53
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
4cae1a25d86e49521475bc48221489901b3b39d63c07e9889de221bad8d7ac16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
last-modified
Sat, 18 Nov 2023 18:26:20 GMT
x-fb-original-response-code
200
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2843534909
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
25039
alt-svc
h3=":443"; ma=86400
9383379062544900719
external.fsin16-1.fna.fbcdn.net/emg1/v/t13/ Frame 50AB 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external.fsin16-1.fna.fbcdn.net/emg1/v/t13/9383379062544900719?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2F%E5%85%83%E5%A4%A7%E9%91%BD%E9%87%91%E6%99%BA%E5%AF%8C-icash-%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbE243JBHiXipgXqsPXLUjI1mBOzAdYq8MRQH9TQTFWX8w&oe=6579C4D7&_nc_sid=e42f53
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
c7b4b5dc3ddc85576c11a8d1fe5d82316632454870c40f31616ccc4e249c4fc6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
last-modified
Sat, 09 Dec 2023 08:07:31 GMT
x-fb-original-response-code
200
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=264420440
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
x-fb-original-response-reason
OK
content-length
32258
alt-svc
h3=":443"; ma=86400
377339650_120200301975300248_5194458254965859906_n.jpg
scontent.fsin16-1.fna.fbcdn.net/v/t45.1600-4/ Frame 50AB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin16-1.fna.fbcdn.net/v/t45.1600-4/377339650_120200301975300248_5194458254965859906_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=111&ccb=1-7&_nc_sid=528f85&_nc_ohc=mkunWtLqnK4AX8WRpex&_nc_ht=scontent.fsin16-1.fna&oh=00_AfBTuo2AJB08l_3Mk9APQopzThRw6x4ZbX1NHWBn2j_9tA&oe=657C9EB6
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
dbd47670b0bb46f0bf402a24a3793ed813de07921a104da141c9d68e5f5cd074

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sun, 15 Oct 2023 12:04:46 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2355244660
thrift_fmhk
GBAIkjxM60YhqGYNyuU0UW9aFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
620079190
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21355
377987026_690579996425570_2654391587099280527_n.jpg
scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-6/ Frame 50AB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fsin16-1.fna.fbcdn.net/v/t39.30808-6/377987026_690579996425570_2654391587099280527_n.jpg?stp=cp6_dst-jpg_p160x160&_nc_cat=101&ccb=1-7&_nc_sid=ab7367&_nc_ohc=kYr6uh9OzaMAX-lfbJH&_nc_ht=scontent.fsin16-1.fna&oh=00_AfDtVtbpcZLbGLfXYrXDTUifITlOvdBwdVCeOfG2-CQ9Iw&oe=657D2BF4
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.117.89.148 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),
Reverse DNS
Software
/
Resource Hash
142def09d9dbc6078f880d256cadd2e15f3808f149bfed6163de428ad0ab7d72

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:43 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Sun, 10 Sep 2023 13:30:13 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3507493438
thrift_fmhk
GBCz0miG5LcavrGivb6+rNjsFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3809633873
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
13165
re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 50AB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/1,cross/n8fbfpzliiN.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/1,cross/n8fbfpzliiN.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
x-content-type-options
nosniff
content-md5
i7RWZH3OINQHgRs93K4JmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2674
reporting-endpoints
x-fb-debug
mowuhqjfWpiTgav7UZhygFhufKFvua7bA34o8VxHySEpLODIt4LIzkECZG/2ToB5cmO+CuoXQBZowts4NOSM+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 09:13:39 GMT
MKQzjVd1bVq.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 50AB 		548 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Tue, 12 Dec 2023 05:42:43 GMT
x-content-type-options
nosniff
content-md5
l20F61ct/3QC2rM+eGjRow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
548
reporting-endpoints
x-fb-debug
5DaohfU3nEtJqJDpUe2wCRwHgQdxrB4q3Z7WLnPflExMixFm9kSoIcLhH9ICdH6EN6GdSyD66wdKXpuKhMhZ2g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 15:30:08 GMT
truncated
/ Frame F999 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4e5ce550c2838b7dd4d44cf2285a2b4707c25f0a30a33917c25a0aa2ce94586

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F999 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuscEz2ir7Beycze2ZyrfSu6qBxgVvN-ju-SnesZUuVZObkGaWBRbFx-9jSXA1WF26T1te-bkxbAd_zQwhZKp08TSpr8Yheevzxy-VP0y99npiQgh1ZeeFDgwNt6mMWRNERs3iyEs-6zaDR7m0_UBiGGxyEMLu3rjuDW9eaKJ7vbAdcgaYEiPX5LnjUvt32Fg8LQMoDKsTtyIsPNQOqsJT9HrRxhmtIuC4zN0ZzNwCzcvEqd8yxcdmrjKU3RdTvOAlPyaE2ItgQ___U1ypQuUeL--EcFja56qRVKWvcu8wUf2qBBJTwlOsRz3Fd6eA3SEeNNLfrNRdqhKK1wx7uXr7IOoD_GrJcWMnfhI40-tWsif5dRXfG_JDd0UuDwaPb7RQdf0HtHSqm&sai=AMfl-YQBNpS2ecKYeNlTKRiNAwUbeM6E0DDyNFvOcwNXs2MSMb4IQRgbxRQvAJF1xEAvTbteyKebegQAVYd60lIP1RaJEWOC8LXr8sh9RV9PBoj0VCVpxyJMwV6Dq07fqTprHY8auyMIapPwDHEge0bsjtQ&sig=Cg0ArKJSzPwmw9QQjYaGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:42:44 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 098F 		484 B
725 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ab34343b7e5c6413c07f5afc0fa30d5d9faae5b0df4c041c44584f11045fb5f8

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
308
content-type
text/html
date
Tue, 12 Dec 2023 05:42:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame 298D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0754d4bba38c7f711e86437d4bbba70c048496a3d3f41e5117d33f12de5189e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame DD5A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Server
64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 298D
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CjzGo0vJ3ZfPBH_PNssUP4puWmAiF-Ye_dP3T0pSBEvzBtauuARABINLMgRpgvwWgAauIrYcDyAEJqQKD_-y0afqoPuACAKgDAcgDywSqBK4CT9A2KQuYnDjQYKLkld_Hl5fyFHz9ybJe...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5770c92734fef6a50000000000000000%22,%222%22:%220x423a7fd2425ed3ba0000000000000000%22,%223%22:%220x8c2dbd...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5770c92734fef6a50000000000000000%22,%222%22:%220x423a7fd2425ed3ba0000000000000000%22,%223%22:%220x8c2dbd14d49d1fe10000000000000000%22,%224%22:%220x2ae125da2b05c7f0000000000000000%22,%225%22:%220xcae18ad38d453bdb0000000000000000%22},%22debug_key%22:%2213136617319782920102%22,%22debug_reporting%22:true,%22destination%22:%22https://cheers.com.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22820724779%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224960405234535923073%22}&andc=true
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H3
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:46 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x5770c92734fef6a50000000000000000","2":"0x423a7fd2425ed3ba0000000000000000","3":"0x8c2dbd14d49d1fe10000000000000000","4":"0x2ae125da2b05c7f0000000000000000","5":"0xcae18ad38d453bdb0000000000000000"},"debug_key":"13136617319782920102","debug_reporting":true,"destination":"https://cheers.com.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["820724779"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"4960405234535923073"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:42:46 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5770c92734fef6a50000000000000000","2":"0x423a7fd2425ed3ba0000000000000000","3":"0x8c2dbd14d49d1fe10000000000000000","4":"0x2ae125da2b05c7f0000000000000000","5":"0xcae18ad38d453bdb0000000000000000"},"debug_key":"13136617319782920102","debug_reporting":true,"destination":"https://cheers.com.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["820724779"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"4960405234535923073"}&andc=true
access-control-allow-origin
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjzGo0vJ3ZfPBH_PNssUP4puWmAiF-Ye_dP3T0pSBEvzBtauuARABINLMgRpgvwWgAauIrYcDyAEJqQKD_-y0afqoPuACAKgDAcgDywSqBK4CT9A2KQuYnDjQYKLkld_Hl5fyFHz9ybJeJmlpOTz08ddZFdhhP679Cl_d-oS9RkA2QgGSS0zAd3stnrfraPg2syjYXNtgvjib0qUjZbD5H-xtnvmtDUyofplg2oif1KNh0RvdlgDc2zBqdiNpozOfj_wRwB7BllBqbznHU7vnpB3hBL8K1DB4wlzHgr1YLaNRYhSuCbno5mAZ4C67KBR7_qE6c2P_28SAuoTd6zwGLkeY4Jy6olOXFsOtP4oNlmkef130jvBXex-E7i8DwVwKnPVuN7Gl7CuT6QdmRBVD0bmN33IkWWbIDg1Xt3sUmJqYvxxTal1iljj7ekurXan1eoAJr-yMI0HldZRb6ldJkGm_SmPLJiW4MIfRW6vTNSwooaUBsJG--WMC5JeDQY7ABLHl8ZDRBOAEAYgF9Kvbs02SBQQIBBgBkgUECAUYBKAGLoAHtcH5hAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCowwzSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WK25sKeYiYMDmgkmaHR0cHM6Ly9jaGVlcnMuY29tLnNnL2NocmlzdG1hcy1kZWFscy-ACgPICwGYDIae9_nUBKIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKENCv9qaW1aTZMRICAQPiDRMIrYuxp5iJgwMV86asAh3ijQWDuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGbIYAyIBAA&sigh=PYlTQGEJOOY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&template_id=515&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 05:42:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 17FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXBXD-ECXGsNIqgF-NNOHbiIFbTDWg554OWfj8JrmmgB5Idnlji9_09omhC6DyzVx3dks-tUpJhNT3654qm9_zeX1eQqw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhmIxfc%2F1XruoDurVHhrozYwzk7EGc8Y19hm4gH5ZDTHeVgcnBSbhJ6u27nY3qgH7zZb6asxjcdDtnCMaUbwykE28YfMHyl%2BQIvuXJss9AclaX71Ml%2B3y4enVFi1%2FLkJQhnQntgLirwYfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343a551dba33f63-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9e5uu5qCq9Za%2FhH%2B%2FhM3cIGBmWBsejzWIh2WwP3M2mC7PU6j%2FixC9V%2BKr%2B3j3V9kKyECs6aL2JkU54Ao8L2ivXCtdp5I9BVLotR7hzXuP3PApXDIUxiODSXJnJb%2B0ZCjP%2BVKjfWq1dPHtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
cache-control
no-cache
cf-ray
8343a550da293f63-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 17FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXfy1GBSlLki0kjUiYeJ-wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXBXD-ECXGsNIqgF-NNOHbiIFbTDWg554OWfj8JrmmgB5Idnlji9_09omhC6DyzVx3dks-tUpJhNT3654qm9_zeX1eQqw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crSzAmbxQAT%2FwahBKkzz2Ur5PNNgLj0S3ua4pY1zxHCD63YiaqV6wlTGX1H5nIq0%2BRfiuT8YsrBMtxDvw28sQGnpY2BdobwxCd2UraceqJu89QvdhKpy5XxEFocH%2F2PDcxlmS2wkLXY6Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343a552bc973f63-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 17FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXBXD-ECXGsNIqgF-NNOHbiIFbTDWg554OWfj8JrmmgB5Idnlji9_09omhC6DyzVx3dks-tUpJhNT3654qm9_zeX1eQqw
Protocol
H2
Server
103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
an-x-request-uuid
53ff0797-2df5-444e-a906-8edbaac39fcb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.58.171; 116.86.58.171; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 17FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5MTA5MDc0Mzk4MTY2ODgzMA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5MTA5MDc0Mzk4MTY2ODgzMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXBXD-ECXGsNIqgF-NNOHbiIFbTDWg554OWfj8JrmmgB5Idnlji9_09omhC6DyzVx3dks-tUpJhNT3654qm9_zeX1eQqw
Protocol
H2
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
an-x-request-uuid
48af19c9-d323-43c8-be39-a608234af728
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ5MTA5MDc0Mzk4MTY2ODgzMA%3D%3D
x-proxy-origin
116.86.58.171; 116.86.58.171; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 38F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNUBDdqPk4m7ygwGPUA8u-s4TSINUSbdSmQir3hqL33O2yg2DN0DVM24YT_ghae18YG9HwjFHsCRu5HjRAmd4dxarXL4HQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tN8c3W3GQ1Oj%2BEgrJiUH%2F7dek2Q7TPDDbxmHL4VUok6k9oDCPRb5moiTjnMujoqbX3rQOOfoOOsqcCp6jNUxtd3dhNZhAILvFlo9WDwnisublokA6Nqe%2F9pPQ7A1WskjVwsjBCxQYAO9DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343a551bb5e3f63-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovYzfuHvI606csjDZlE65qGVc%2FU%2B3iKWTDxybHThyhU0Et4imv6gDp3W0Lc8P3RU9oLTb0kesE05DL7XqYN528Q3AkVQEbf9SWaB6DYB12Y7%2FECk5lGG3%2BcZ3ErsnURT2scrffXqw3cgsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1&C=1
cache-control
no-cache
cf-ray
8343a550da273f63-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 38F1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXfy1EJPpt85Wdbc5XIzPwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNUBDdqPk4m7ygwGPUA8u-s4TSINUSbdSmQir3hqL33O2yg2DN0DVM24YT_ghae18YG9HwjFHsCRu5HjRAmd4dxarXL4HQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eB9%2B7JbmTNYlBHNUYltkJx5ZMI19afgIG98ttcrDGqpY7Ax%2F%2BUdhWV7XqWS0PFyT2%2BhYBpQiBj1bXWU8ItFKysIai02ve6NQeSbrmNQy4Qq7yx6V6gqvSaDb9LR%2FX%2FXT6RSfYSnuBU7Ccg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8343a552eca93f63-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOPileZ0TBHBgVE-uB7_lw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 38F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNUBDdqPk4m7ygwGPUA8u-s4TSINUSbdSmQir3hqL33O2yg2DN0DVM24YT_ghae18YG9HwjFHsCRu5HjRAmd4dxarXL4HQ
Protocol
H2
Server
103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
an-x-request-uuid
e822f06c-0e6f-4414-bc17-67a2a9407865
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.58.171; 116.86.58.171; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPnCNskQShRf1bKQINfPcxw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 38F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk4OTE2Mjc4MDgwNjYyMzg0OA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk4OTE2Mjc4MDgwNjYyMzg0OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNUBDdqPk4m7ygwGPUA8u-s4TSINUSbdSmQir3hqL33O2yg2DN0DVM24YT_ghae18YG9HwjFHsCRu5HjRAmd4dxarXL4HQ
Protocol
H2
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
an-x-request-uuid
eb756bb4-2cc4-4248-aa88-b9a0df21eba3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk4OTE2Mjc4MDgwNjYyMzg0OA%3D%3D
x-proxy-origin
116.86.58.171; 116.86.58.171; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 298D 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:56:24 GMT
x-content-type-options
nosniff
age
513980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 06:56:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACD2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3075200399349&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACD2 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3075200399349&version=m202309260101&ct=76&x=1&cor=9926312082979428000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame ACD2 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0v8oZze367PFrK5cp1x1BEIj4nL4ZCfv55etIsLnd6dp8fs0v_Ad5QcgOM8kxSSra8mEjM_ioxQqY6edMebMy4OwOjmzi9uV7BU3pAafzpcNinz-ukrdcnLt4vYm6wP9MHV-5jGBFgLZQ4ubmrwolt_YScVp-BecFqcIQxtl8kbtukhc&dbm_d=AKAmf-DYwK-tCaUmJj2XknZaM6r8lKD_bmsbqylc7kfC-VziLBUUFaMGRLEgjiWeJ3GQQKvtYfFqwRafZAomPiUOmWRYEzOtfVqLiI4b8Hu6i2lVmyuBA-IcQE51GlRs6SVWZdbEV0NdB4mzo013ioO7qTE5xSmBCAD2PiqgAi2sKCbfFD1pjx6Sewt8PdUOjm_SL8dkvci9aPpBfFrrmah28JXDWg5NIbwB9FvFoNi79LlVmt21RxSqDsXep64llFUMtKrxeWRK-aVOlPRJ3E_4mo634QV7J9QezbG5qc7LJdoLFKbsp_M_gXef2ghaTXtIG5qX6uiMB570ujglvKZbyF0rAoXB-ta0MdFint7TpQH6OEBWTrl-og-_zKlOKOrx_506TGpsiP7sUgQk0QOf9PAY404IIilR2AWsEtVb7GYYGw-3HtBP5is4sLWh8L6gp8UDPMWCsWH3phEqst5HchgAE0g-Qy1F1lYTAQOWG0uIVH3TCUkXyT0Jzu_5SAZFlytw-coh4X3j3hRS1Bnnv1flPKrCAjMZNsZmvng7LR_490ockarGHtdCt-DP6inD8x69TcZSDZXWvJLASu0lLgGziEeOfFnXYq8Vve6DzSq_u5TewTm9VvAxa1nzePZ7cmpl0vmmjOl32CwuQagASmH4MhdmvQc0jrEQgHp2D6yBWn4W8IOtNHIVET8Vjz0lZnVbh_indF50oZI-BPMNJRxJiG43U-hkQ_38T5n_o44HexbxMw7Xw1gfJihapr41ADIkxVPnxEMRxf2rjHrWPMSrsF1dfsI_YXTi-Ko_N23HHEOiuXgtV_BhRb9jHP7IBjn_MddGHS4ee_L8t8ixfMUWqWF4y7u2v5GzvGE_lTJXBq9juxnWZNSKoOIjyeVXNDFYEr-0pzo01He8yzhg07zQHIn20IkM1KJK-D1jsiMhic2259JrTBaFEdCusH3Gwciq3ija_vsR7G97WUafoO0p0vs0XK3Uts-KqfILMxCqtryff3d5i8oZHU31kG0zGrayynqnrzFgfsjwsHylu4FVor05Ig2Y7ft1jqo9ZOgAxwvZBbXyTvqrF_lO-EZzQTWq6g_0V_jqd5rrMX9jbGfn65Wq4ta3kgaXwC2oJd11qEK-QnYaMCr4SFpqYLFocgHa2kJIqEIy_8y5DEUhcmYlzErIxDWmff3QakF5uJCvwfUVqziXNfQ_7mZUM9maVB9do11e4fwhJ5skfu7kdU23MwwQwwC4KN8BRL0ZgmKuQSgH69Nj4c2hBOhMTYxyuM_6NN-0Zulb9Y9nWW2XTARakc3BO84gNnZiJxCSyJVdQxUSUk_971h4DyEvifX8ZyABXSWf4_WGgLO_KSskaCzQk3AVoxv1sModXgZiLDlyCA8nUk6x5HTNDiViNTGvt3MBpt0sstZ35sJA5uAGVb4F0QYJjMWGlXuKMovnOvRyiy-yLmVDZaDV5IO53MHlbtmjd09DBFucexQr2TJ_pYuxSeLR40IPOK6BUOanxNyTqi_eRkzNNjSzW65Q3UFXJoi5ZtLY4_hq8N8yXk1zn-oGqKKRncSF_mM0slZA5rvZWK-1o1reZrOY9kj0bb7lRd5cW0Is4zj7CusbJaeM-NB5towbPXbqnanDjP4MGkPK4iICYDTu66yAPhA_VcTcosc6_VeSD9-laRX8fcR6SsMaI5HI2ulRRw2Wtp3eWTA91dIG3Wwa0m-mNS8lkrsA9sLxSrxFqqVLtEif7mSEnXg3IWzFFFh1zBGjhF4E2eJO_Cjy79WKJUPeW3_MZ_2DxRZAuHJURxiXdhvReaf9_tullMtRMqUlJ69_2dl2fokbalwdpa8RJwi1HMl1XJynqlT_L46f74RTYylOBau3c98o5_-PhpmVVQfl_dwkcFQw3wE7oSUGJZUb3JYnL4M8BUm3cHC8QkwGpKPiUZxUcqzEZpafbontpGk0t9RtmIJJCKbjHBMKjBKHKfNTpnQMcFkXjRzmDbtyUCS0mWhKWyGo7Vyhj_hT8nsascwlP5lrKbr7zJxZ6cbNTqIlK7I5eR8WJHZcBqDjwP3HdBax_E4yTwO_zWodSf1VInT28SS6XeSgFZDGroS4mkSFP6m5IaIZxloSy8rkjmNWpNyCOf5e8Jkf-GckgFqCYhWO7A29KHP1Vf3WjjFTMx5yZM17Zi1Sl94Ud3awqMPVqlexRXgLvRBWLS45_xV8TCqDmulhqj-Cf4bXqTkAfhpjPNTKnTOwE5yLS7xQISFEPy25Ue_2oqqAVaKcs7PCdsdApH7O5EQ0bFNbpMxjizaNvRkIrtSubzJ9m6F0matokleSVPK5FwrxFHU0udZNA61M0pWHs0A5kr4MwtsB-p64tcj20R9_CTf5Bi1fqU8XVgnn8aTQ2KjF16wtZI3ey5n_lmPyqd-IgIZh-Pa3p8MObQNJ5ctOS9DmjtpG7-TDdjzAdwKNQ5EHs7gqWV9MKPPTlPAGwYNqB1PLzRqRC1G74ij20mUjAPyrUiTBniTCPnKIDxk-zuWPqbNHMcBttGkxnIqr20QINrOaS8784awFfK6iPm5o2jBvabar_MlCuPcw2tuhtRs1Hs0uo_mCkp5VWu3O1_K02CdSrdNJsf2bpgpmkdUYH6MG3y58LffMUAA4whP67kAFhnDz4J6P7eRMMxqvK2N2D5uar_d6qWl09Zd5Ig7wqvd3-2Os1t1tkzcFzNblCiNXct5R7_PB5hK2cz2PK-ykc_zcPDSRl8ltRZ5K419fyTeCTYcJQsIaA7gx2_ndXCvCzemDqZXwcd8CXh9O__vjdKkPZlGu4vPg0AWtohCPEvXfzAR2aB-1WsQO7zFbRQa-gUursIdrmBwiJyj5Bu6XZnjXk7PQGJziyNq-h_JDX6yE3dc3dmFdzF0IpVPlKdApDmjM48vcBmFKykmHdg54axCmKT-uwkNkkCoEpFz8AjfwwT9_TGdCQfOXfGOosGD1YrMbOQ04Nt9RQYy5hZE3elCTwwSm75FNpg-A1Z5co9OMhiGq3BA2iWLV188HZMMtcwPclhjQfEhuK0GjzfCA-S40NqioUDE_SeIAiXG7F3_yfkuL9ZZvwHAjpz9a6gpKeWJZOlGKHe4UT4n87CK2JjiX8LgDCRRs59x_wNQopV-_hX4TC8e-PcBzV_LGYRnrGAVurDkP1y-YDlSXC8233yry6o5-ZKXYduXvp4njnCARk-jQss0XmBaqn_MsJMbn6fh_fVWwq4LiIU52w9wntr7Po3ndVMjUfF1ofl5K0e-WZo59bqVmNyf-ujyiUuNIGm110_qYIeyGH2jWc695a4wA-JXcNU3E7vwXrsoCkmgG4AB-e7LYU040VpZk9pYDOF8E1GWvCiUt9hOD0MxC5SMzZkoJuHN6wJhLU1u3U0XNg0yM8IpjX_PY2e9IMw56mMGszNW12S3b9peRgpLw6Yrdgqfa6WNgFh06QPYGiLQfZUkw_1t4twvVJv1GIKob7CEuiqIVPaa7nr-376BqaO78JZJKtIQ9s-05IAAJ7VYbZcayN6NGp2_a9cbSZy3sgvV-sSHFLzaruP0lOYvj3u7rHDzNp6ZwdhJrV8V51bpoAoClhfUBChVC2n7niiIN9fn7mNThlVkwtnl1yGgd7fB0CfqTQFY6L2QfcdsDt9o4XlUo9dzite3Uwj7wHqzxHKxctJL8PBzrAz-IFWs269swaQLbWZW0xXqd9WsfSpWq_7i3gCWzsaMvFIM9mVdwoNS4XGGi7lCmRe_OsruwoyfwlkP50-5T9pFNiCbkESeZqnZCeRkQtJPn-henhlbLJuVVhi4Z4D89zuAZhXVb9ocSsdiS-RaSK6f3W0YnlUMFjnodnV95Mg2AnpvCZpA8rg&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F2EXk56&ds=l&xdt=1&iif=1&cor=9926312082979428000&adk=1964084971&idt=839&cac=0&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f157.1e100.net
Software
cafe /
Resource Hash
6181cd50cc2d4b87c7babd0494171d6884bf39317aa94e566494ae238d1992f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39010
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame BE28 		428 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7f7ce6720d28cc601ac9a03885cfa03ab7af2c4ffd98287b40eaac52a037a80d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1164235
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2824 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7059669812497&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2824 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7059669812497&version=m202309260101&ct=76&x=1&cor=8437012696208528000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2824 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxXo-VkuYfw23AXk3X8iqF-4kYDowZWqEPFL45WWLEAKfCbdhxU3rdTHoWWAOmTItmD0XtBg5yZL7xpExkTN3P155I5KAgW51mrx9Ge_OXmhpA7_4sYyotNoTFDaLlc2ie1UwkDmKxtDm17mUkA1WvvOvznuOtxNEBCLewNurAeyJv7mw&dbm_d=AKAmf-D8LPYLLB7rjA62q8wPjIaeVjGjVHHORdTUlnIaIuE9yqnI3o1q53erPcZBFL8izWKRz6nibeeOCvZDXFrUMnOyDLIiEVTGZc3zehcwbp8i17q0SUt83xnalM7WZ5rlco4A4HhjnNHFtVqRruKzGGJ31ds_hiDKpixUsjGsMnvRGARQOSEUDaHXHTJ8IXsyrAQjC_3A_JVYraqN8df_5FejvUl5cc6S25B_zt9NZ3phCtm2gny0dExldwrAjc0uQhBqGylJfQXCkFoDWBbNit_tPcQR_o-6lQqTGRh9Wdae9c0owkrtVac598jh5VRUvwMHRpzZgfpS0f1FLeluLGSvFHapZRk05ZoZ143CfjA2HAdaqJgFCnPvLcmHzrl4aN2RSxOIxcWbiHOpmsbNbCvndoPs1ie9vJIZDZ9s_wWCOEHwR-E2Xq2J9fC1NpLX2QjeLvrxkG898uUy0Kqx2fHuWrAbuBXRtExaUd7Ai4e5pnBLnxpw2PnvLaSjmZm-cHPeUGa9g5upWDe_ao5PmCRPBkk7vFXNacQnUIrYP7irHV7cPOSlQ1anRl0IJlECqx_8u73TpPYvrTGV2W6Be9UTslHKxmV7FlEPCCFwx9ppnp7aSnFSoVx8ZE-0L2e6lWzvY9yBfJc4Xck-tEo9L6iyEI10fqbJ0Kn2N9f9vd0wXrnJjOGrxtARB1PGcbjZWvqtwc9gxnTtdU6Z9kVImGcZlJOIWMgGrgkJ-cNu1BJ0fCUCEY8OrSo3Xq-CZd41y21fpSFNpoRPcAjJViycDbEviK7Y2_QsTtj6OrF1qBy7kvPeTlDG4ECqPjTO86lsUh9JnqEnQzaoPOwihiQW5OKc8Gh3tY2hFF5zDGYqZVkcIeHfCl69Zp12w2wb0wE2uSYoIHF1LfRNZJzp4xPRh3xhQoZ6eK0qa6FNVzAbg9W5nCQGRwsDcgZSGnS4iYJuvxApQ4FofykD6Vs8SAgImsPeQXVYnvr22NiFxXlJ_ADXVUY_89SoAqcKf-TyE898S2hQcm3lZBC0zwUIQJCjJBTTlr9SxS8PM-29xBEW7naC7deNIPA_kXGCau3oJDyCb_Un8ifP8fUjo5Q4TkE5Lm1fJH_geDjDgdCVJwXvYHLfuuUrLOa84GNdF81jE45Vng5CtP2dWh50xSzTHYsrYM1VzigPjf0w1nlvkpLUMHvK7BPRffmRZMyxOpYogp9v57tEGAaEogqqB8-HBKilUyZEXafSXq3ayUb7iIdNMdYQ-lvm403wpf1-qKRgWXzuZTqYdH9sODiJcyGj9VO4Q7itTlc6p1H-EloVgmnknun608Mq3BAzWs68NriSIkVT8Do2DtffZk51mmIGbKEE4WPrBP8b-wTa3RlXwproXc6fRH-mnZElRO57MT6C__0GBsjAkyPkNaXcR-x-TBeJabx9tmSTaqJ8D2ome-z9A5ecQURMNFAQnHJRPcSFmBaabELvhjGdmI6fIpZWR5OWh_yrJBymh8uffYzzgJPnOYJSLQi-ZjLkj6oZwgNt9f_Nq1d1LdofkKQXTDYKfFuJblu8ewizEHvQB3UXQjPWsnQ-NZy0AsMtP0S0cXND_sVtLH4125HkrKKzRsY5mTvVYppTOd7FGZJG6ge6TZeJZyOTCPqTTtFyT1nE88wJM_bgLze48JlncL9Z4a6GPui42KaeQVVdsw7HHUl3Ek76pbokzPx9moAKpw86FP4Ug-r-U5-3_O2x7fLQEW3FYSI2RK2ykQBHgfDFRMLc_DvMmdZoW6m0iVmX9FK9Op_KAfoPJK18Wd--AVhoPgMfjqBrCp7Pb1uKaRt0iGMIT9iZtKtCPs_9MZJMQNXHnAxlRJ-AHqP3OPj1AJZzKO-9NTqDOiRe1aliz3q6drz4FwcDagE4XZ4jjGfqLfGEG7M6Lmsq2NeJtjASUxQSnFrcuTpZ_2_Zq0YjuKe9smKDnHzJSjFCVc4ZI3c3l0Nyy3e_y21sBDf22nDFdf-0xIr6Q-LIrBujItsojPMlBUWu-QfTa-WEvHTby6L04YbTJ2QzbkfJsYNZ6qsSqip2sDB9Cp50-txNi1QFzSN8O7y7wjYWuEsus5ku4AZc4koZ4g5EaNI8kbu1ba3XnSn4DrBlwg_iHQaaC7gJaBUOfjzrRlXbqk3-1qycYCQ0xB81FwT3N8QmuOiuiwTz7tc3wDIMo9LfkfiQ_V803Ixu0Zq3sWpVc6uwf1xa14bxM47s_0iWjjbTc1BSWZay108Y0ljl0gFF-IV5Cyyc2cE73QIqWrjbd8O4h59qnofK2XgQe_p_LG_XOzYvR5VeVC1dCCtiU0NQSKCWDaBlYMjnHRB9TK8bfSTSTz8vrHXL8zsPrV9cW3PIyr-Jf0o-Wj2q7eTUw38npp-z7EfjT2YTZMLuanEskcjJbNTGDxLhxp3WgnN6nreMl6G3Blz8YeONjQa_mu7Jt9PJgddtV_5HpAU0AmxUgU-1tnwmB9WZ7lhszJ-3YsdK2OnpqlqoCb_hH_J8qE0XcMPv-u0kmMs3GfIQBFhypgdrLvExXyliMPiLT3TCsjfsJugSPBFSwOtE7ezRAfqE6BiMJPnaEswTKlKpE8GT_y6DDUimBQQ9CMLIllF7rXzaoAZIuQ75YCcyG-Gsu2hw7gZki2wuVSUMMLoHtoHSvUXmzJgsUg42gZVrKSW9owmluToXjT6nw1nBSZ47PAlX8YJr5rp1QEcpoSv1sYjWaydzyclHgulUecBYWCxB2ChfJ7j30_W9YqJ60sXGwZZ-PJABey833bd47R0cgawDPXliOly02vke-ay3LYAoOrtQkHqdbN9NZ-OBJ7COjtHipbgTeuC-3kRWE1mDeJ-WgeIgpinmhJsMOxHthA7FItoNgEvzgrbmC3C94ZsytkdEuy5csuBZDpQDGl3NZEm008cqB6iJCqSzZMZBsVysTTuIqJpqkrpaOL4_p3d2Ca4KiS79nRYudjFLm0yAymaGxLLACzNo-grbIrCVimViqX9V0MWMSxUsQeOUkBVlFToeII6bACMXE1yebvcdCd8159AuV9W9gu1D0-49qHQifQPfzpQIRU5GfOMuC37ctyTvtb2VmoktjkvciYpeVamvyc3EbMU3sRlN91CWtc3fl_bWwjffm3O9hRRzauFtFKhnOzT8UG8znVy_MVwx_p8vOsNUwRKvNUF3s8_RK9yWJkLGyZN-brEpp8NJqjnSdgI9cJszoDXiIrfT9tE5NLExFvu4YHXSxouR5_wibBaspooeUeqfS_pJFtaFYeYt_efYS7kjVNncxTRzbCWQGasi5MT9zUAVE4KMMucdODv4cMKysDQK9pOHgH-n4DITEsxy2kk1QjoXH4MxZe3RxjuYLnfgZp2Mh-YOUgs9_yig2Y_SUl0gLyxQ8Sg3ycZjRaPH3qJmShApTZTMS9S7LjMz6T6yXJ0MUnL_BtJDwN16XQfdBleu02qD5ozqPisI_vIC90U94xcZ0hhqYK2tOfzR9gQyPidkNd3x0qDDf0Qqyg6jDnNgYWBHuI836vJ-EH70kjztpwqfAz9PFCOBA3AgBna3tScgHRTJa82Q8YNvTQLWVs2BHT35cBA1RPpVcPP0ebev6TRgEdEARkbK6g2dyDGB-bFqnIbHwojs7SeGJ886V44kvfq0HNhnKsVQs-yJJbYJaLDL5SXVLeR0jO0JBDEMUMYmkzaAChf7IXZI6c8utfQOYGziFltIcz2RsYtuysZO7Yc3vBNJyuOL0Wpg5-JmUTgr0_makSfocmnthd2_AcYl5LpxMXc9NhgYzcj8HedO8EqtZgos8kqYHpcacMz_1B0dvd4wkr3ZJDcli55T-fcJiXM5WUzBxGRXRrZyUEVIwk1HlQ&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F2EXk56&ds=l&xdt=1&iif=1&cor=8437012696208528000&adk=3047537734&idt=806&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f157.1e100.net
Software
cafe /
Resource Hash
fc546d3033220d2fb65343b4f297fa8a65fd16211b5e4534cd745d2440ff8920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39075
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DD5A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdaAx0vJ3ZfXBH_PNssUP4puWmAjzxq_YdNTmy_3bEWQQASDSzIEaYL8FoAH824DnKcgBAqkCRzmmm7YPsj7gAgCoAwHIAwiqBLcCT9Bhv6S7gRRQW0Rl1il9u6lA7i3K11aVRVRVEDx0RdpA0s-Nkb9N6WSa4ZhrTzQPnuVxLIqAZhpyp-KRv3_bWiLLzaYW9c1XVxBf6QJYG9LxoKHRpYXm2q0i34f_o1FRnb_qaK-sL9f2SJvyhPIJnZCjcUJEYXlFPYUAg1Ko9N5W_KAij7CaS2Sr9GG_J4U331hd79YA81M7GXs1F54G9cIHJLdYULyvrAw5A_RUyvkrhlCK6nYx9nTBDc5S3QQ7yAxIVWHPa8w5UJXmSiayXkkoyI-rOLbMNUXPORUy2PkCxdG0FV09c5WEWeex-X2WeiXDA2AiL9YpgAJVFCWjNO3lndQYgNJTFN3zPYoB9x0dNvqeLS5zV9jKWyRh0GZMANLgv74d_hDme4E8sL0izfQUo_N_D4vABL7EpPG2BOAEAYgFu7Hnj02SBQQIBBgBkgUECAUYBKAGAoAH_JPRxgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDnqBDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WK25sKeYiYMDmgkfaHR0cHM6Ly9qYW1lcy1hZHZpc29yLmNvbS90YXJvdIAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEODmrMTg8M_Q2wESAgED4g0TCK-LsaeYiYMDFfOmrAId4o0Fg9gTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGbIYAyIBAA&sigh=O5s7k50cxD4&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame ACD2 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Origin
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 05:42:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame ACD2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0v8oZze367PFrK5cp1x1BEIj4nL4ZCfv55etIsLnd6dp8fs0v_Ad5QcgOM8kxSSra8mEjM_ioxQqY6edMebMy4OwOjmzi9uV7BU3pAafzpcNinz-ukrdcnLt4vYm6wP9MHV-5jGBFgLZQ4ubmrwolt_YScVp-BecFqcIQxtl8kbtukhc&dbm_d=AKAmf-DYwK-tCaUmJj2XknZaM6r8lKD_bmsbqylc7kfC-VziLBUUFaMGRLEgjiWeJ3GQQKvtYfFqwRafZAomPiUOmWRYEzOtfVqLiI4b8Hu6i2lVmyuBA-IcQE51GlRs6SVWZdbEV0NdB4mzo013ioO7qTE5xSmBCAD2PiqgAi2sKCbfFD1pjx6Sewt8PdUOjm_SL8dkvci9aPpBfFrrmah28JXDWg5NIbwB9FvFoNi79LlVmt21RxSqDsXep64llFUMtKrxeWRK-aVOlPRJ3E_4mo634QV7J9QezbG5qc7LJdoLFKbsp_M_gXef2ghaTXtIG5qX6uiMB570ujglvKZbyF0rAoXB-ta0MdFint7TpQH6OEBWTrl-og-_zKlOKOrx_506TGpsiP7sUgQk0QOf9PAY404IIilR2AWsEtVb7GYYGw-3HtBP5is4sLWh8L6gp8UDPMWCsWH3phEqst5HchgAE0g-Qy1F1lYTAQOWG0uIVH3TCUkXyT0Jzu_5SAZFlytw-coh4X3j3hRS1Bnnv1flPKrCAjMZNsZmvng7LR_490ockarGHtdCt-DP6inD8x69TcZSDZXWvJLASu0lLgGziEeOfFnXYq8Vve6DzSq_u5TewTm9VvAxa1nzePZ7cmpl0vmmjOl32CwuQagASmH4MhdmvQc0jrEQgHp2D6yBWn4W8IOtNHIVET8Vjz0lZnVbh_indF50oZI-BPMNJRxJiG43U-hkQ_38T5n_o44HexbxMw7Xw1gfJihapr41ADIkxVPnxEMRxf2rjHrWPMSrsF1dfsI_YXTi-Ko_N23HHEOiuXgtV_BhRb9jHP7IBjn_MddGHS4ee_L8t8ixfMUWqWF4y7u2v5GzvGE_lTJXBq9juxnWZNSKoOIjyeVXNDFYEr-0pzo01He8yzhg07zQHIn20IkM1KJK-D1jsiMhic2259JrTBaFEdCusH3Gwciq3ija_vsR7G97WUafoO0p0vs0XK3Uts-KqfILMxCqtryff3d5i8oZHU31kG0zGrayynqnrzFgfsjwsHylu4FVor05Ig2Y7ft1jqo9ZOgAxwvZBbXyTvqrF_lO-EZzQTWq6g_0V_jqd5rrMX9jbGfn65Wq4ta3kgaXwC2oJd11qEK-QnYaMCr4SFpqYLFocgHa2kJIqEIy_8y5DEUhcmYlzErIxDWmff3QakF5uJCvwfUVqziXNfQ_7mZUM9maVB9do11e4fwhJ5skfu7kdU23MwwQwwC4KN8BRL0ZgmKuQSgH69Nj4c2hBOhMTYxyuM_6NN-0Zulb9Y9nWW2XTARakc3BO84gNnZiJxCSyJVdQxUSUk_971h4DyEvifX8ZyABXSWf4_WGgLO_KSskaCzQk3AVoxv1sModXgZiLDlyCA8nUk6x5HTNDiViNTGvt3MBpt0sstZ35sJA5uAGVb4F0QYJjMWGlXuKMovnOvRyiy-yLmVDZaDV5IO53MHlbtmjd09DBFucexQr2TJ_pYuxSeLR40IPOK6BUOanxNyTqi_eRkzNNjSzW65Q3UFXJoi5ZtLY4_hq8N8yXk1zn-oGqKKRncSF_mM0slZA5rvZWK-1o1reZrOY9kj0bb7lRd5cW0Is4zj7CusbJaeM-NB5towbPXbqnanDjP4MGkPK4iICYDTu66yAPhA_VcTcosc6_VeSD9-laRX8fcR6SsMaI5HI2ulRRw2Wtp3eWTA91dIG3Wwa0m-mNS8lkrsA9sLxSrxFqqVLtEif7mSEnXg3IWzFFFh1zBGjhF4E2eJO_Cjy79WKJUPeW3_MZ_2DxRZAuHJURxiXdhvReaf9_tullMtRMqUlJ69_2dl2fokbalwdpa8RJwi1HMl1XJynqlT_L46f74RTYylOBau3c98o5_-PhpmVVQfl_dwkcFQw3wE7oSUGJZUb3JYnL4M8BUm3cHC8QkwGpKPiUZxUcqzEZpafbontpGk0t9RtmIJJCKbjHBMKjBKHKfNTpnQMcFkXjRzmDbtyUCS0mWhKWyGo7Vyhj_hT8nsascwlP5lrKbr7zJxZ6cbNTqIlK7I5eR8WJHZcBqDjwP3HdBax_E4yTwO_zWodSf1VInT28SS6XeSgFZDGroS4mkSFP6m5IaIZxloSy8rkjmNWpNyCOf5e8Jkf-GckgFqCYhWO7A29KHP1Vf3WjjFTMx5yZM17Zi1Sl94Ud3awqMPVqlexRXgLvRBWLS45_xV8TCqDmulhqj-Cf4bXqTkAfhpjPNTKnTOwE5yLS7xQISFEPy25Ue_2oqqAVaKcs7PCdsdApH7O5EQ0bFNbpMxjizaNvRkIrtSubzJ9m6F0matokleSVPK5FwrxFHU0udZNA61M0pWHs0A5kr4MwtsB-p64tcj20R9_CTf5Bi1fqU8XVgnn8aTQ2KjF16wtZI3ey5n_lmPyqd-IgIZh-Pa3p8MObQNJ5ctOS9DmjtpG7-TDdjzAdwKNQ5EHs7gqWV9MKPPTlPAGwYNqB1PLzRqRC1G74ij20mUjAPyrUiTBniTCPnKIDxk-zuWPqbNHMcBttGkxnIqr20QINrOaS8784awFfK6iPm5o2jBvabar_MlCuPcw2tuhtRs1Hs0uo_mCkp5VWu3O1_K02CdSrdNJsf2bpgpmkdUYH6MG3y58LffMUAA4whP67kAFhnDz4J6P7eRMMxqvK2N2D5uar_d6qWl09Zd5Ig7wqvd3-2Os1t1tkzcFzNblCiNXct5R7_PB5hK2cz2PK-ykc_zcPDSRl8ltRZ5K419fyTeCTYcJQsIaA7gx2_ndXCvCzemDqZXwcd8CXh9O__vjdKkPZlGu4vPg0AWtohCPEvXfzAR2aB-1WsQO7zFbRQa-gUursIdrmBwiJyj5Bu6XZnjXk7PQGJziyNq-h_JDX6yE3dc3dmFdzF0IpVPlKdApDmjM48vcBmFKykmHdg54axCmKT-uwkNkkCoEpFz8AjfwwT9_TGdCQfOXfGOosGD1YrMbOQ04Nt9RQYy5hZE3elCTwwSm75FNpg-A1Z5co9OMhiGq3BA2iWLV188HZMMtcwPclhjQfEhuK0GjzfCA-S40NqioUDE_SeIAiXG7F3_yfkuL9ZZvwHAjpz9a6gpKeWJZOlGKHe4UT4n87CK2JjiX8LgDCRRs59x_wNQopV-_hX4TC8e-PcBzV_LGYRnrGAVurDkP1y-YDlSXC8233yry6o5-ZKXYduXvp4njnCARk-jQss0XmBaqn_MsJMbn6fh_fVWwq4LiIU52w9wntr7Po3ndVMjUfF1ofl5K0e-WZo59bqVmNyf-ujyiUuNIGm110_qYIeyGH2jWc695a4wA-JXcNU3E7vwXrsoCkmgG4AB-e7LYU040VpZk9pYDOF8E1GWvCiUt9hOD0MxC5SMzZkoJuHN6wJhLU1u3U0XNg0yM8IpjX_PY2e9IMw56mMGszNW12S3b9peRgpLw6Yrdgqfa6WNgFh06QPYGiLQfZUkw_1t4twvVJv1GIKob7CEuiqIVPaa7nr-376BqaO78JZJKtIQ9s-05IAAJ7VYbZcayN6NGp2_a9cbSZy3sgvV-sSHFLzaruP0lOYvj3u7rHDzNp6ZwdhJrV8V51bpoAoClhfUBChVC2n7niiIN9fn7mNThlVkwtnl1yGgd7fB0CfqTQFY6L2QfcdsDt9o4XlUo9dzite3Uwj7wHqzxHKxctJL8PBzrAz-IFWs269swaQLbWZW0xXqd9WsfSpWq_7i3gCWzsaMvFIM9mVdwoNS4XGGi7lCmRe_OsruwoyfwlkP50-5T9pFNiCbkESeZqnZCeRkQtJPn-henhlbLJuVVhi4Z4D89zuAZhXVb9ocSsdiS-RaSK6f3W0YnlUMFjnodnV95Mg2AnpvCZpA8rg&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F2EXk56&ds=l&xdt=1&iif=1&cor=9926312082979428000&adk=1964084971&idt=839&cac=0&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
8577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 03:19:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame ACD2 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0v8oZze367PFrK5cp1x1BEIj4nL4ZCfv55etIsLnd6dp8fs0v_Ad5QcgOM8kxSSra8mEjM_ioxQqY6edMebMy4OwOjmzi9uV7BU3pAafzpcNinz-ukrdcnLt4vYm6wP9MHV-5jGBFgLZQ4ubmrwolt_YScVp-BecFqcIQxtl8kbtukhc&dbm_d=AKAmf-DYwK-tCaUmJj2XknZaM6r8lKD_bmsbqylc7kfC-VziLBUUFaMGRLEgjiWeJ3GQQKvtYfFqwRafZAomPiUOmWRYEzOtfVqLiI4b8Hu6i2lVmyuBA-IcQE51GlRs6SVWZdbEV0NdB4mzo013ioO7qTE5xSmBCAD2PiqgAi2sKCbfFD1pjx6Sewt8PdUOjm_SL8dkvci9aPpBfFrrmah28JXDWg5NIbwB9FvFoNi79LlVmt21RxSqDsXep64llFUMtKrxeWRK-aVOlPRJ3E_4mo634QV7J9QezbG5qc7LJdoLFKbsp_M_gXef2ghaTXtIG5qX6uiMB570ujglvKZbyF0rAoXB-ta0MdFint7TpQH6OEBWTrl-og-_zKlOKOrx_506TGpsiP7sUgQk0QOf9PAY404IIilR2AWsEtVb7GYYGw-3HtBP5is4sLWh8L6gp8UDPMWCsWH3phEqst5HchgAE0g-Qy1F1lYTAQOWG0uIVH3TCUkXyT0Jzu_5SAZFlytw-coh4X3j3hRS1Bnnv1flPKrCAjMZNsZmvng7LR_490ockarGHtdCt-DP6inD8x69TcZSDZXWvJLASu0lLgGziEeOfFnXYq8Vve6DzSq_u5TewTm9VvAxa1nzePZ7cmpl0vmmjOl32CwuQagASmH4MhdmvQc0jrEQgHp2D6yBWn4W8IOtNHIVET8Vjz0lZnVbh_indF50oZI-BPMNJRxJiG43U-hkQ_38T5n_o44HexbxMw7Xw1gfJihapr41ADIkxVPnxEMRxf2rjHrWPMSrsF1dfsI_YXTi-Ko_N23HHEOiuXgtV_BhRb9jHP7IBjn_MddGHS4ee_L8t8ixfMUWqWF4y7u2v5GzvGE_lTJXBq9juxnWZNSKoOIjyeVXNDFYEr-0pzo01He8yzhg07zQHIn20IkM1KJK-D1jsiMhic2259JrTBaFEdCusH3Gwciq3ija_vsR7G97WUafoO0p0vs0XK3Uts-KqfILMxCqtryff3d5i8oZHU31kG0zGrayynqnrzFgfsjwsHylu4FVor05Ig2Y7ft1jqo9ZOgAxwvZBbXyTvqrF_lO-EZzQTWq6g_0V_jqd5rrMX9jbGfn65Wq4ta3kgaXwC2oJd11qEK-QnYaMCr4SFpqYLFocgHa2kJIqEIy_8y5DEUhcmYlzErIxDWmff3QakF5uJCvwfUVqziXNfQ_7mZUM9maVB9do11e4fwhJ5skfu7kdU23MwwQwwC4KN8BRL0ZgmKuQSgH69Nj4c2hBOhMTYxyuM_6NN-0Zulb9Y9nWW2XTARakc3BO84gNnZiJxCSyJVdQxUSUk_971h4DyEvifX8ZyABXSWf4_WGgLO_KSskaCzQk3AVoxv1sModXgZiLDlyCA8nUk6x5HTNDiViNTGvt3MBpt0sstZ35sJA5uAGVb4F0QYJjMWGlXuKMovnOvRyiy-yLmVDZaDV5IO53MHlbtmjd09DBFucexQr2TJ_pYuxSeLR40IPOK6BUOanxNyTqi_eRkzNNjSzW65Q3UFXJoi5ZtLY4_hq8N8yXk1zn-oGqKKRncSF_mM0slZA5rvZWK-1o1reZrOY9kj0bb7lRd5cW0Is4zj7CusbJaeM-NB5towbPXbqnanDjP4MGkPK4iICYDTu66yAPhA_VcTcosc6_VeSD9-laRX8fcR6SsMaI5HI2ulRRw2Wtp3eWTA91dIG3Wwa0m-mNS8lkrsA9sLxSrxFqqVLtEif7mSEnXg3IWzFFFh1zBGjhF4E2eJO_Cjy79WKJUPeW3_MZ_2DxRZAuHJURxiXdhvReaf9_tullMtRMqUlJ69_2dl2fokbalwdpa8RJwi1HMl1XJynqlT_L46f74RTYylOBau3c98o5_-PhpmVVQfl_dwkcFQw3wE7oSUGJZUb3JYnL4M8BUm3cHC8QkwGpKPiUZxUcqzEZpafbontpGk0t9RtmIJJCKbjHBMKjBKHKfNTpnQMcFkXjRzmDbtyUCS0mWhKWyGo7Vyhj_hT8nsascwlP5lrKbr7zJxZ6cbNTqIlK7I5eR8WJHZcBqDjwP3HdBax_E4yTwO_zWodSf1VInT28SS6XeSgFZDGroS4mkSFP6m5IaIZxloSy8rkjmNWpNyCOf5e8Jkf-GckgFqCYhWO7A29KHP1Vf3WjjFTMx5yZM17Zi1Sl94Ud3awqMPVqlexRXgLvRBWLS45_xV8TCqDmulhqj-Cf4bXqTkAfhpjPNTKnTOwE5yLS7xQISFEPy25Ue_2oqqAVaKcs7PCdsdApH7O5EQ0bFNbpMxjizaNvRkIrtSubzJ9m6F0matokleSVPK5FwrxFHU0udZNA61M0pWHs0A5kr4MwtsB-p64tcj20R9_CTf5Bi1fqU8XVgnn8aTQ2KjF16wtZI3ey5n_lmPyqd-IgIZh-Pa3p8MObQNJ5ctOS9DmjtpG7-TDdjzAdwKNQ5EHs7gqWV9MKPPTlPAGwYNqB1PLzRqRC1G74ij20mUjAPyrUiTBniTCPnKIDxk-zuWPqbNHMcBttGkxnIqr20QINrOaS8784awFfK6iPm5o2jBvabar_MlCuPcw2tuhtRs1Hs0uo_mCkp5VWu3O1_K02CdSrdNJsf2bpgpmkdUYH6MG3y58LffMUAA4whP67kAFhnDz4J6P7eRMMxqvK2N2D5uar_d6qWl09Zd5Ig7wqvd3-2Os1t1tkzcFzNblCiNXct5R7_PB5hK2cz2PK-ykc_zcPDSRl8ltRZ5K419fyTeCTYcJQsIaA7gx2_ndXCvCzemDqZXwcd8CXh9O__vjdKkPZlGu4vPg0AWtohCPEvXfzAR2aB-1WsQO7zFbRQa-gUursIdrmBwiJyj5Bu6XZnjXk7PQGJziyNq-h_JDX6yE3dc3dmFdzF0IpVPlKdApDmjM48vcBmFKykmHdg54axCmKT-uwkNkkCoEpFz8AjfwwT9_TGdCQfOXfGOosGD1YrMbOQ04Nt9RQYy5hZE3elCTwwSm75FNpg-A1Z5co9OMhiGq3BA2iWLV188HZMMtcwPclhjQfEhuK0GjzfCA-S40NqioUDE_SeIAiXG7F3_yfkuL9ZZvwHAjpz9a6gpKeWJZOlGKHe4UT4n87CK2JjiX8LgDCRRs59x_wNQopV-_hX4TC8e-PcBzV_LGYRnrGAVurDkP1y-YDlSXC8233yry6o5-ZKXYduXvp4njnCARk-jQss0XmBaqn_MsJMbn6fh_fVWwq4LiIU52w9wntr7Po3ndVMjUfF1ofl5K0e-WZo59bqVmNyf-ujyiUuNIGm110_qYIeyGH2jWc695a4wA-JXcNU3E7vwXrsoCkmgG4AB-e7LYU040VpZk9pYDOF8E1GWvCiUt9hOD0MxC5SMzZkoJuHN6wJhLU1u3U0XNg0yM8IpjX_PY2e9IMw56mMGszNW12S3b9peRgpLw6Yrdgqfa6WNgFh06QPYGiLQfZUkw_1t4twvVJv1GIKob7CEuiqIVPaa7nr-376BqaO78JZJKtIQ9s-05IAAJ7VYbZcayN6NGp2_a9cbSZy3sgvV-sSHFLzaruP0lOYvj3u7rHDzNp6ZwdhJrV8V51bpoAoClhfUBChVC2n7niiIN9fn7mNThlVkwtnl1yGgd7fB0CfqTQFY6L2QfcdsDt9o4XlUo9dzite3Uwj7wHqzxHKxctJL8PBzrAz-IFWs269swaQLbWZW0xXqd9WsfSpWq_7i3gCWzsaMvFIM9mVdwoNS4XGGi7lCmRe_OsruwoyfwlkP50-5T9pFNiCbkESeZqnZCeRkQtJPn-henhlbLJuVVhi4Z4D89zuAZhXVb9ocSsdiS-RaSK6f3W0YnlUMFjnodnV95Mg2AnpvCZpA8rg&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F2EXk56&ds=l&xdt=1&iif=1&cor=9926312082979428000&adk=1964084971&idt=839&cac=0&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
13474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:58:10 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame ACD2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
274982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:19:42 GMT
truncated
/ Frame ACD2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10becb862d56d9599b65883e23aacfcf1c800311135d7727230f7c50d4d0f453

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 098F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&ttd_puid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0&gdpr_consent=
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&ttd_puid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&ttd_puid=a6b38533-d9a2-7c9f-f089-c75b0faa9fcf&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 05:42:44 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 098F
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXfy1MCo8YUAAAwdiP4AAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXfy1MCo8YUAAAwdiP4AAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 12 Dec 2023 05:42:44 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.86.58.171","key":"ZXfy1MCo8YUAAAwdiP4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad282"}
X-SO-Key
ZXfy1MCo8YUAAAwdiP4AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad282
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXfy1MCo8YUAAAwdiP4AAAAA
Cache-Control
private
X-SO-HostName
m-ad282.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
6
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
116.86.58.171
sd
jp-u.openx.net/w/1.0/ Frame 098F
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeJuUIOiO0ygks8AED41tKp8qc8AAAGMXIyQ9w
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeJuUIOiO0ygks8AED41tKp8qc8AAAGMXIyQ9w
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
via
1.1 ceabec403784e3c3155b50578b3935fc.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
HKG60-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AeJuUIOiO0ygks8AED41tKp8qc8AAAGMXIyQ9w
cache-control
no-cache
content-length
0
x-amz-cf-id
PBW3V24LnPnAgByJIJLfZw0k3ceIQ2e3SqyQisYQn16pkA3YdM9Biw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 098F 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGFkYzU2ZjktMTBkNS0yMjNiLWU1NjktOWRlMmM1NDg1MWFm
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 098F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFi3mi29NhEWu5eqKyzvDYY&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFi3mi29NhEWu5eqKyzvDYY&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFi3mi29NhEWu5eqKyzvDYY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2824 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Origin
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 05:42:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 2824 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxXo-VkuYfw23AXk3X8iqF-4kYDowZWqEPFL45WWLEAKfCbdhxU3rdTHoWWAOmTItmD0XtBg5yZL7xpExkTN3P155I5KAgW51mrx9Ge_OXmhpA7_4sYyotNoTFDaLlc2ie1UwkDmKxtDm17mUkA1WvvOvznuOtxNEBCLewNurAeyJv7mw&dbm_d=AKAmf-D8LPYLLB7rjA62q8wPjIaeVjGjVHHORdTUlnIaIuE9yqnI3o1q53erPcZBFL8izWKRz6nibeeOCvZDXFrUMnOyDLIiEVTGZc3zehcwbp8i17q0SUt83xnalM7WZ5rlco4A4HhjnNHFtVqRruKzGGJ31ds_hiDKpixUsjGsMnvRGARQOSEUDaHXHTJ8IXsyrAQjC_3A_JVYraqN8df_5FejvUl5cc6S25B_zt9NZ3phCtm2gny0dExldwrAjc0uQhBqGylJfQXCkFoDWBbNit_tPcQR_o-6lQqTGRh9Wdae9c0owkrtVac598jh5VRUvwMHRpzZgfpS0f1FLeluLGSvFHapZRk05ZoZ143CfjA2HAdaqJgFCnPvLcmHzrl4aN2RSxOIxcWbiHOpmsbNbCvndoPs1ie9vJIZDZ9s_wWCOEHwR-E2Xq2J9fC1NpLX2QjeLvrxkG898uUy0Kqx2fHuWrAbuBXRtExaUd7Ai4e5pnBLnxpw2PnvLaSjmZm-cHPeUGa9g5upWDe_ao5PmCRPBkk7vFXNacQnUIrYP7irHV7cPOSlQ1anRl0IJlECqx_8u73TpPYvrTGV2W6Be9UTslHKxmV7FlEPCCFwx9ppnp7aSnFSoVx8ZE-0L2e6lWzvY9yBfJc4Xck-tEo9L6iyEI10fqbJ0Kn2N9f9vd0wXrnJjOGrxtARB1PGcbjZWvqtwc9gxnTtdU6Z9kVImGcZlJOIWMgGrgkJ-cNu1BJ0fCUCEY8OrSo3Xq-CZd41y21fpSFNpoRPcAjJViycDbEviK7Y2_QsTtj6OrF1qBy7kvPeTlDG4ECqPjTO86lsUh9JnqEnQzaoPOwihiQW5OKc8Gh3tY2hFF5zDGYqZVkcIeHfCl69Zp12w2wb0wE2uSYoIHF1LfRNZJzp4xPRh3xhQoZ6eK0qa6FNVzAbg9W5nCQGRwsDcgZSGnS4iYJuvxApQ4FofykD6Vs8SAgImsPeQXVYnvr22NiFxXlJ_ADXVUY_89SoAqcKf-TyE898S2hQcm3lZBC0zwUIQJCjJBTTlr9SxS8PM-29xBEW7naC7deNIPA_kXGCau3oJDyCb_Un8ifP8fUjo5Q4TkE5Lm1fJH_geDjDgdCVJwXvYHLfuuUrLOa84GNdF81jE45Vng5CtP2dWh50xSzTHYsrYM1VzigPjf0w1nlvkpLUMHvK7BPRffmRZMyxOpYogp9v57tEGAaEogqqB8-HBKilUyZEXafSXq3ayUb7iIdNMdYQ-lvm403wpf1-qKRgWXzuZTqYdH9sODiJcyGj9VO4Q7itTlc6p1H-EloVgmnknun608Mq3BAzWs68NriSIkVT8Do2DtffZk51mmIGbKEE4WPrBP8b-wTa3RlXwproXc6fRH-mnZElRO57MT6C__0GBsjAkyPkNaXcR-x-TBeJabx9tmSTaqJ8D2ome-z9A5ecQURMNFAQnHJRPcSFmBaabELvhjGdmI6fIpZWR5OWh_yrJBymh8uffYzzgJPnOYJSLQi-ZjLkj6oZwgNt9f_Nq1d1LdofkKQXTDYKfFuJblu8ewizEHvQB3UXQjPWsnQ-NZy0AsMtP0S0cXND_sVtLH4125HkrKKzRsY5mTvVYppTOd7FGZJG6ge6TZeJZyOTCPqTTtFyT1nE88wJM_bgLze48JlncL9Z4a6GPui42KaeQVVdsw7HHUl3Ek76pbokzPx9moAKpw86FP4Ug-r-U5-3_O2x7fLQEW3FYSI2RK2ykQBHgfDFRMLc_DvMmdZoW6m0iVmX9FK9Op_KAfoPJK18Wd--AVhoPgMfjqBrCp7Pb1uKaRt0iGMIT9iZtKtCPs_9MZJMQNXHnAxlRJ-AHqP3OPj1AJZzKO-9NTqDOiRe1aliz3q6drz4FwcDagE4XZ4jjGfqLfGEG7M6Lmsq2NeJtjASUxQSnFrcuTpZ_2_Zq0YjuKe9smKDnHzJSjFCVc4ZI3c3l0Nyy3e_y21sBDf22nDFdf-0xIr6Q-LIrBujItsojPMlBUWu-QfTa-WEvHTby6L04YbTJ2QzbkfJsYNZ6qsSqip2sDB9Cp50-txNi1QFzSN8O7y7wjYWuEsus5ku4AZc4koZ4g5EaNI8kbu1ba3XnSn4DrBlwg_iHQaaC7gJaBUOfjzrRlXbqk3-1qycYCQ0xB81FwT3N8QmuOiuiwTz7tc3wDIMo9LfkfiQ_V803Ixu0Zq3sWpVc6uwf1xa14bxM47s_0iWjjbTc1BSWZay108Y0ljl0gFF-IV5Cyyc2cE73QIqWrjbd8O4h59qnofK2XgQe_p_LG_XOzYvR5VeVC1dCCtiU0NQSKCWDaBlYMjnHRB9TK8bfSTSTz8vrHXL8zsPrV9cW3PIyr-Jf0o-Wj2q7eTUw38npp-z7EfjT2YTZMLuanEskcjJbNTGDxLhxp3WgnN6nreMl6G3Blz8YeONjQa_mu7Jt9PJgddtV_5HpAU0AmxUgU-1tnwmB9WZ7lhszJ-3YsdK2OnpqlqoCb_hH_J8qE0XcMPv-u0kmMs3GfIQBFhypgdrLvExXyliMPiLT3TCsjfsJugSPBFSwOtE7ezRAfqE6BiMJPnaEswTKlKpE8GT_y6DDUimBQQ9CMLIllF7rXzaoAZIuQ75YCcyG-Gsu2hw7gZki2wuVSUMMLoHtoHSvUXmzJgsUg42gZVrKSW9owmluToXjT6nw1nBSZ47PAlX8YJr5rp1QEcpoSv1sYjWaydzyclHgulUecBYWCxB2ChfJ7j30_W9YqJ60sXGwZZ-PJABey833bd47R0cgawDPXliOly02vke-ay3LYAoOrtQkHqdbN9NZ-OBJ7COjtHipbgTeuC-3kRWE1mDeJ-WgeIgpinmhJsMOxHthA7FItoNgEvzgrbmC3C94ZsytkdEuy5csuBZDpQDGl3NZEm008cqB6iJCqSzZMZBsVysTTuIqJpqkrpaOL4_p3d2Ca4KiS79nRYudjFLm0yAymaGxLLACzNo-grbIrCVimViqX9V0MWMSxUsQeOUkBVlFToeII6bACMXE1yebvcdCd8159AuV9W9gu1D0-49qHQifQPfzpQIRU5GfOMuC37ctyTvtb2VmoktjkvciYpeVamvyc3EbMU3sRlN91CWtc3fl_bWwjffm3O9hRRzauFtFKhnOzT8UG8znVy_MVwx_p8vOsNUwRKvNUF3s8_RK9yWJkLGyZN-brEpp8NJqjnSdgI9cJszoDXiIrfT9tE5NLExFvu4YHXSxouR5_wibBaspooeUeqfS_pJFtaFYeYt_efYS7kjVNncxTRzbCWQGasi5MT9zUAVE4KMMucdODv4cMKysDQK9pOHgH-n4DITEsxy2kk1QjoXH4MxZe3RxjuYLnfgZp2Mh-YOUgs9_yig2Y_SUl0gLyxQ8Sg3ycZjRaPH3qJmShApTZTMS9S7LjMz6T6yXJ0MUnL_BtJDwN16XQfdBleu02qD5ozqPisI_vIC90U94xcZ0hhqYK2tOfzR9gQyPidkNd3x0qDDf0Qqyg6jDnNgYWBHuI836vJ-EH70kjztpwqfAz9PFCOBA3AgBna3tScgHRTJa82Q8YNvTQLWVs2BHT35cBA1RPpVcPP0ebev6TRgEdEARkbK6g2dyDGB-bFqnIbHwojs7SeGJ886V44kvfq0HNhnKsVQs-yJJbYJaLDL5SXVLeR0jO0JBDEMUMYmkzaAChf7IXZI6c8utfQOYGziFltIcz2RsYtuysZO7Yc3vBNJyuOL0Wpg5-JmUTgr0_makSfocmnthd2_AcYl5LpxMXc9NhgYzcj8HedO8EqtZgos8kqYHpcacMz_1B0dvd4wkr3ZJDcli55T-fcJiXM5WUzBxGRXRrZyUEVIwk1HlQ&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F2EXk56&ds=l&xdt=1&iif=1&cor=8437012696208528000&adk=3047537734&idt=806&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
8577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 03:19:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2824 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxXo-VkuYfw23AXk3X8iqF-4kYDowZWqEPFL45WWLEAKfCbdhxU3rdTHoWWAOmTItmD0XtBg5yZL7xpExkTN3P155I5KAgW51mrx9Ge_OXmhpA7_4sYyotNoTFDaLlc2ie1UwkDmKxtDm17mUkA1WvvOvznuOtxNEBCLewNurAeyJv7mw&dbm_d=AKAmf-D8LPYLLB7rjA62q8wPjIaeVjGjVHHORdTUlnIaIuE9yqnI3o1q53erPcZBFL8izWKRz6nibeeOCvZDXFrUMnOyDLIiEVTGZc3zehcwbp8i17q0SUt83xnalM7WZ5rlco4A4HhjnNHFtVqRruKzGGJ31ds_hiDKpixUsjGsMnvRGARQOSEUDaHXHTJ8IXsyrAQjC_3A_JVYraqN8df_5FejvUl5cc6S25B_zt9NZ3phCtm2gny0dExldwrAjc0uQhBqGylJfQXCkFoDWBbNit_tPcQR_o-6lQqTGRh9Wdae9c0owkrtVac598jh5VRUvwMHRpzZgfpS0f1FLeluLGSvFHapZRk05ZoZ143CfjA2HAdaqJgFCnPvLcmHzrl4aN2RSxOIxcWbiHOpmsbNbCvndoPs1ie9vJIZDZ9s_wWCOEHwR-E2Xq2J9fC1NpLX2QjeLvrxkG898uUy0Kqx2fHuWrAbuBXRtExaUd7Ai4e5pnBLnxpw2PnvLaSjmZm-cHPeUGa9g5upWDe_ao5PmCRPBkk7vFXNacQnUIrYP7irHV7cPOSlQ1anRl0IJlECqx_8u73TpPYvrTGV2W6Be9UTslHKxmV7FlEPCCFwx9ppnp7aSnFSoVx8ZE-0L2e6lWzvY9yBfJc4Xck-tEo9L6iyEI10fqbJ0Kn2N9f9vd0wXrnJjOGrxtARB1PGcbjZWvqtwc9gxnTtdU6Z9kVImGcZlJOIWMgGrgkJ-cNu1BJ0fCUCEY8OrSo3Xq-CZd41y21fpSFNpoRPcAjJViycDbEviK7Y2_QsTtj6OrF1qBy7kvPeTlDG4ECqPjTO86lsUh9JnqEnQzaoPOwihiQW5OKc8Gh3tY2hFF5zDGYqZVkcIeHfCl69Zp12w2wb0wE2uSYoIHF1LfRNZJzp4xPRh3xhQoZ6eK0qa6FNVzAbg9W5nCQGRwsDcgZSGnS4iYJuvxApQ4FofykD6Vs8SAgImsPeQXVYnvr22NiFxXlJ_ADXVUY_89SoAqcKf-TyE898S2hQcm3lZBC0zwUIQJCjJBTTlr9SxS8PM-29xBEW7naC7deNIPA_kXGCau3oJDyCb_Un8ifP8fUjo5Q4TkE5Lm1fJH_geDjDgdCVJwXvYHLfuuUrLOa84GNdF81jE45Vng5CtP2dWh50xSzTHYsrYM1VzigPjf0w1nlvkpLUMHvK7BPRffmRZMyxOpYogp9v57tEGAaEogqqB8-HBKilUyZEXafSXq3ayUb7iIdNMdYQ-lvm403wpf1-qKRgWXzuZTqYdH9sODiJcyGj9VO4Q7itTlc6p1H-EloVgmnknun608Mq3BAzWs68NriSIkVT8Do2DtffZk51mmIGbKEE4WPrBP8b-wTa3RlXwproXc6fRH-mnZElRO57MT6C__0GBsjAkyPkNaXcR-x-TBeJabx9tmSTaqJ8D2ome-z9A5ecQURMNFAQnHJRPcSFmBaabELvhjGdmI6fIpZWR5OWh_yrJBymh8uffYzzgJPnOYJSLQi-ZjLkj6oZwgNt9f_Nq1d1LdofkKQXTDYKfFuJblu8ewizEHvQB3UXQjPWsnQ-NZy0AsMtP0S0cXND_sVtLH4125HkrKKzRsY5mTvVYppTOd7FGZJG6ge6TZeJZyOTCPqTTtFyT1nE88wJM_bgLze48JlncL9Z4a6GPui42KaeQVVdsw7HHUl3Ek76pbokzPx9moAKpw86FP4Ug-r-U5-3_O2x7fLQEW3FYSI2RK2ykQBHgfDFRMLc_DvMmdZoW6m0iVmX9FK9Op_KAfoPJK18Wd--AVhoPgMfjqBrCp7Pb1uKaRt0iGMIT9iZtKtCPs_9MZJMQNXHnAxlRJ-AHqP3OPj1AJZzKO-9NTqDOiRe1aliz3q6drz4FwcDagE4XZ4jjGfqLfGEG7M6Lmsq2NeJtjASUxQSnFrcuTpZ_2_Zq0YjuKe9smKDnHzJSjFCVc4ZI3c3l0Nyy3e_y21sBDf22nDFdf-0xIr6Q-LIrBujItsojPMlBUWu-QfTa-WEvHTby6L04YbTJ2QzbkfJsYNZ6qsSqip2sDB9Cp50-txNi1QFzSN8O7y7wjYWuEsus5ku4AZc4koZ4g5EaNI8kbu1ba3XnSn4DrBlwg_iHQaaC7gJaBUOfjzrRlXbqk3-1qycYCQ0xB81FwT3N8QmuOiuiwTz7tc3wDIMo9LfkfiQ_V803Ixu0Zq3sWpVc6uwf1xa14bxM47s_0iWjjbTc1BSWZay108Y0ljl0gFF-IV5Cyyc2cE73QIqWrjbd8O4h59qnofK2XgQe_p_LG_XOzYvR5VeVC1dCCtiU0NQSKCWDaBlYMjnHRB9TK8bfSTSTz8vrHXL8zsPrV9cW3PIyr-Jf0o-Wj2q7eTUw38npp-z7EfjT2YTZMLuanEskcjJbNTGDxLhxp3WgnN6nreMl6G3Blz8YeONjQa_mu7Jt9PJgddtV_5HpAU0AmxUgU-1tnwmB9WZ7lhszJ-3YsdK2OnpqlqoCb_hH_J8qE0XcMPv-u0kmMs3GfIQBFhypgdrLvExXyliMPiLT3TCsjfsJugSPBFSwOtE7ezRAfqE6BiMJPnaEswTKlKpE8GT_y6DDUimBQQ9CMLIllF7rXzaoAZIuQ75YCcyG-Gsu2hw7gZki2wuVSUMMLoHtoHSvUXmzJgsUg42gZVrKSW9owmluToXjT6nw1nBSZ47PAlX8YJr5rp1QEcpoSv1sYjWaydzyclHgulUecBYWCxB2ChfJ7j30_W9YqJ60sXGwZZ-PJABey833bd47R0cgawDPXliOly02vke-ay3LYAoOrtQkHqdbN9NZ-OBJ7COjtHipbgTeuC-3kRWE1mDeJ-WgeIgpinmhJsMOxHthA7FItoNgEvzgrbmC3C94ZsytkdEuy5csuBZDpQDGl3NZEm008cqB6iJCqSzZMZBsVysTTuIqJpqkrpaOL4_p3d2Ca4KiS79nRYudjFLm0yAymaGxLLACzNo-grbIrCVimViqX9V0MWMSxUsQeOUkBVlFToeII6bACMXE1yebvcdCd8159AuV9W9gu1D0-49qHQifQPfzpQIRU5GfOMuC37ctyTvtb2VmoktjkvciYpeVamvyc3EbMU3sRlN91CWtc3fl_bWwjffm3O9hRRzauFtFKhnOzT8UG8znVy_MVwx_p8vOsNUwRKvNUF3s8_RK9yWJkLGyZN-brEpp8NJqjnSdgI9cJszoDXiIrfT9tE5NLExFvu4YHXSxouR5_wibBaspooeUeqfS_pJFtaFYeYt_efYS7kjVNncxTRzbCWQGasi5MT9zUAVE4KMMucdODv4cMKysDQK9pOHgH-n4DITEsxy2kk1QjoXH4MxZe3RxjuYLnfgZp2Mh-YOUgs9_yig2Y_SUl0gLyxQ8Sg3ycZjRaPH3qJmShApTZTMS9S7LjMz6T6yXJ0MUnL_BtJDwN16XQfdBleu02qD5ozqPisI_vIC90U94xcZ0hhqYK2tOfzR9gQyPidkNd3x0qDDf0Qqyg6jDnNgYWBHuI836vJ-EH70kjztpwqfAz9PFCOBA3AgBna3tScgHRTJa82Q8YNvTQLWVs2BHT35cBA1RPpVcPP0ebev6TRgEdEARkbK6g2dyDGB-bFqnIbHwojs7SeGJ886V44kvfq0HNhnKsVQs-yJJbYJaLDL5SXVLeR0jO0JBDEMUMYmkzaAChf7IXZI6c8utfQOYGziFltIcz2RsYtuysZO7Yc3vBNJyuOL0Wpg5-JmUTgr0_makSfocmnthd2_AcYl5LpxMXc9NhgYzcj8HedO8EqtZgos8kqYHpcacMz_1B0dvd4wkr3ZJDcli55T-fcJiXM5WUzBxGRXRrZyUEVIwk1HlQ&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F2EXk56&ds=l&xdt=1&iif=1&cor=8437012696208528000&adk=3047537734&idt=806&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
13474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:58:10 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2824 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:19:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
274982
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:19:42 GMT
truncated
/ Frame 2824 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b74e4c7a0bb376193410718eef3475bf52586dbac54a32e5625a618975427e8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6197 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
329852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 10:05:12 GMT
expires
Sat, 07 Dec 2024 10:05:12 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7428 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
329852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 10:05:12 GMT
expires
Sat, 07 Dec 2024 10:05:12 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=4219.121733420037&pid=5434&url=https%3A%2F%2Freurl.cc%2F2EXk56
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-31.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
e82f3213862ab66ee4c6792ca782e15f4fb70a821e1a38c4eecb83896c07b898

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:45 GMT
content-encoding
gzip
via
1.1 4131ec989d99fd1d462624964e79e8a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
9MpRjLFjEPLDnE62-7mW-mfHRSRrgTlQbTa8dnktIVq80nwnqhvwhQ==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6197 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 05:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
344992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 05:52:52 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7428 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 05:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
344992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 05:52:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F999 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBFo1zZbH8gzSshvvtkwvfgtGRXFXLuhALioPVjI3bnQgnug4kXPnhi4SGtO13ggvIaqQ0ZsK04w0v1ysY1i2Y3dG34fSALni_OE2pc9dwWkjXajhjX982r8TEVdNyF4FvSdZxkSrCoUOouoFvx3iRCxqw&sig=Cg0ArKJSzJgA84nIK4g5EAE&id=lidar2&mcvt=1032&p=1180,1599,1181,1600&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702359762945&rpt=885&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame C8E5 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 06:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
344534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 06:00:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5770c92734fef6a50000000000000000%22,%222%22:%220x423a7fd2425ed3ba0000000000000000%22,%223%22:%220x8c2dbd14d49d1fe10000000000000000%22,%224%22:%220x2ae125da2b05c7f0000000000000000%22,%225%22:%220xcae18ad38d453bdb0000000000000000%22},%22debug_key%22:%2213136617319782920102%22,%22debug_reporting%22:true,%22destination%22:%22https://cheers.com.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22820724779%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224960405234535923073%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 05:42:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6197 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGmgV1PJ3ZcaoDfaN9fwP_6aUkAcAAAAAOAHgBAI&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfOKvL0dkAOGOd7vhuF6imagvI0IUKN9_8vc2kZY522zKxvza5HAnTCm3LGh-HnLM7AgAAAMNSAAAAA2gBBwoAR7D9ec2628AACfLtpghC7WKzaVnewRRDcFZQoBMiMvM_g_4FYcocf5eKyY4uXNJXDiIg1jdj_BJkiRSlZR5SquFRSEHXc3tqmQNH55Gv3uWhfv47d-vZjW_Qu9y4dtHIIYVnnZLPtWhpla8tiN6ltM2uwEbKC1--sFTsksfD0fF7zJfp6vn2HxrWocd93oebtQodenc3x3orgc2z6wmhTGoXg6E6LwBzz9TY6DDNLU78KIVaC0Hv3hyYginQvY4NJawmLvRpI-ivLCf9kZHP2dyMu2mh8CToHBXhXsTL8F-GFUZL3-SM9IqeoAqyWvN1cIapb3l5V8FpasbEN3D6z-ElcgqFLdoxG8Ico_k-e82e9AxYsE7LeLnn6tMncZsM7htZFVb3BJmvq6oXYyVw1ZPVPG1Uj64JsC6Yw-c0xVwWsK_kJSvksm9v0O7WqvnAGESxX8hZ2vxl-o27aJRoL7F9J4Xl0_IXdRN67Z41F6wACTRUOtwv5N6iZNg4L9Dn7B6QLsS6loHpVf0AQuKHt5oJNAjQT-mzQNd5ghEKrk47ygo93Waw2kK0OI7i7raXGBinxnB3tDQRPLKFID8Ub9DGKcCUgnD0BeTIbkSXg68lNqgHON19B8ARR7ZkjA5AcSzXjz98ZTr5QrRX_eC0-YyOUz7SJDmylTtr-D6qlpznKZ0RVgqR_g9BD-MabrrttioVSqJNNXbRq0sg1n0E1B3zl7aIKSAjSH2v1zkWHoX8qz8IA6sr-Y0Sroz-53FyuoVxEHFH4_XyrttA4Ro1h_NCQNpJcM51ywn6MceivRM-aH8BYRLLTJz-43RaYhB9gZegr5N8ydhTuxWzCOqfzRpLTG3td5HS8Ldl7U0NHsWcFZslQ0yZB2f1NmRnEH_BHN3j5q68M3kDe4PVGy75JJiLEEuKQ-NFWbwLJvWgGbTnr7LhxJypbwQ0oL4kOOpissKW-nJP0PS9SkgHe7XWY2dhvIpUmAXSo2ChHlOaR84E269XhA9L4m5vNXXh7AnnUCFYpzjR_fYXtZI6FojDLcZuNHpeL7I6DeODibrfJKs6_cv0AvSmHbTxU5Zimacs2ubUJbFHc-QzPfIN3jMSwD-Xk2D2fApOwzqodf6DGHUhhG28y7OFbAQtP1wI0cQ2ryzH9KuvV0nqcQuCbJ7GQ69ruEcg1WqOUSHDELxuU7G3kmhf2_Q85egjU3ksV2YV3T0
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7428 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbLNZ1PJ3ZYLKD-qN9fwPyqCW0AwAAAAAOAHgBAI&bg=!k5ClkN_NAAY3kmNgF5I7ADQBe5WfOJ-sweT9prJJOmhj9IKT2eYxa1Js-BrSUnAr3pW8-H3x1OisqcLlxotMph9dm_rPAgAAASRSAAAABGgBBwoAPthlzQ5UaOMnzk_POZ83W3ENdCgS3WnoThnuXLAiODJDtb4npb2PVWG7Gm0txBs11aMTMeegn91cPFZICyPimQMsvgsxNOgI0RBc5QHt9vBbgY6UrjeSk26pcJ3vMV6iyz4QSMU0hKJ5zfXh5dLMImEojGd-ig5XeX-Q1B31JPMBfoN0DTqwGe1eBbmYlmXS7WnMo7xL6IaMemjv1pfKRpLG-qvHbJASrROdaIwa9JHzJ-UEVIn7zhK3FG8Iz6smSSdFUCG-sY8Uzo4ByncX8lGmTK6n0I09VwgbbaXd9gJYpfSPJqUA9K2bBEeudnO6f2ok99rWojnVKFFaHwXUQ8hT4PyMa1niPw6KV03LBHWant6TevKRssSm6QzMSzdWxU53LAllNWsXlK8FMRBR2N3EhR1TFI_iJdZUCOXjUSbq7Trr-ufLXE-TtIYJGPqbxrnRCcm2QoqXBr3XAWclXUZu_a9lE9uaU73H1Oj-md1E9fClh13HTxuX5CH6BwwmQgiy-FvlH1E4oVX3A5sG5s7rUP4LiVmMgNOJe8MUsC9PjQRs_LSBxAZZN-wd6P-ojb5xj2E9UPM9XboIA8BLUfYc4gryFLw0nD4tY-T05nFjNvM6s6g8v5QbSMYoVmdFxXB_j2eO7quKkce0fg35bGPFOajR6EDO6a7-4YEE5XUXXZxTgg4-D6y3bCKLbn6_QRLEr6aU6wAVOfNfiGG9W5wA9C9UxlZuW-pyBs_yuWqfopsvtdz1ZqTiTNq-pYIA04_UVfB8FO6tp9jK3Alk2JzbKGvg0tB6sbm-MS0w-qaHeeFKt1ArHATEZcOuUDABAs6g5j6zmcOtlIVGgN6yscA-XxF1aDaXjhBiRXspnShpfDIrhkIOIPxUBYR22xgqMq2ApJUZUEy10E8473cZ3XMVJVH67pF5oX2M7st4q-qMRP_qJMWnYFp5C3ooMxHvP5szfdoectPQMxY99QsM4jDKAfqh4oZpYgzw3B7yBKdA0B9Q0RQKYE1O6XkUH0GjkAYeu-a3o2Bxl8fiIM6FUore0XbSq1O_nwaQEdo0XUMOKvVmUoKL7ve-soYsJzVdtj0Jrepbi_Jp7DmTYeY9Eif91KPFLsWWtzqw5-u1Hdybpt7JKWVY3AQL_P98B5HZa72rV_yjtnpdEeWcM9o
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD5A 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubIw5hbA1hBbEK79EUTXaAcnnYzHOdavpfIzAaYSVOkoMb4Ge2BJWjd6BVgVJQAmweUGakiwl38yeGiW3lw_d-7TiS-d3mwWiVipj8SaO9hXwZkHAK5KPCqSpxjPAquthl_z4Rf753a_WOeHW-vilgJYmc&sai=AMfl-YRiPrksTTDQBfrbhsJsqhGwjcgEzR2s29JpnkMtab8qhdra4nKG-T82bM3Oc_TZgkO83l4fiDeZJZjwAf9XmuXLlQT7KsE8mhQ_S-l3IbLZeOsEBS77_QlxWrxSN0vTdo064MsB0BeAtTS5Q5vO&sig=Cg0ArKJSzHf5XEaC8GAvEAE&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1071&tls=2071&g=100&h=100&tt=2071&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ACD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvK3WYN0PRKXGGggmT8jOC0_N1rkC0HCiV_bSdWi0gjgvAeu-VZq3Qu_n6M0FaETFbna7svwrGBBlg3uE4u0ZP1riZEzLS8LfHQxyS2otuc4ACZZ990XETKC6eqSnlI9qA7lGbkzwDjmpLboSLoKzeITOIKcZjTRmOmC8osporcfXJKGE3_Muf1XuL9ryiIPDVzTcqx9xOr47Ux2NuvmFiIVDVzlOxefLElPyQt_1J7ham2hdyCUX5j2dD_35hg0G82N6l-QsKvcU20EwVyBlqlWmFO8N0EMN8xpnwxfq35_A4tKzVyxH97F-nBGFYwlSZ0DOghxul-CdNSbLY94ZzF_zvXG74i6ewdkcVgl1Juy3-BPDjSOMqo3dcVwCDjE6crAAXjU1IiIz85Hk6bObGAHJUQH-AWxmFvWYNNm4aGiFf-3-5u3gl3a43RwrLgvx1wA9uUdktvwAs-TwtPP3Z0RyWvIsF2sSoiL4rfqGyMg0owuWN330jSRmrS7f2Ao2cML-u1778x3bkpSOuyKtFy_L8odEMQnSw_84yN37NR1o-3MePyOvI0qrUl3gWE6HWMQ4Wgeq30s2fUqoqyF4wbVNiB-0OjmoBgZn3xmdCmWh6Rtik7pBGra0dhNxIUphJUVRWuaat-dYkp73dPKVUM6wdO6z8q5jSbCWygcOl-h9zfHLDwNfD-MValHnaTTuO6Q_GXO4BmY0wqFep4WOu1AcRG9mS9AkoDe0mFvHggHTKM-ToS728KDBuFzSyZYcpv07xyatklyq1RZI2O2f6EgmoqGWdI2uUmdYN2nD56EkcrCk-B0O6DKbkvKABVi0OCURG2RH-mhM9a74B-pJYUUhPxZX0DDyDgn4vHPnWzE3t7FwrLmsVxCksnqoVmmGYlcwoQ-bgEDFOEGAMPogtXj7dDBSG1qD5mfiVGZdv_7e0hGWR9a85rSvJkApjX6Nlj6VL-IVi0tpkfF8q5d4i5c8NjUGhAQIOqHW7ica_khiPX0lNCtXW_xj0kWyV1yxVvCdInbpv1UDQh1vBpPTOVsCmLq3MPwVioAlx2PtRzjPovDbcNZidKwt4TQ-KlZvS79m8awwWCO27p8KwAGEcxE4HFhF7gtlL4w_Kwu3X6LFkNFvikJRGZb9ark9T6yR2yudV6Fa629MnbCgQl9Ctv7O8iCiTvRSQQa_VnPphvUHp6Z_D-QNCt3huvPRMcVxo7MUvU95PKkBHD6VeaZf-F5NqFBrlrOaZGVfFUjdr34nSgWdJCARPzWu8ZAd3PGsWhM3o-1Ag0UcrC7ZLZQ6R-RX0Mfn9xNTbW3uPAWbwxnUDrAAVSO36-fKc3KRk36Qm9aSOmd2vw2BYhpxVW0F8AhvJKLCVMJN2SC2waL0z54ttSQvXpSCIu_Bhgobfp9IaZnj_LaowOh-FuPUC3Qs0Is-3o2L1VYeTXqR69diJ1d2LwHBj8-quLjcKfFWzyRXjIol7eDsLBzQoSPwkwp-RgmF3bBy-mOFBF_CazfwzyZY27XVikxSJ3BV_PTbTz&sai=AMfl-YSrCx-kBr7ZPdxqwXkKEdTLSH4gg9EFP-o5gXgusFxx2jUIgjubmFIjDQU8J0sU8LXwSyNmYaYJZacMB_EIU2FCO1Kbv3SlOd7DK2GPeHLx_g1da2dQ7klj85LONZV1TGUbPr_bfMBBGoOlRA8efqJ59r1hwW2re51moLTW96qVWQccskS-tonQBP6_kBgRFFX4rEPaPR80QD3MhwG_FNAlHb3wkBF_EAztjxzfiHDxL1PIZSUaqY0RBLNIQC5UMth_cYAWuCzv-_c1AsYLx4WsGS745c5mr_cIDP41_lO9x5c8Fyc87NlaFJqtm8Z8&sig=Cg0ArKJSzJCgIKMyaw5HEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=844&cbvp=1&cisv=r20231207.11587&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2139356605749966892
s0.2mdn.net/simgad/ Frame ACD2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2139356605749966892
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
c0b10eb992c2fa0e7dedc1a0b6928bc7b4a878fef9e93e3c1e6305912e408a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 05:39:39 GMT
x-content-type-options
nosniff
age
345787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14890
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 13:49:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 05:39:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2824 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4rc6vdGdqgv0-eTCVXB1Kl1zGyT1fQJMjB74KSD2lfNJXoW8ZqdVwAHJROU9FthwlZTPY8Hccj-F0DlsY6J9YELsi8xnUK9EQDmQePRc1hs7pZ5vCiqfo_JX6OcRj4YA_mTxo5B6C9MGx6FdyrjjhBSM-FtiYQnIMGzQjylNvjElkuTImgw5x1IMJyyoXXzxtrGe1gsc58Gb-r4LXEykZ8yMXqRQ6u7ambfroHwozrFkgFrsOdoJ5k18j1v29tFrwKRHNDKQGi63e1U9_h3hY2JAdzPaEgI8ypkeoDY4EXdS-uLmoZjhtUdCxWYyzARlUDIzuc27z2yd_khD1kpAnvwkXZP8QkwvsURmtiZ8aLCKQ9c6nwE9XY7zk87pqRB6819UzWQKT8fXUfziCucfIE12h7rX9qS4UwfS73cihkPvJy4Wbd59HblaY4xwo0a-ZNAomAFJUFwJl5BdEXPidr-AaWGXUGJeGDPOtrR7yusn5De6ZSEP6kjogdGZ2rTDF5vVCfHcwpw3zZzSkn--jDKkafeOMoNe7-yx15d-qM9aEN-jhPesxboWmWX-qwHQRU325WMp0ZGald1vEQRQFEy9j1_OLazWz10DWNhio2Hn4WXgn1W2m7HjPAVR1egkjlc3PSG92gfz4sk53tXUfr9sirLRFLeFb34lo9-2sEFZd6mAMe_lnRQxKU3y8mzeCVBCW--wwdg-KZHn0uVMXbjVnBKAvwZw6ssfcKGe-C36MFbJkN07x3v9L5hsBd3leaW6idv_0fhP03xR9gu-ODQltygBiDSzp-QmZ1C6b6VkaG6shR5nA4d31mMMgG2EMXx0PHOkrBDHnqXffC8qRBfdikVIwTnANMlKvpR23f876WIF97zGEvYRrRYcohJ220HE8RwMiIxa_Wd6ukBOZp31iSLZhlIXQIaRSCKxNhSbvBLZwPFS3JW3jMC4r5QAkWAidGpmVtWU4gvgqdHQBGmTupbaoApD2iSYgv7W1MwnRfS1aXWt2J9v9aCa81twzIhJEQv-rcigS1QUtoge7l1bDGX4H38ZZ-5Cwzj_8A0SlMbJQhzKGXs1mA_-cfY8_Ywgj0i4nbVPY14-Wy1o7_QVjRJLr4sdOOJOm1X2T-n6-ZnmjlxOCiHhdk3RP12hQcrcGbGibvtHl7s94Ic2aOI_7K2Io_oUlD6dwP10Kn1jhUoqTYuA8ItLRMZAAuPG7zjzqyd8qR0CWM-So1UF6XrsIkgFXGtP4fqFOzp7ETcurguc-K0BJtaP4K2KJX3z4BG97xa0QwOA2k0P8LTDhdbxuzXC7bhbgcxNFDBbegPQlIXsoKXFLThqc-tmtHL_0kN52L8yV2wtwZQcuQLfms8Er9XzaLVB_NLT9pMPbjDCC8yDjNXjExqmhDeLWNrjynx5SZ0qSJbFCeyW8bbduekQx00rGzf3VaAwiRpo5-wJoExka1jcKZShyWNpCCb-2CYifLv_Ql6eMhOk_oTA5DlB2oXVI7JqvBnnCDbtvygy4dBWtZeNaMA7759P9sg&sai=AMfl-YTl8cSYoZxEegdvOFeM_w3clFOz4s--2l4h9WAjVR_dN3PodLhvoDo038lBgDzfzD_-QLpEFvreIx7iGojBL51-1-XN6GjvsMaI8E0hkFLF-Lud5r8zSWvgdKbz6BxlCBu_q2CBVwAEfBX3esU-55b2FvYBNzTsU9tSa3bOPS-MNQfG05Fkgz3pNr5AFoOiGyDcd-B-XA2EUyKkW8z5saEY6moCwFD0QyIp0YvlA4ofIevgnjQrkaO3Pyoe4DWefugEsrWSCf2K6RYjOkid9bqb0jKd0iXocXHhJzQ4r-rUEWka8USdvG8YOIC8-2T1&sig=Cg0ArKJSzFyCB0TsNHOlEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=805&cbvp=1&cisv=r20231207.53775&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5592350693648674397
s0.2mdn.net/simgad/ Frame 2824 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5592350693648674397
Requested by
Host: b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
URL: https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cd22ff59bf38a22857fa45078271a17861347925d06ff7c89df897447a24b08e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 05:43:15 GMT
x-content-type-options
nosniff
age
345571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6021
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 15:03:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 05:43:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACD2 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth4zrkYlYsyDDxfffnItcakSuNGArHexBHYSHuzT22ztufG-Fl9ohVOf3TaS0NjxQLD90ipYrGOGUbaCQYPEpFVRKjAItzll45yUzpEE4WaCSBh9ne2tnYivQx7YOrJYH0U86_EXtgSuwAnInxHs0ltIO0&sai=AMfl-YQZLEBf2NE7VbiXG0POBP_IGjnrBhyMYxeAia9K0S1b-NsaAhhnKdci-QOPxmlnvYevhLCDPyAZJ9oIIAUeiUljyrFS7HlG0tMzj_FyiOZoYXYjxUJ7pBmrg8bJpWJD29PeDoAH_uRychBEpYWd&sig=Cg0ArKJSzMKG5BQ03uFdEAE&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&id=lidar2&mcvt=1000&p=108,1030,358,1330&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702359763124&rpt=1298&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2824 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4_XJMyW5u8H7pum3Uyf9E7Mnap874IhPsGaOWo5ZmvpbkPO3T5NYEDvxT6-jnJaFBcgAsii4sgXyI_J5s2qmz_qcQd1Gdz2o0c05ME9fhiQPtvFzCWjWnl2fyjtbdVlpBXcHaGlwGmxmM6pl3SHf2T4lj&sai=AMfl-YTVRx2SxcrSJpWpswwINaKdYpjAP_LRd5gITHvgE_F0xlmIhC8jYJQfoaCLQpMNZ1D6RXq508fmxYPYmwPt_rOZfoI4iDmbKQAx5I-lqqSnMjvdfIQhJK25UX5tQu8vdjEQpak1UPkPX7_zEKgR&sig=Cg0ArKJSzHhK3YwtZFulEAE&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702359763158&rpt=1326&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
float.js
s.trvdp.com/scripts/v5.832/ 		469 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.832/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.18.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-18-73.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 03:17:12 GMT
content-encoding
br
via
1.1 1969b693060171ec284d3d0f19afb534.cloudfront.net (CloudFront)
last-modified
Sun, 15 Oct 2023 15:13:28 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C2
age
3810334
etag
W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
poWxeNRsXWS9BbpLs5TNpmZezjT6R-M7JM8uL7tUNDos48CfXO3a_Q==
activeview
pagead2.googlesyndication.com/pcs/ Frame 298D 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNsiodXcBx81cg3Q-2JDbfDrq70PRMm1RTBKGzTOYX4l5wz7oJ9csUmpwv86f0O6I7aFkzMOQV9qGeFO1lS60KK0-qh9J0flRM1epnhf0UnBfakgIif1z54JcIbGhBy_CX4nNdsHgO9IxOR7ktgrRxL8HvAO1Wf-8bG3nVdJY_E6JVrGqB2oijdUq5Lj2nxrVK969jq03TaMlEcC1ZxwasI0hpYnsO-I409rPrfGP4855odJqBKqBwxz9o81h4xye1tILkNwC_ymjCHxoKXxS7_sQNleB0rB9ThrJm_SJB82QTljME0buHU5rsv4pnwpCMrAIu86u3wtYgRh15r1C55aVpzrMWs6RCkycWMPHlf5qSF5HOPwBMdMVtc5AFqaSVadj6JAiP7j1AS4eZBW-3nFPpCzZ5TFud8MVuRDUFRDmKCFiwq0Hi07Si4sClZKfX2GAXpgmLiIhIBsJtrAQI504-ceUeLBknNIPiPAStyaGzZEeEyD8BJ6AbAfcvEXRTVmE6mBtOgArCg-Nr4lQqT03B-mcgL4E097nVJJ_Y1l3LvjX6QjjeaID_CXIT9iXtd0XagPMWyALCKtJfBU8U8x_bvVG-ROOpbDwWb6o36TcBoALB_kjsa5UcS65sV439FSoghIh1RKU7wtONzbDsVowDJjxX3yAgr2c5Vid8LM1e99ICllLyUeaCcCOtYx_8WIBNowe8OXiF6m7acgGwPpntFXYMew--N_UifzLo7_hT1bNhLHuphAOirM-Dm-Cs63MDBh_butafcSXZxsGnApSsSAoQLgeLEZ__6BnKW37u16Y7GWomJv8I7jxVJj5MbCQMCB8uSdPcxncX0gKVXxca8JavSgzJoHbdOlXnvU2OWwyazZV_kXgdsMeeZWx7FKYjBbCE9fJbCAXRN06c7-55RM0hvGcLJfuaub7Y2_OSnvTPkjnj86-gO9bhsM6EQLd8h6SzJHQxRT6THxjT82etSlaUYQaf-ROxKy_xzb_Z9W2kuTg7BXSjmeStyq6wCQoasJhc60nyQf9AYmK8oavDW0ZSLhnba8caD4i4iwkgn5t6Rrus27bA69YhFonVJVVY5nZlwQJa_ZLOhLRwy0sf9exZaQrrzj030je-uQ5w3IS2c1rK9gWwH5R-hHk7TWGpYE2ZrYbGVjMOg4F0Ge6GGj22wlWPl0m_iw9yifWb_4QqNFR8nFRtENorFDFcJT24LWbpM4ewR1mIYtQvHp4e05SWZ_Cm20qKVDc4YY77-oS8dT8gm1FgNNs9bMkXPaY6HAeRYYliiIHjDXS_L3uWS8aGZyr6A6Quda4wkJY6RSi2nI485NDtGqFyukW76d0JefC0o4M9PN_3LyQndwc2BeoUj8-i9Q7SStueyh_3bF85jtDg1LWvLwHbigfj39mV2IlVnrwj-YgWYxHZ6rYMM9w4QICGCU7YnaVv6vQybaft_KgwzK0Oy0L2XYWBj-8TkhsL&sai=AMfl-YSLpNoIndk1U5vPJOcqUoWv34MY4gAZiyLwL1L1ZJeelCOCjgOeHxU_ghCpuOh7jAXXm4gRxEBQ0sjoUszlpptIwLwGa4h8hSS_Pl9Em_el5QnFZyt6o8Izg0hbPeRy_FXiIJBH7eScYV3D8vbMeFXdfGYLbiia_-S3zQ&sig=Cg0ArKJSzNc4DO_YGXgMEAE&cid=CAQSTgDICaaNPrYQE-IGm51D9vycUmkl_t3PhPFdJAbvPW62nE7eE7e-uDeL6I6-0l-vq2bTWIErNalDMj10-erMXPUUDbUM3Y0dOwi94RTouxgB&id=lidar2&mcvt=1000&p=455,315,545,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702359763113&rpt=1747&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cors
rt.ad-score.com/score/ 		48 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=SG&l4=desktop&l5=5.832&cb=0.05165050889017131
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:47 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
view
googleads4.g.doubleclick.net/pcs/ Frame ACD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvK3WYN0PRKXGGggmT8jOC0_N1rkC0HCiV_bSdWi0gjgvAeu-VZq3Qu_n6M0FaETFbna7svwrGBBlg3uE4u0ZP1riZEzLS8LfHQxyS2otuc4ACZZ990XETKC6eqSnlI9qA7lGbkzwDjmpLboSLoKzeITOIKcZjTRmOmC8osporcfXJKGE3_Muf1XuL9ryiIPDVzTcqx9xOr47Ux2NuvmFiIVDVzlOxefLElPyQt_1J7ham2hdyCUX5j2dD_35hg0G82N6l-QsKvcU20EwVyBlqlWmFO8N0EMN8xpnwxfq35_A4tKzVyxH97F-nBGFYwlSZ0DOghxul-CdNSbLY94ZzF_zvXG74i6ewdkcVgl1Juy3-BPDjSOMqo3dcVwCDjE6crAAXjU1IiIz85Hk6bObGAHJUQH-AWxmFvWYNNm4aGiFf-3-5u3gl3a43RwrLgvx1wA9uUdktvwAs-TwtPP3Z0RyWvIsF2sSoiL4rfqGyMg0owuWN330jSRmrS7f2Ao2cML-u1778x3bkpSOuyKtFy_L8odEMQnSw_84yN37NR1o-3MePyOvI0qrUl3gWE6HWMQ4Wgeq30s2fUqoqyF4wbVNiB-0OjmoBgZn3xmdCmWh6Rtik7pBGra0dhNxIUphJUVRWuaat-dYkp73dPKVUM6wdO6z8q5jSbCWygcOl-h9zfHLDwNfD-MValHnaTTuO6Q_GXO4BmY0wqFep4WOu1AcRG9mS9AkoDe0mFvHggHTKM-ToS728KDBuFzSyZYcpv07xyatklyq1RZI2O2f6EgmoqGWdI2uUmdYN2nD56EkcrCk-B0O6DKbkvKABVi0OCURG2RH-mhM9a74B-pJYUUhPxZX0DDyDgn4vHPnWzE3t7FwrLmsVxCksnqoVmmGYlcwoQ-bgEDFOEGAMPogtXj7dDBSG1qD5mfiVGZdv_7e0hGWR9a85rSvJkApjX6Nlj6VL-IVi0tpkfF8q5d4i5c8NjUGhAQIOqHW7ica_khiPX0lNCtXW_xj0kWyV1yxVvCdInbpv1UDQh1vBpPTOVsCmLq3MPwVioAlx2PtRzjPovDbcNZidKwt4TQ-KlZvS79m8awwWCO27p8KwAGEcxE4HFhF7gtlL4w_Kwu3X6LFkNFvikJRGZb9ark9T6yR2yudV6Fa629MnbCgQl9Ctv7O8iCiTvRSQQa_VnPphvUHp6Z_D-QNCt3huvPRMcVxo7MUvU95PKkBHD6VeaZf-F5NqFBrlrOaZGVfFUjdr34nSgWdJCARPzWu8ZAd3PGsWhM3o-1Ag0UcrC7ZLZQ6R-RX0Mfn9xNTbW3uPAWbwxnUDrAAVSO36-fKc3KRk36Qm9aSOmd2vw2BYhpxVW0F8AhvJKLCVMJN2SC2waL0z54ttSQvXpSCIu_Bhgobfp9IaZnj_LaowOh-FuPUC3Qs0Is-3o2L1VYeTXqR69diJ1d2LwHBj8-quLjcKfFWzyRXjIol7eDsLBzQoSPwkwp-RgmF3bBy-mOFBF_CazfwzyZY27XVikxSJ3BV_PTbTz&sai=AMfl-YSrCx-kBr7ZPdxqwXkKEdTLSH4gg9EFP-o5gXgusFxx2jUIgjubmFIjDQU8J0sU8LXwSyNmYaYJZacMB_EIU2FCO1Kbv3SlOd7DK2GPeHLx_g1da2dQ7klj85LONZV1TGUbPr_bfMBBGoOlRA8efqJ59r1hwW2re51moLTW96qVWQccskS-tonQBP6_kBgRFFX4rEPaPR80QD3MhwG_FNAlHb3wkBF_EAztjxzfiHDxL1PIZSUaqY0RBLNIQC5UMth_cYAWuCzv-_c1AsYLx4WsGS745c5mr_cIDP41_lO9x5c8Fyc87NlaFJqtm8Z8&sig=Cg0ArKJSzJCgIKMyaw5HEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1885&vt=11&dtpt=1041&dett=3&cstd=1879&cisv=r20231207.11587&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
SG_Futures_PRSP-1-Singapore-300x250-638333201597143815-c28aeb91-e81b-4494-b1c6-8edbe1aed4db.html
s0.2mdn.net/sadbundle/17144318359328784384/ Frame 9F30 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17144318359328784384/SG_Futures_PRSP-1-Singapore-300x250-638333201597143815-c28aeb91-e81b-4494-b1c6-8edbe1aed4db.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
4494a59979e42737d886e373a8837cc6a8902a245f3f0b98f4ac62782458b7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
10068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1857
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 02:54:58 GMT
expires
Wed, 11 Dec 2024 02:54:58 GMT
last-modified
Thu, 19 Oct 2023 13:49:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2824 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4rc6vdGdqgv0-eTCVXB1Kl1zGyT1fQJMjB74KSD2lfNJXoW8ZqdVwAHJROU9FthwlZTPY8Hccj-F0DlsY6J9YELsi8xnUK9EQDmQePRc1hs7pZ5vCiqfo_JX6OcRj4YA_mTxo5B6C9MGx6FdyrjjhBSM-FtiYQnIMGzQjylNvjElkuTImgw5x1IMJyyoXXzxtrGe1gsc58Gb-r4LXEykZ8yMXqRQ6u7ambfroHwozrFkgFrsOdoJ5k18j1v29tFrwKRHNDKQGi63e1U9_h3hY2JAdzPaEgI8ypkeoDY4EXdS-uLmoZjhtUdCxWYyzARlUDIzuc27z2yd_khD1kpAnvwkXZP8QkwvsURmtiZ8aLCKQ9c6nwE9XY7zk87pqRB6819UzWQKT8fXUfziCucfIE12h7rX9qS4UwfS73cihkPvJy4Wbd59HblaY4xwo0a-ZNAomAFJUFwJl5BdEXPidr-AaWGXUGJeGDPOtrR7yusn5De6ZSEP6kjogdGZ2rTDF5vVCfHcwpw3zZzSkn--jDKkafeOMoNe7-yx15d-qM9aEN-jhPesxboWmWX-qwHQRU325WMp0ZGald1vEQRQFEy9j1_OLazWz10DWNhio2Hn4WXgn1W2m7HjPAVR1egkjlc3PSG92gfz4sk53tXUfr9sirLRFLeFb34lo9-2sEFZd6mAMe_lnRQxKU3y8mzeCVBCW--wwdg-KZHn0uVMXbjVnBKAvwZw6ssfcKGe-C36MFbJkN07x3v9L5hsBd3leaW6idv_0fhP03xR9gu-ODQltygBiDSzp-QmZ1C6b6VkaG6shR5nA4d31mMMgG2EMXx0PHOkrBDHnqXffC8qRBfdikVIwTnANMlKvpR23f876WIF97zGEvYRrRYcohJ220HE8RwMiIxa_Wd6ukBOZp31iSLZhlIXQIaRSCKxNhSbvBLZwPFS3JW3jMC4r5QAkWAidGpmVtWU4gvgqdHQBGmTupbaoApD2iSYgv7W1MwnRfS1aXWt2J9v9aCa81twzIhJEQv-rcigS1QUtoge7l1bDGX4H38ZZ-5Cwzj_8A0SlMbJQhzKGXs1mA_-cfY8_Ywgj0i4nbVPY14-Wy1o7_QVjRJLr4sdOOJOm1X2T-n6-ZnmjlxOCiHhdk3RP12hQcrcGbGibvtHl7s94Ic2aOI_7K2Io_oUlD6dwP10Kn1jhUoqTYuA8ItLRMZAAuPG7zjzqyd8qR0CWM-So1UF6XrsIkgFXGtP4fqFOzp7ETcurguc-K0BJtaP4K2KJX3z4BG97xa0QwOA2k0P8LTDhdbxuzXC7bhbgcxNFDBbegPQlIXsoKXFLThqc-tmtHL_0kN52L8yV2wtwZQcuQLfms8Er9XzaLVB_NLT9pMPbjDCC8yDjNXjExqmhDeLWNrjynx5SZ0qSJbFCeyW8bbduekQx00rGzf3VaAwiRpo5-wJoExka1jcKZShyWNpCCb-2CYifLv_Ql6eMhOk_oTA5DlB2oXVI7JqvBnnCDbtvygy4dBWtZeNaMA7759P9sg&sai=AMfl-YTl8cSYoZxEegdvOFeM_w3clFOz4s--2l4h9WAjVR_dN3PodLhvoDo038lBgDzfzD_-QLpEFvreIx7iGojBL51-1-XN6GjvsMaI8E0hkFLF-Lud5r8zSWvgdKbz6BxlCBu_q2CBVwAEfBX3esU-55b2FvYBNzTsU9tSa3bOPS-MNQfG05Fkgz3pNr5AFoOiGyDcd-B-XA2EUyKkW8z5saEY6moCwFD0QyIp0YvlA4ofIevgnjQrkaO3Pyoe4DWefugEsrWSCf2K6RYjOkid9bqb0jKd0iXocXHhJzQ4r-rUEWka8USdvG8YOIC8-2T1&sig=Cg0ArKJSzFyCB0TsNHOlEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1846&vt=11&dtpt=1041&dett=3&cstd=1839&cisv=r20231207.53775&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/2EXk56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html
s0.2mdn.net/sadbundle/14948768259145465856/ Frame 36E5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14948768259145465856/options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
0343a7310b60e542faedf167129bccc3c54da19f3a51b68994bfd076c2d19c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
345664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1857
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 05:41:42 GMT
expires
Sat, 07 Dec 2024 05:41:42 GMT
last-modified
Thu, 19 Oct 2023 15:03:28 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
fdea4ae7c0e538c3049295d94448b74f050bb03c0608f3c759faa166bc1f0986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12186
x-xss-protection
0
653133b7843eb9eeda76b46a
c.bannerflow.net/a/ Frame 9F30 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/653133b7843eb9eeda76b46a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsskKBnOYEizFFngVWR1jcy8vSEtq4D77G-uO_Xdb3EZya4gIqo89kZXsc7eKlgyI8x0e8OAJJGUdajCHuOiuInvTEJ5uDblEJn70Xo_icdAxqjV1UtqWwHAU-41slYzgJefemV8UO2CBbfLkNXmAzftqVRIY7DlbLpjB4TqPOV6y6wymLzHZ0RhjzUneRvJPfO6Th3AzhN5ZihMVtQkYsKkgvMRHg7yoAa-R30B09WYh4pD05mtONTt_k-6Y4RoInbF7tqfADhio1nhrui34D7SIBReAjqiWLoNiyDiwLmqpTBjicQmN_DEdYuNzISdFje2U9OOTe3SZc0Y-YdCXkWs-b19tz5weUSpV0-ThlON_cCZFAGT5WoDufhX9KP8Q0Hmj_DHkGKXYBRM9SAQ5NdRplMhtaiob01b0NHqNJ3fI1d_NXs6z00cnn2ShBR5h7JaY9K8KojVES3K8oSWvaZJKgeMI9FjHHRHLqE-nwU365Q1lwD2om_15t4pyHwV3yrJeyi7SdAXnPeaPRKrB-KlJ6DPi-yLppnmscpwwrkGc6LvU88fkY4wzxMKKlABmELEfApXF4hA0G_8pS_SJrdNgg-_uU3f5UlyC_41zhML5krm7p-siJMtK-J7zory3W0B6MM_SBUp7PXkrq7eLCd7sPaGtVGj1cQl3EAz5S4CsgIwJoPV2sTI6WBKSF7ZqJ-8xKZMdeKf_jBLqG0wkTKN_Qi3yZGsj87HKDkOayq1xxAUUHoCAu3rmX4ZUJ-nwwZx1Wul8dHU0aWLzYbhs-NgqoSgAv-A3XbJHmGlWtQPV3QR40szgDM0akJ4z_2p1dFIXBCfI5MxlGY4zAXjtZ-EzdIvNJVMCOzFE8tCc4AGTk0ETlMnKPPlbAGZiDMGE0JMAiFY9HTTgozVBK0fn1bydywzVMXWyDNxfJzkb3Kbq_7q1YAKx0gnXuBx0ebPm21IQPHkE3HOGyMid1CuzHhoQV7LhcC4NrtXs2FVOviebjt_aMMVoWqKqxurt1AVN1lSN4R1VOazR2G3v5PaWmH8tH6UoiFdHPOtfL2pj4OOKtBX6L4CfszE28pNBe_bMI8KG6uokrD3LjbBwdoE26TGXQWDciUhjV3fl2bWXVcsMEOxgTHYAOh6nbG175U73DcnwWxvtwkvlQ0cUjAAjf-O6pJwmDHG3_wo5IGdTAwkc7f2CDghTfiA6JQOEiJ5x7RuToLr8Sh3bS601XVoo_kuoQ6ovTiACvavKAgQjjEWnssCcvh29umq1irzTf1UtMeYF1iL1mMpQfYra_OMQeReE06G8sdddOv3ffZgAUfhLkD66gfS2L-IXxAjJYNKDOEBr42xHfHKnqN7i0Kaw7Cvwnpi1gIf4Fma0G1YP61QSy9H3zvdBBxRrOBjvl1aiS7ZVuQS_5tLgriE2oPSLi7tsFkFXzO__eDlHW-SaU3U4970dl5LzKNCb8VVvO9Ncwe9ddZ71O-XkbgSpasLzuXPG3iOCS3oONoWl5X3XThtyqsWSdrDboE6AGausRh4KL18XSUFkDat7Q%26sai%3DAMfl-YQjZBlQRtVp9G5ovbLXC9s6kMI8jLCZJKog6zR1AVzmGQwX3dCziynR9WX0C3sNSr1JmBGIO_T7Corkz6bwRsCD-wAuTvjZiAoG03EpFywpIEMmNHfDPLP2MpQW1ioEyGBUtghTwINkVHmOdbWw2ZuOZjS5cfw9vKo7buvaO-XrGDhs9FXbRcTiYPtgoGyHLX4gx6S7QyL3drUcYsRLbsawyTr7nXphMowaGOsfYEI6DRq4n9A0THteioJGsI92FAZYI9OVSGni3FxUDGWPDHGJUVWUZ50azGa6cYFu9VLH1hnCZE4iqw3l1WEIGeLf6BiQEDJabd8u4A%26sig%3DCg0ArKJSzESz8P3jWGtjEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Ffutures%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17144318359328784384/SG_Futures_PRSP-1-Singapore-300x250-638333201597143815-c28aeb91-e81b-4494-b1c6-8edbe1aed4db.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562a3f00ee8b3f6173157185b49f0b0c0caddf9ac78ad6bbcf70182177241e3e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 05:42:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
8343a5609e9c5607-SIN
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
6531450d843eb9eeda76b698
c.bannerflow.net/a/ Frame 36E5 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6531450d843eb9eeda76b698?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstGrauT7dMAglKEtBjxi5rVttPdbIlmd0dERxepa-Kywol77x7VQX-2g6ySI7LP-TIxWfmKC27cHjYfZAx0LRB8CC7qpMoeNgSAgOljP2SBgQANj2x7m5tszjexVR0jslfZG5T1vjrYRTBwQA9OomU7O4BhLr1KjkHQ-bSrAPjGHNPQEFCSkgnIdHZH0dj0wtQJ5pAQ0srckS0IndyzJzy3EI2_cDpG4IF6ll9stynHq3PsIFSumLlmxTlvrk6WXcZAX1OqX-8tb7YcikdaEcX2TmrwV1RnHpHcU1SqhtqdZNW0_ss1BdhIh0q_eg22vOgIxk5Dl0YU3HhZkybd8uzL6k-huCSn_iJSYqU9s80bf3VIPbjeih7VSp08_W87uNovvez0Z32BR-gZpJpKYt_qdA5gd2IqYa6YA6iNbrklGXL2uWKS42ZqUfoUn4OUhjbBgjzD8usWSh4Z_nGt2yCJ5Z7YLm6e79eQdH_2NL7Aj4GMzW8Pzsi7WMfvItMSL1evNvqQWGzt4LDN9upDBDTD79_4hNtgySvN2iTD2ZrqgVOYNjtc5L65m-e-kwiSSTlLUtO7fE1UWJp_FqkYuktucsGj_F6izeFvWpIB40XSKuChX3dfVqE-CZ7cMdOG2inq2YDOU1JP34SJXCc5Hnj7hhrnH_nE5LIj_78dBIeGVX6bejblgQ3JfvCgRGfvMr27t9GHcWSUOhB16t6agdrnbj7_JeumvT2ma92gTuWJJKkGqHTiFhXgqolsBGtH9yTIjTzRN0FDOuoFhZevT05ASbO9phWSuh42UXyOsGM7Ptw8YvrhdacIsBoPgLXGImaD2cFkMA_6MFfX_K8bndt0zOO5lD3KJ1Lr-P6sJQNl3USbHzTSUmSudx9DXKuwU4R-V1u8jZ97yOsyyIGzW55XcuW1f9Ugj5D4u_Of75NWl-QyE-w0heh5nNdUkht4gGp9jhQ9buPkd8gaFLzHkH9M57kSGW5kDZi1XnzDlOJj2Vz3Ktf4v4ISPgztUuUc34PIo32w-_50mllLTIBfGuy3qrmctKuxTaeRqAcjH69XgY5HXYshZnc1w4More0ylj8IwNPhG9bKKMK-G0zeknI11xWIu486WlBNbfN0Ef9F_NeFAktTsZtvOpFlD_IcvIPEkyxjUcWRY5OxYi1JpEbVEZPfHAcxx4Cf6IhgquuT9rtjYViQmojSbXQ1240jNO6LjgYW9WQ9KHX61M73ayRTh5UwPyd4Y_a7SlXoQ-YCuBWri6a6247-_93hO3PgRIYmp7o0aChkzSc_5nIqKeC_7OdMsudIQbdfeOZWUR8wZN4muVfRTIxgEw5liPe-kXY13TZcdXe33uscNQl3Yuq3O49c-8i9M8JqqVxCAu8nDGdWNgC4wprMNJ5411jgA5UHOvroFeTcfZvSGDqo8J2XiBafYUjEJLLQPmuDKOj2kp6Tb8m2nxBNB79GgfCHg9_Ne1P5jS2kXRw4FBm6bNM_3grlHIKeeB9V9pFVFjKr1YKLFUqg6gExiOOldecimrGyzDDbL7hkPQ%26sai%3DAMfl-YTHHbbY8d3787PPmONcqwCx8S0A8uVl6kV3_uxSjLqAEOJokqLx5uaeJVPxbz-S_Y5v549WewrfRrRMzS4TIg1cOIlM9ovBhWpSXgUmoh59spJaUZexU-SqUyL_thj-ItGXvpl6gHNKoJb5tB-jJE5C-Kp7HUu4k7lSPtw_sRPt2Rxd4C9bWISZJIujMAj-gpO1HbkeApO3Wn0Q6VDLtofxpCQIhe7RPt_in7WDKKnTQPWLj1YdJtiTvwo7wDu1xkwztWrtoOaMepTo-j2RyqjQ8vIst-t2daJACuYXQ2NYhFP-jm44-HChGtA4e_M936gjvIulEAN29Q%26sig%3DCg0ArKJSzDOhPkvVD93FEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14948768259145465856/options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9d8824cc72c97eaaa269cd5fcb061e212a8cbc462f8cd191ad3ae792768677

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 05:42:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
8343a560aea35607-SIN
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 05:42:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA29 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
346080
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 05:34:46 GMT
expires
Sat, 07 Dec 2024 05:34:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0CFC 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f104.1e100.net
Software
GSE /
Resource Hash
35907d747924496255493374f099551b8d617ecdfe6762395dc23e79958eb199
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pGptTgWWrjZC5bxcvJjleA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pGptTgWWrjZC5bxcvJjleA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:42:46 GMT
expires
Tue, 12 Dec 2023 05:42:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DA29 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 05:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
344994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 05:52:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0CFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=2892844258581353&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DA29 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Yy_Krg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACD2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3075200399349&version=m202309260101&ct=76&x=1&cor=9926312082979428000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2824 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7059669812497&version=m202309260101&ct=76&x=1&cor=8437012696208528000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.000000538E433C.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5331300/7369604/ Frame 9F30 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5331300/7369604/document.000000538E433C.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/653133b7843eb9eeda76b46a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsskKBnOYEizFFngVWR1jcy8vSEtq4D77G-uO_Xdb3EZya4gIqo89kZXsc7eKlgyI8x0e8OAJJGUdajCHuOiuInvTEJ5uDblEJn70Xo_icdAxqjV1UtqWwHAU-41slYzgJefemV8UO2CBbfLkNXmAzftqVRIY7DlbLpjB4TqPOV6y6wymLzHZ0RhjzUneRvJPfO6Th3AzhN5ZihMVtQkYsKkgvMRHg7yoAa-R30B09WYh4pD05mtONTt_k-6Y4RoInbF7tqfADhio1nhrui34D7SIBReAjqiWLoNiyDiwLmqpTBjicQmN_DEdYuNzISdFje2U9OOTe3SZc0Y-YdCXkWs-b19tz5weUSpV0-ThlON_cCZFAGT5WoDufhX9KP8Q0Hmj_DHkGKXYBRM9SAQ5NdRplMhtaiob01b0NHqNJ3fI1d_NXs6z00cnn2ShBR5h7JaY9K8KojVES3K8oSWvaZJKgeMI9FjHHRHLqE-nwU365Q1lwD2om_15t4pyHwV3yrJeyi7SdAXnPeaPRKrB-KlJ6DPi-yLppnmscpwwrkGc6LvU88fkY4wzxMKKlABmELEfApXF4hA0G_8pS_SJrdNgg-_uU3f5UlyC_41zhML5krm7p-siJMtK-J7zory3W0B6MM_SBUp7PXkrq7eLCd7sPaGtVGj1cQl3EAz5S4CsgIwJoPV2sTI6WBKSF7ZqJ-8xKZMdeKf_jBLqG0wkTKN_Qi3yZGsj87HKDkOayq1xxAUUHoCAu3rmX4ZUJ-nwwZx1Wul8dHU0aWLzYbhs-NgqoSgAv-A3XbJHmGlWtQPV3QR40szgDM0akJ4z_2p1dFIXBCfI5MxlGY4zAXjtZ-EzdIvNJVMCOzFE8tCc4AGTk0ETlMnKPPlbAGZiDMGE0JMAiFY9HTTgozVBK0fn1bydywzVMXWyDNxfJzkb3Kbq_7q1YAKx0gnXuBx0ebPm21IQPHkE3HOGyMid1CuzHhoQV7LhcC4NrtXs2FVOviebjt_aMMVoWqKqxurt1AVN1lSN4R1VOazR2G3v5PaWmH8tH6UoiFdHPOtfL2pj4OOKtBX6L4CfszE28pNBe_bMI8KG6uokrD3LjbBwdoE26TGXQWDciUhjV3fl2bWXVcsMEOxgTHYAOh6nbG175U73DcnwWxvtwkvlQ0cUjAAjf-O6pJwmDHG3_wo5IGdTAwkc7f2CDghTfiA6JQOEiJ5x7RuToLr8Sh3bS601XVoo_kuoQ6ovTiACvavKAgQjjEWnssCcvh29umq1irzTf1UtMeYF1iL1mMpQfYra_OMQeReE06G8sdddOv3ffZgAUfhLkD66gfS2L-IXxAjJYNKDOEBr42xHfHKnqN7i0Kaw7Cvwnpi1gIf4Fma0G1YP61QSy9H3zvdBBxRrOBjvl1aiS7ZVuQS_5tLgriE2oPSLi7tsFkFXzO__eDlHW-SaU3U4970dl5LzKNCb8VVvO9Ncwe9ddZ71O-XkbgSpasLzuXPG3iOCS3oONoWl5X3XThtyqsWSdrDboE6AGausRh4KL18XSUFkDat7Q%26sai%3DAMfl-YQjZBlQRtVp9G5ovbLXC9s6kMI8jLCZJKog6zR1AVzmGQwX3dCziynR9WX0C3sNSr1JmBGIO_T7Corkz6bwRsCD-wAuTvjZiAoG03EpFywpIEMmNHfDPLP2MpQW1ioEyGBUtghTwINkVHmOdbWw2ZuOZjS5cfw9vKo7buvaO-XrGDhs9FXbRcTiYPtgoGyHLX4gx6S7QyL3drUcYsRLbsawyTr7nXphMowaGOsfYEI6DRq4n9A0THteioJGsI92FAZYI9OVSGni3FxUDGWPDHGJUVWUZ50azGa6cYFu9VLH1hnCZE4iqw3l1WEIGeLf6BiQEDJabd8u4A%26sig%3DCg0ArKJSzESz8P3jWGtjEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Ffutures%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ec8945431d1626621c734fbec5f3fcbd223d145527460352bac2606024d9f4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w/PoxbCiTkoMFUJq981OBA==
age
2945114
cf-polished
origSize=35402
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 13 Sep 2023 10:20:28 GMT
server
cloudflare
etag
W/"0x8DBB4430DC0E3F0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
93c6a486-a01e-0054-59f4-119a84000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8343a5620fb15607-SIN
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame 9F30 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/653133b7843eb9eeda76b46a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsskKBnOYEizFFngVWR1jcy8vSEtq4D77G-uO_Xdb3EZya4gIqo89kZXsc7eKlgyI8x0e8OAJJGUdajCHuOiuInvTEJ5uDblEJn70Xo_icdAxqjV1UtqWwHAU-41slYzgJefemV8UO2CBbfLkNXmAzftqVRIY7DlbLpjB4TqPOV6y6wymLzHZ0RhjzUneRvJPfO6Th3AzhN5ZihMVtQkYsKkgvMRHg7yoAa-R30B09WYh4pD05mtONTt_k-6Y4RoInbF7tqfADhio1nhrui34D7SIBReAjqiWLoNiyDiwLmqpTBjicQmN_DEdYuNzISdFje2U9OOTe3SZc0Y-YdCXkWs-b19tz5weUSpV0-ThlON_cCZFAGT5WoDufhX9KP8Q0Hmj_DHkGKXYBRM9SAQ5NdRplMhtaiob01b0NHqNJ3fI1d_NXs6z00cnn2ShBR5h7JaY9K8KojVES3K8oSWvaZJKgeMI9FjHHRHLqE-nwU365Q1lwD2om_15t4pyHwV3yrJeyi7SdAXnPeaPRKrB-KlJ6DPi-yLppnmscpwwrkGc6LvU88fkY4wzxMKKlABmELEfApXF4hA0G_8pS_SJrdNgg-_uU3f5UlyC_41zhML5krm7p-siJMtK-J7zory3W0B6MM_SBUp7PXkrq7eLCd7sPaGtVGj1cQl3EAz5S4CsgIwJoPV2sTI6WBKSF7ZqJ-8xKZMdeKf_jBLqG0wkTKN_Qi3yZGsj87HKDkOayq1xxAUUHoCAu3rmX4ZUJ-nwwZx1Wul8dHU0aWLzYbhs-NgqoSgAv-A3XbJHmGlWtQPV3QR40szgDM0akJ4z_2p1dFIXBCfI5MxlGY4zAXjtZ-EzdIvNJVMCOzFE8tCc4AGTk0ETlMnKPPlbAGZiDMGE0JMAiFY9HTTgozVBK0fn1bydywzVMXWyDNxfJzkb3Kbq_7q1YAKx0gnXuBx0ebPm21IQPHkE3HOGyMid1CuzHhoQV7LhcC4NrtXs2FVOviebjt_aMMVoWqKqxurt1AVN1lSN4R1VOazR2G3v5PaWmH8tH6UoiFdHPOtfL2pj4OOKtBX6L4CfszE28pNBe_bMI8KG6uokrD3LjbBwdoE26TGXQWDciUhjV3fl2bWXVcsMEOxgTHYAOh6nbG175U73DcnwWxvtwkvlQ0cUjAAjf-O6pJwmDHG3_wo5IGdTAwkc7f2CDghTfiA6JQOEiJ5x7RuToLr8Sh3bS601XVoo_kuoQ6ovTiACvavKAgQjjEWnssCcvh29umq1irzTf1UtMeYF1iL1mMpQfYra_OMQeReE06G8sdddOv3ffZgAUfhLkD66gfS2L-IXxAjJYNKDOEBr42xHfHKnqN7i0Kaw7Cvwnpi1gIf4Fma0G1YP61QSy9H3zvdBBxRrOBjvl1aiS7ZVuQS_5tLgriE2oPSLi7tsFkFXzO__eDlHW-SaU3U4970dl5LzKNCb8VVvO9Ncwe9ddZ71O-XkbgSpasLzuXPG3iOCS3oONoWl5X3XThtyqsWSdrDboE6AGausRh4KL18XSUFkDat7Q%26sai%3DAMfl-YQjZBlQRtVp9G5ovbLXC9s6kMI8jLCZJKog6zR1AVzmGQwX3dCziynR9WX0C3sNSr1JmBGIO_T7Corkz6bwRsCD-wAuTvjZiAoG03EpFywpIEMmNHfDPLP2MpQW1ioEyGBUtghTwINkVHmOdbWw2ZuOZjS5cfw9vKo7buvaO-XrGDhs9FXbRcTiYPtgoGyHLX4gx6S7QyL3drUcYsRLbsawyTr7nXphMowaGOsfYEI6DRq4n9A0THteioJGsI92FAZYI9OVSGni3FxUDGWPDHGJUVWUZ50azGa6cYFu9VLH1hnCZE4iqw3l1WEIGeLf6BiQEDJabd8u4A%26sig%3DCg0ArKJSzESz8P3jWGtjEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Ffutures%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
2445376
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d831603c-401e-003e-2480-1642ac000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8343a5621fc15607-SIN
widget.e41a0c4132970d505cc8.js
c.bannerflow.net/scripts/ Frame 36E5 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531450d843eb9eeda76b698?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstGrauT7dMAglKEtBjxi5rVttPdbIlmd0dERxepa-Kywol77x7VQX-2g6ySI7LP-TIxWfmKC27cHjYfZAx0LRB8CC7qpMoeNgSAgOljP2SBgQANj2x7m5tszjexVR0jslfZG5T1vjrYRTBwQA9OomU7O4BhLr1KjkHQ-bSrAPjGHNPQEFCSkgnIdHZH0dj0wtQJ5pAQ0srckS0IndyzJzy3EI2_cDpG4IF6ll9stynHq3PsIFSumLlmxTlvrk6WXcZAX1OqX-8tb7YcikdaEcX2TmrwV1RnHpHcU1SqhtqdZNW0_ss1BdhIh0q_eg22vOgIxk5Dl0YU3HhZkybd8uzL6k-huCSn_iJSYqU9s80bf3VIPbjeih7VSp08_W87uNovvez0Z32BR-gZpJpKYt_qdA5gd2IqYa6YA6iNbrklGXL2uWKS42ZqUfoUn4OUhjbBgjzD8usWSh4Z_nGt2yCJ5Z7YLm6e79eQdH_2NL7Aj4GMzW8Pzsi7WMfvItMSL1evNvqQWGzt4LDN9upDBDTD79_4hNtgySvN2iTD2ZrqgVOYNjtc5L65m-e-kwiSSTlLUtO7fE1UWJp_FqkYuktucsGj_F6izeFvWpIB40XSKuChX3dfVqE-CZ7cMdOG2inq2YDOU1JP34SJXCc5Hnj7hhrnH_nE5LIj_78dBIeGVX6bejblgQ3JfvCgRGfvMr27t9GHcWSUOhB16t6agdrnbj7_JeumvT2ma92gTuWJJKkGqHTiFhXgqolsBGtH9yTIjTzRN0FDOuoFhZevT05ASbO9phWSuh42UXyOsGM7Ptw8YvrhdacIsBoPgLXGImaD2cFkMA_6MFfX_K8bndt0zOO5lD3KJ1Lr-P6sJQNl3USbHzTSUmSudx9DXKuwU4R-V1u8jZ97yOsyyIGzW55XcuW1f9Ugj5D4u_Of75NWl-QyE-w0heh5nNdUkht4gGp9jhQ9buPkd8gaFLzHkH9M57kSGW5kDZi1XnzDlOJj2Vz3Ktf4v4ISPgztUuUc34PIo32w-_50mllLTIBfGuy3qrmctKuxTaeRqAcjH69XgY5HXYshZnc1w4More0ylj8IwNPhG9bKKMK-G0zeknI11xWIu486WlBNbfN0Ef9F_NeFAktTsZtvOpFlD_IcvIPEkyxjUcWRY5OxYi1JpEbVEZPfHAcxx4Cf6IhgquuT9rtjYViQmojSbXQ1240jNO6LjgYW9WQ9KHX61M73ayRTh5UwPyd4Y_a7SlXoQ-YCuBWri6a6247-_93hO3PgRIYmp7o0aChkzSc_5nIqKeC_7OdMsudIQbdfeOZWUR8wZN4muVfRTIxgEw5liPe-kXY13TZcdXe33uscNQl3Yuq3O49c-8i9M8JqqVxCAu8nDGdWNgC4wprMNJ5411jgA5UHOvroFeTcfZvSGDqo8J2XiBafYUjEJLLQPmuDKOj2kp6Tb8m2nxBNB79GgfCHg9_Ne1P5jS2kXRw4FBm6bNM_3grlHIKeeB9V9pFVFjKr1YKLFUqg6gExiOOldecimrGyzDDbL7hkPQ%26sai%3DAMfl-YTHHbbY8d3787PPmONcqwCx8S0A8uVl6kV3_uxSjLqAEOJokqLx5uaeJVPxbz-S_Y5v549WewrfRrRMzS4TIg1cOIlM9ovBhWpSXgUmoh59spJaUZexU-SqUyL_thj-ItGXvpl6gHNKoJb5tB-jJE5C-Kp7HUu4k7lSPtw_sRPt2Rxd4C9bWISZJIujMAj-gpO1HbkeApO3Wn0Q6VDLtofxpCQIhe7RPt_in7WDKKnTQPWLj1YdJtiTvwo7wDu1xkwztWrtoOaMepTo-j2RyqjQ8vIst-t2daJACuYXQ2NYhFP-jm44-HChGtA4e_M936gjvIulEAN29Q%26sig%3DCg0ArKJSzDOhPkvVD93FEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nZPaCeepSHMZbbh+xShfnA==
age
2878625
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4FEC22F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2bc6003d-f01e-0004-718f-1258d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8343a562781a5607-SIN
document.000000CC8EBF7D.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/3746863/4927310/ Frame 36E5 		204 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/3746863/4927310/document.000000CC8EBF7D.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531450d843eb9eeda76b698?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstGrauT7dMAglKEtBjxi5rVttPdbIlmd0dERxepa-Kywol77x7VQX-2g6ySI7LP-TIxWfmKC27cHjYfZAx0LRB8CC7qpMoeNgSAgOljP2SBgQANj2x7m5tszjexVR0jslfZG5T1vjrYRTBwQA9OomU7O4BhLr1KjkHQ-bSrAPjGHNPQEFCSkgnIdHZH0dj0wtQJ5pAQ0srckS0IndyzJzy3EI2_cDpG4IF6ll9stynHq3PsIFSumLlmxTlvrk6WXcZAX1OqX-8tb7YcikdaEcX2TmrwV1RnHpHcU1SqhtqdZNW0_ss1BdhIh0q_eg22vOgIxk5Dl0YU3HhZkybd8uzL6k-huCSn_iJSYqU9s80bf3VIPbjeih7VSp08_W87uNovvez0Z32BR-gZpJpKYt_qdA5gd2IqYa6YA6iNbrklGXL2uWKS42ZqUfoUn4OUhjbBgjzD8usWSh4Z_nGt2yCJ5Z7YLm6e79eQdH_2NL7Aj4GMzW8Pzsi7WMfvItMSL1evNvqQWGzt4LDN9upDBDTD79_4hNtgySvN2iTD2ZrqgVOYNjtc5L65m-e-kwiSSTlLUtO7fE1UWJp_FqkYuktucsGj_F6izeFvWpIB40XSKuChX3dfVqE-CZ7cMdOG2inq2YDOU1JP34SJXCc5Hnj7hhrnH_nE5LIj_78dBIeGVX6bejblgQ3JfvCgRGfvMr27t9GHcWSUOhB16t6agdrnbj7_JeumvT2ma92gTuWJJKkGqHTiFhXgqolsBGtH9yTIjTzRN0FDOuoFhZevT05ASbO9phWSuh42UXyOsGM7Ptw8YvrhdacIsBoPgLXGImaD2cFkMA_6MFfX_K8bndt0zOO5lD3KJ1Lr-P6sJQNl3USbHzTSUmSudx9DXKuwU4R-V1u8jZ97yOsyyIGzW55XcuW1f9Ugj5D4u_Of75NWl-QyE-w0heh5nNdUkht4gGp9jhQ9buPkd8gaFLzHkH9M57kSGW5kDZi1XnzDlOJj2Vz3Ktf4v4ISPgztUuUc34PIo32w-_50mllLTIBfGuy3qrmctKuxTaeRqAcjH69XgY5HXYshZnc1w4More0ylj8IwNPhG9bKKMK-G0zeknI11xWIu486WlBNbfN0Ef9F_NeFAktTsZtvOpFlD_IcvIPEkyxjUcWRY5OxYi1JpEbVEZPfHAcxx4Cf6IhgquuT9rtjYViQmojSbXQ1240jNO6LjgYW9WQ9KHX61M73ayRTh5UwPyd4Y_a7SlXoQ-YCuBWri6a6247-_93hO3PgRIYmp7o0aChkzSc_5nIqKeC_7OdMsudIQbdfeOZWUR8wZN4muVfRTIxgEw5liPe-kXY13TZcdXe33uscNQl3Yuq3O49c-8i9M8JqqVxCAu8nDGdWNgC4wprMNJ5411jgA5UHOvroFeTcfZvSGDqo8J2XiBafYUjEJLLQPmuDKOj2kp6Tb8m2nxBNB79GgfCHg9_Ne1P5jS2kXRw4FBm6bNM_3grlHIKeeB9V9pFVFjKr1YKLFUqg6gExiOOldecimrGyzDDbL7hkPQ%26sai%3DAMfl-YTHHbbY8d3787PPmONcqwCx8S0A8uVl6kV3_uxSjLqAEOJokqLx5uaeJVPxbz-S_Y5v549WewrfRrRMzS4TIg1cOIlM9ovBhWpSXgUmoh59spJaUZexU-SqUyL_thj-ItGXvpl6gHNKoJb5tB-jJE5C-Kp7HUu4k7lSPtw_sRPt2Rxd4C9bWISZJIujMAj-gpO1HbkeApO3Wn0Q6VDLtofxpCQIhe7RPt_in7WDKKnTQPWLj1YdJtiTvwo7wDu1xkwztWrtoOaMepTo-j2RyqjQ8vIst-t2daJACuYXQ2NYhFP-jm44-HChGtA4e_M936gjvIulEAN29Q%26sig%3DCg0ArKJSzDOhPkvVD93FEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccb0188958b243490ad0cedf7e2749170adb8701f14cf76b3d4ddc47f3530c0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
u2Oz77k7KhF7Phl+RCUVZg==
age
1146470
cf-polished
origSize=216622
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 10 Mar 2023 20:45:51 GMT
server
cloudflare
etag
W/"0x8DB21A86FCCC689"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c29168d8-f01e-0049-0f50-229738000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8343a562882b5607-SIN
animated-creative.0d17da23618f24b974cb.js
c.bannerflow.net/scripts/ Frame 36E5 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531450d843eb9eeda76b698?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstGrauT7dMAglKEtBjxi5rVttPdbIlmd0dERxepa-Kywol77x7VQX-2g6ySI7LP-TIxWfmKC27cHjYfZAx0LRB8CC7qpMoeNgSAgOljP2SBgQANj2x7m5tszjexVR0jslfZG5T1vjrYRTBwQA9OomU7O4BhLr1KjkHQ-bSrAPjGHNPQEFCSkgnIdHZH0dj0wtQJ5pAQ0srckS0IndyzJzy3EI2_cDpG4IF6ll9stynHq3PsIFSumLlmxTlvrk6WXcZAX1OqX-8tb7YcikdaEcX2TmrwV1RnHpHcU1SqhtqdZNW0_ss1BdhIh0q_eg22vOgIxk5Dl0YU3HhZkybd8uzL6k-huCSn_iJSYqU9s80bf3VIPbjeih7VSp08_W87uNovvez0Z32BR-gZpJpKYt_qdA5gd2IqYa6YA6iNbrklGXL2uWKS42ZqUfoUn4OUhjbBgjzD8usWSh4Z_nGt2yCJ5Z7YLm6e79eQdH_2NL7Aj4GMzW8Pzsi7WMfvItMSL1evNvqQWGzt4LDN9upDBDTD79_4hNtgySvN2iTD2ZrqgVOYNjtc5L65m-e-kwiSSTlLUtO7fE1UWJp_FqkYuktucsGj_F6izeFvWpIB40XSKuChX3dfVqE-CZ7cMdOG2inq2YDOU1JP34SJXCc5Hnj7hhrnH_nE5LIj_78dBIeGVX6bejblgQ3JfvCgRGfvMr27t9GHcWSUOhB16t6agdrnbj7_JeumvT2ma92gTuWJJKkGqHTiFhXgqolsBGtH9yTIjTzRN0FDOuoFhZevT05ASbO9phWSuh42UXyOsGM7Ptw8YvrhdacIsBoPgLXGImaD2cFkMA_6MFfX_K8bndt0zOO5lD3KJ1Lr-P6sJQNl3USbHzTSUmSudx9DXKuwU4R-V1u8jZ97yOsyyIGzW55XcuW1f9Ugj5D4u_Of75NWl-QyE-w0heh5nNdUkht4gGp9jhQ9buPkd8gaFLzHkH9M57kSGW5kDZi1XnzDlOJj2Vz3Ktf4v4ISPgztUuUc34PIo32w-_50mllLTIBfGuy3qrmctKuxTaeRqAcjH69XgY5HXYshZnc1w4More0ylj8IwNPhG9bKKMK-G0zeknI11xWIu486WlBNbfN0Ef9F_NeFAktTsZtvOpFlD_IcvIPEkyxjUcWRY5OxYi1JpEbVEZPfHAcxx4Cf6IhgquuT9rtjYViQmojSbXQ1240jNO6LjgYW9WQ9KHX61M73ayRTh5UwPyd4Y_a7SlXoQ-YCuBWri6a6247-_93hO3PgRIYmp7o0aChkzSc_5nIqKeC_7OdMsudIQbdfeOZWUR8wZN4muVfRTIxgEw5liPe-kXY13TZcdXe33uscNQl3Yuq3O49c-8i9M8JqqVxCAu8nDGdWNgC4wprMNJ5411jgA5UHOvroFeTcfZvSGDqo8J2XiBafYUjEJLLQPmuDKOj2kp6Tb8m2nxBNB79GgfCHg9_Ne1P5jS2kXRw4FBm6bNM_3grlHIKeeB9V9pFVFjKr1YKLFUqg6gExiOOldecimrGyzDDbL7hkPQ%26sai%3DAMfl-YTHHbbY8d3787PPmONcqwCx8S0A8uVl6kV3_uxSjLqAEOJokqLx5uaeJVPxbz-S_Y5v549WewrfRrRMzS4TIg1cOIlM9ovBhWpSXgUmoh59spJaUZexU-SqUyL_thj-ItGXvpl6gHNKoJb5tB-jJE5C-Kp7HUu4k7lSPtw_sRPt2Rxd4C9bWISZJIujMAj-gpO1HbkeApO3Wn0Q6VDLtofxpCQIhe7RPt_in7WDKKnTQPWLj1YdJtiTvwo7wDu1xkwztWrtoOaMepTo-j2RyqjQ8vIst-t2daJACuYXQ2NYhFP-jm44-HChGtA4e_M936gjvIulEAN29Q%26sig%3DCg0ArKJSzDOhPkvVD93FEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:47 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Gq90Z8yQaZwoZjD0SNt4Ow==
age
2178194
cf-polished
origSize=159436
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4EBD802"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
652f1fd5-401e-0001-0bee-188a0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
8343a562882c5607-SIN
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=2892844258581353&bg=!09Cl0J_NAAY3kmNgF5I7ADQBe5WfOCre_YCChtsNNxwf1Iwj7V4oF2mkWsLsETGf0buCyFiay0MN1-pzcmi2ITfT8p66AgAAAF9SAAAABGgBB5kC45UryE75nyvkL20dd5Nz2ogvLFTAVufe7J7Gfiz5GhVopuL61JbTxLW7S5Os0hJdKecVzYeZIm3JIx4ccTzd3ceW8N5NnkexK8lcsUvShHkWu15Otzyk8_bZY68FlYa6ToESXPR_iRlTPdTvX9TthwgZhHT9-ogYYc_Fb7qg1IrLI1uKvFLcNo9Wk_r61EXnPHiyNHpcatKyW_xftBfTyE12D2QcwoC0qI8nFJBCx4Zj64feoaLMbiZtv_HiopH83tlwYxLiZ-2ay7d5FsHBCVtgUSvRAaMMP4NEvW0nUNIK9xL3jUydiLT95FEUj5Ldo9KubrsYLQ__SoqHxHisZmfiFIQPf5XO0K68skPyO3t7IoFI28m3ZgyxEb2b4k4IhAxXZemCkh2guz1E255nUTI6f8D9Zzy2Ttw0u7c0N_WUuFqPDMN5JTfzkG4rvck94teUmXlcbpDGQTgSYU93qGOPEIOosrONcnULS84875lnD5VoagaGn71bPly1VgOserH9mrH0z0xukcDPkj28nzB_qNrCOq4TOG3Gd56L3bQ8O04Wl8TJsqv-n2nRzStr3BUit9J4UBh8kmoUAvJPKAq_317R-r3KLd7hxayPcIdqpDejZivT0k9f_g1S8Rf52fURV9JZgXCo--bdW1b0C-_6CUDRaEuFySpXSd_2YAJIzfeb0B_nokprvnShss4qk8ZY4AzVLW6xOjrMyyBNVrAOzsL7pB3SKGyfZ-7fz6kFQeTnBZq882LjiaLzJ9ufmfB6UNPoukXn-WC0K4KTw3ZdgLy7aQjEY2iZwr68EFvvLPKTqDF6GCIzPVnun9J8BESDYOfZg2FZpwI9t-_F2qSu4qz2sN4btQ4K5mnXkqKWgSAXGLqdsB3qhPxz8t5Hb5-SFb9eF71hlAG0U1pP2diUjh84C7DtCec2wakv2_-a8YznyP4Pb3qW8p5h70I4uRtj5AszxjW0btbyhgs0WiVZoOM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
truncated
/ Frame 9F30 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/webp
ccbed7aa-1375-495d-af40-d5aed96f80cd
https://s0.2mdn.net/ Frame ECA0 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/ccbed7aa-1375-495d-af40-d5aed96f80cd
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 9F30 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20-.02ABFSTabcdefghiklmnoprstuvwxy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17144318359328784384/SG_Futures_PRSP-1-Singapore-300x250-638333201597143815-c28aeb91-e81b-4494-b1c6-8edbe1aed4db.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e36b00b21cc4eb1371844238bc3dd243f2a04894f8407a155f6b14dc153b0490

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:01:40 GMT
server
cloudflare
age
625268
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
8343a5686b384b80-SIN
expires
Wed, 04 Dec 2024 00:01:40 GMT
truncated
/ Frame 36E5 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/webp
71229aeb-c93e-4bbf-8826-65e8f119a6cc
https://s0.2mdn.net/ Frame F231 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/71229aeb-c93e-4bbf-8826-65e8f119a6cc
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
668
Content-Type
prtct.php
stg.truvidplayer.com/v5.832/ Frame 4387 		0
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.832/prtct.php?val=c&geo=SG&timestamp=1702359768&level=1
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-31.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 05:42:47 GMT
server
nginx
via
1.1 4131ec989d99fd1d462624964e79e8a2.cloudfront.net (CloudFront)
x-amz-cf-id
ZSMZeT9kk9Bvsd3q0upQT9pzcchIONfoG5BE3XnaAPWmXJFJYZiVDg==
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128901
x-xss-protection
0
expires
Tue, 12 Dec 2023 05:42:48 GMT
pixel.gif
p.trvdp.com/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1l9ptjasOkqKH9jSPC4MTKpF5ORMjhTGXjjqFYOcW8Cd77qN6AVMa072mffFlMmQdlHR5c1s7McAlUG3p3J0BnstsqHlStEMl4nDjt9bUpyD4yv7ZwpAYeC2qLawbizi7WsLvuOQHnwkm+8IjnjDGXpXIkGSIPmqogmBD3kErXaVdsKyxMcBAwV/1VP+m9mVD6nELsHX6hBJif7dUdTISVuVvN1PuDFdoyZT5OMUEpqwUD7HWbFMHAMqfWdCXeS5sg=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
server
nginx/1.6.2
font
c.bannerflow.net/fs/api/v2/ Frame 36E5 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20-.GOSTabcdefghiklmnoprstuvwxy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14948768259145465856/options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2dacbb7aa5dbc0d2d60126f649de0a910356072a4e1a0b95fbe54495c6f358

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:59 GMT
server
cloudflare
age
625309
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
8343a5686b394b80-SIN
expires
Wed, 04 Dec 2024 00:00:59 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702359760071&gcd=11l1l1l1l1&dma=0&cid=889905670.1702359761&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702359760&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F2EXk56&dt=Bitcoin%20Exchange%20%7C%20Cryptocurrency%20Exchange%20%7C%20Binance&_s=2&tfd=9496
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/2EXk56
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 36E5 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%0A%20-OTacdehilmnoprstuwy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14948768259145465856/options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cfc1244156b0f38f72bc161168afe067ef7d553bff6eaa10c54eed2f677b49b

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:00 GMT
server
cloudflare
age
625368
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
8343a5698bfa4b80-SIN
expires
Wed, 04 Dec 2024 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 9F30 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20Fdeimnortu
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17144318359328784384/SG_Futures_PRSP-1-Singapore-300x250-638333201597143815-c28aeb91-e81b-4494-b1c6-8edbe1aed4db.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5342b55777589d3586d978c85c78a21415a11cb8375a1c41ab43450b54cb4376

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:01:41 GMT
server
cloudflare
age
625267
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
8343a569ac0a4b80-SIN
expires
Wed, 04 Dec 2024 00:01:41 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 36E5 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F48143311-bbb8-4b5b-aab6-8b95e2d0fe50.woff&t=%20-abdegiklmnoprstu
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14948768259145465856/options_mockup_171222-3-Global-300x250-638333246017240048-3be13126-ccdb-47ef-ba8a-6ff553210af2.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3544d047edf9692494611d15ecbc3b3b89544605f81f7cfb7ff8e15175706c9

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:00:02 GMT
server
cloudflare
age
625366
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=48143311-bbb8-4b5b-aab6-8b95e2d0fe50-subset.woff
cf-ray
8343a56a7cb64b80-SIN
expires
Wed, 04 Dec 2024 00:00:02 GMT
usync.html
eus.rubiconproject.com/ Frame E866
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.222.66 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 05:42:49 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 05:42:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server
AkamaiGHost
auto-user-sync
ads.stickyadstv.com/ 		43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.99.122.53 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:50 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1702359770175016-45
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=32ee2d3f6657ae91643d7913161c2896&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=32ee2d3f6657ae91643d7913161c2896&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XGE0FHGVNQFVYP42854J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=32ee2d3f6657ae91643d7913161c2896&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702359770148033-45
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
bridge3.608.2_en.html
imasdk.googleapis.com/js/core/ Frame 560D 		750 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/2EXk56
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
2406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245949
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:02:42 GMT
expires
Wed, 11 Dec 2024 05:02:42 GMT
last-modified
Thu, 07 Dec 2023 18:27:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 05:42:48 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8BCA 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:47:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 12 Dec 2023 05:47:27 GMT
v.php
stg.truvidplayer.com/v5.832/ 		190 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.832/v.php?st=Oxv6p8B17AqVv0wzZh-85w&e=1702446165&ver=5.832&adid=12e40964972c8744c587280b70699b5f599cb178&videoUrl=https://vid1250.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=https%253A%252F%252Freurl.cc%252F2EXk56&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=reurl.cc&wid=7942&suid=1250&env_browser=Chrome%20120.0.6099
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-31.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
cef88ff8abadf0b41bb159bac3473dd11e870f25583e78aa6ec180f8076c6d7c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
gzip
via
1.1 4131ec989d99fd1d462624964e79e8a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
b3FGFt0bYTbcxz2DfAaupmImFaMQ8mcz5z8fpbw1ldJHatQ5iTCl1A==
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1lEBuCk5Yye2F2RcUPNfzydF5ORMjhTGXjjqFYOcW8Cd77qN6AVMa072mffFlMmQdlHR5c1s7McAlUG3p3J0BnstsqHlStEMl4nDjt9bUpyD0jotVgY37AkQlqT4THHqgbd2+mANshl7CejErH0V/I5wG5M/fDwYGSq4ssup0Y8TH0wcoXjOpdJe1AvFvpo2FE/OdRTAcGpdRMvTzNcDOfTA8fX5nWOZw8Xo53Xfao6xDmT81iVHua2bwCEeCPbNWIMDqi1XhYt8qzxvmWzUl12&cb=58874029
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
server
nginx/1.6.2
optimize
c.bannerflow.net/io/api/image/ Frame B0DD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=135&h=195&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091be78648540ebe17e28bb24f6fbd0c86ee72f0981a34a1a5bfacd661adaca9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 12:34:08 GMT
api-supported-versions
2.0
server
cloudflare
age
61720
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8343a56af86a5607-SIN
content-length
1692
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame B0DD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fd3bc406b-e9da-4faa-b2a9-03d21dd7d364.png&w=80&h=33&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06a2c413eeb1521830517cbe79c147db78403d03cf2abdad8b60e7ab4741d10

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 12:27:43 GMT
api-supported-versions
2.0
server
cloudflare
age
62105
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8343a56b188c5607-SIN
content-length
1694
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
301871cb-4ee2-47fb-a505-d8a1e2677930.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame B0DD 		152 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/301871cb-4ee2-47fb-a505-d8a1e2677930.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lx/tqoPhxe1djqV9/qEdwQ==
age
5346
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 13:23:17 GMT
server
cloudflare
etag
W/"0x8DAA08B70B1F9D9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
30d85fd4-301e-0069-13f6-14ec9f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56b188f5607-SIN
optimize
c.bannerflow.net/io/api/image/ Frame B0DD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F5b0e3f4e-bb2a-44a2-80a2-d4ec416b57e9.png&w=398&h=297&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
342981db2158e1167f3c2b5de10802b0679db161f68b152fe5a469ec15669ce8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 12:56:24 GMT
api-supported-versions
2.0
server
cloudflare
age
60384
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8343a56b18915607-SIN
content-length
14230
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
021777fe-341b-416a-97a2-eb2576dc6474.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		205 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
zS+vYkrSP7hxgCQn7kIbEQ==
age
4309
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 10:04:50 GMT
server
cloudflare
etag
W/"0x8DADCF178F32AE4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09d66e60-401e-0063-55e6-144828000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bb9545607-SIN
optimize
c.bannerflow.net/io/api/image/ Frame DA82 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fcad25be2-0f1b-4cfd-9b2d-00523148e077.png&w=612&h=565&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa3060f84bf87410eb675aee2691dc61267f9fc09306e21f485e42126393abc0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:48 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 14:02:33 GMT
api-supported-versions
2.0
server
cloudflare
age
56415
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
8343a56bb9565607-SIN
content-length
33334
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		217 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
6428
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c31eabd3-201e-0028-3742-17b47b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bb9575607-SIN
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		361 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
5843
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
71dafb90-e01e-0027-0c16-15c217000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bd9735607-SIN
56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4OwxmLD3WpKVbCNL8a+B+w==
age
1484
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 10:19:31 GMT
server
cloudflare
etag
W/"0x8DADCF38623156A"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
232fddb8-801e-000e-20dd-11fc63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bf9865607-SIN
5f0cc027-74c7-49d1-9005-00c789919828.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		158 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/5f0cc027-74c7-49d1-9005-00c789919828.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d37d5154f46e118abb3adead8557c6094198e959b823fdd29aa224aa90ab87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
dnEdZ6svKhXcW8lZfJOunQ==
age
7126
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 08:22:57 GMT
server
cloudflare
etag
W/"0x8DADDAC67FF25A8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8e2be7d3-e01e-0008-2d7e-1ccfdc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bf98a5607-SIN
80fc0aab-e7e6-4d72-b960-441a4375ea21.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		193 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/80fc0aab-e7e6-4d72-b960-441a4375ea21.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096b029c8f65acc4691e0f6c4c6d1d3a049e3dab8754d2c2444a1e9612c8ff6b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3+uFcu57O0ahuU2l4f2hSA==
age
215
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 08:29:47 GMT
server
cloudflare
etag
W/"0x8DADDAD5C1FCC00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
60b9ed8e-601e-004b-1355-132980000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bf98c5607-SIN
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame DA82 		151 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
809
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
46c5d169-c01e-0042-5ae6-146c53000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
8343a56bf98d5607-SIN
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame E38E 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.111.249 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
161
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43896c32-701e-0069-6081-162b4e000000
x-ms-version
2014-02-14
cf-ray
8343a5739d7d2e74-SIN
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame E85C 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.111.249 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:50 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
161
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43896c32-701e-0069-6081-162b4e000000
x-ms-version
2014-02-14
cf-ray
8343a5739d802e74-SIN
/
c.bannerflow.net/tr/v2/pixel/ Frame 9F30 		0
114 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/653133b7843eb9eeda76b46a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsskKBnOYEizFFngVWR1jcy8vSEtq4D77G-uO_Xdb3EZya4gIqo89kZXsc7eKlgyI8x0e8OAJJGUdajCHuOiuInvTEJ5uDblEJn70Xo_icdAxqjV1UtqWwHAU-41slYzgJefemV8UO2CBbfLkNXmAzftqVRIY7DlbLpjB4TqPOV6y6wymLzHZ0RhjzUneRvJPfO6Th3AzhN5ZihMVtQkYsKkgvMRHg7yoAa-R30B09WYh4pD05mtONTt_k-6Y4RoInbF7tqfADhio1nhrui34D7SIBReAjqiWLoNiyDiwLmqpTBjicQmN_DEdYuNzISdFje2U9OOTe3SZc0Y-YdCXkWs-b19tz5weUSpV0-ThlON_cCZFAGT5WoDufhX9KP8Q0Hmj_DHkGKXYBRM9SAQ5NdRplMhtaiob01b0NHqNJ3fI1d_NXs6z00cnn2ShBR5h7JaY9K8KojVES3K8oSWvaZJKgeMI9FjHHRHLqE-nwU365Q1lwD2om_15t4pyHwV3yrJeyi7SdAXnPeaPRKrB-KlJ6DPi-yLppnmscpwwrkGc6LvU88fkY4wzxMKKlABmELEfApXF4hA0G_8pS_SJrdNgg-_uU3f5UlyC_41zhML5krm7p-siJMtK-J7zory3W0B6MM_SBUp7PXkrq7eLCd7sPaGtVGj1cQl3EAz5S4CsgIwJoPV2sTI6WBKSF7ZqJ-8xKZMdeKf_jBLqG0wkTKN_Qi3yZGsj87HKDkOayq1xxAUUHoCAu3rmX4ZUJ-nwwZx1Wul8dHU0aWLzYbhs-NgqoSgAv-A3XbJHmGlWtQPV3QR40szgDM0akJ4z_2p1dFIXBCfI5MxlGY4zAXjtZ-EzdIvNJVMCOzFE8tCc4AGTk0ETlMnKPPlbAGZiDMGE0JMAiFY9HTTgozVBK0fn1bydywzVMXWyDNxfJzkb3Kbq_7q1YAKx0gnXuBx0ebPm21IQPHkE3HOGyMid1CuzHhoQV7LhcC4NrtXs2FVOviebjt_aMMVoWqKqxurt1AVN1lSN4R1VOazR2G3v5PaWmH8tH6UoiFdHPOtfL2pj4OOKtBX6L4CfszE28pNBe_bMI8KG6uokrD3LjbBwdoE26TGXQWDciUhjV3fl2bWXVcsMEOxgTHYAOh6nbG175U73DcnwWxvtwkvlQ0cUjAAjf-O6pJwmDHG3_wo5IGdTAwkc7f2CDghTfiA6JQOEiJ5x7RuToLr8Sh3bS601XVoo_kuoQ6ovTiACvavKAgQjjEWnssCcvh29umq1irzTf1UtMeYF1iL1mMpQfYra_OMQeReE06G8sdddOv3ffZgAUfhLkD66gfS2L-IXxAjJYNKDOEBr42xHfHKnqN7i0Kaw7Cvwnpi1gIf4Fma0G1YP61QSy9H3zvdBBxRrOBjvl1aiS7ZVuQS_5tLgriE2oPSLi7tsFkFXzO__eDlHW-SaU3U4970dl5LzKNCb8VVvO9Ncwe9ddZ71O-XkbgSpasLzuXPG3iOCS3oONoWl5X3XThtyqsWSdrDboE6AGausRh4KL18XSUFkDat7Q%26sai%3DAMfl-YQjZBlQRtVp9G5ovbLXC9s6kMI8jLCZJKog6zR1AVzmGQwX3dCziynR9WX0C3sNSr1JmBGIO_T7Corkz6bwRsCD-wAuTvjZiAoG03EpFywpIEMmNHfDPLP2MpQW1ioEyGBUtghTwINkVHmOdbWw2ZuOZjS5cfw9vKo7buvaO-XrGDhs9FXbRcTiYPtgoGyHLX4gx6S7QyL3drUcYsRLbsawyTr7nXphMowaGOsfYEI6DRq4n9A0THteioJGsI92FAZYI9OVSGni3FxUDGWPDHGJUVWUZ50azGa6cYFu9VLH1hnCZE4iqw3l1WEIGeLf6BiQEDJabd8u4A%26sig%3DCg0ArKJSzESz8P3jWGtjEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Ffutures%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 05:42:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8343a56c6a205607-SIN
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 55CC 		223 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:49 GMT
cf-cache-status
HIT
content-md5
OANvOI3cI64FXm+zesS0rg==
age
3444
x-ms-server-encrypted
true
Content-Range
bytes 0-468722/468723
Content-Length
468723
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Thu, 11 Nov 2021 16:17:53 GMT
last-modified
Thu, 11 Nov 2021 16:17:53 GMT
server
cloudflare
etag
"0x8D9A52ED0CBE254"
vary
Accept-Encoding
content-type
video/webm
access-control-allow-origin
*
x-ms-request-id
69b70887-701e-0038-527c-22e597000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2020-06-12
cf-ray
8343a56cfa845607-SIN
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mCkOE5BnAs42POGAyW6MitTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YG23K/bBcrK0Sx7fxwrxMYwWkv9dLqfckNS24XYsUW3/bCssTHAQMFf9VT/pvZlQ+AOouGsM95za/c6mIaF/Mo8UQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9groR7DxHNthtHOev6mBy+mA==&cb=96634631
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:49 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mCkOE5BnAs42POGAyW6MitTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YG23K/bBcrK0Sx7fxwrxMYwWkv9dLqfckNS24XYsUW38Xcdk6y0N82/UdCjNBh5fF1cAseAzVY0N2nSRaRaVYvMUQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9groR7DxHNthtHOev6mBy+mA==&cb=36671055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:49 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVBTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359769199&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td10_tt0_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 55CC 		10 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f57b3c13de0c5a9e47a94346f8462bcbbbfa297d8ce3050a6dea2fe9c2108b4

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=458752-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:49 GMT
cf-cache-status
HIT
content-md5
OANvOI3cI64FXm+zesS0rg==
age
3444
x-ms-server-encrypted
true
Content-Range
bytes 458752-468722/468723
Content-Length
9971
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Thu, 11 Nov 2021 16:17:53 GMT
last-modified
Thu, 11 Nov 2021 16:17:53 GMT
server
cloudflare
etag
"0x8D9A52ED0CBE254"
vary
Accept-Encoding
content-type
video/webm
access-control-allow-origin
*
x-ms-request-id
69b70887-701e-0038-527c-22e597000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2020-06-12
cf-ray
8343a5718e185607-SIN
usync.js
eus.rubiconproject.com/ Frame E866 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.222.66 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8f4ec11203b2d4ad097a98cae744d31e6310c9c2869a245dace4ca4c6426265d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 05:42:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 13:58:11 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29704
Connection
keep-alive
Content-Length
13231
Expires
Tue, 12 Dec 2023 13:57:53 GMT
MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 55CC 		266 KB
266 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/MENA_AOT_4-0_Options_1080x1080_15s_WebM-58f668a39f8d4495ac0162cef00b5e91.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7673f8105c3ed374be18f1aa2f32ea33d8818f1ba86bda9cc36f5aa7c74883

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=196608-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 05:42:49 GMT
cf-cache-status
HIT
content-md5
OANvOI3cI64FXm+zesS0rg==
age
3444
x-ms-server-encrypted
true
Content-Range
bytes 196608-468722/468723
Content-Length
272115
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Thu, 11 Nov 2021 16:17:53 GMT
last-modified
Thu, 11 Nov 2021 16:17:53 GMT
server
cloudflare
etag
"0x8D9A52ED0CBE254"
vary
Accept-Encoding
content-type
video/webm
access-control-allow-origin
*
x-ms-request-id
69b70887-701e-0038-527c-22e597000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2020-06-12
cf-ray
8343a5726ef55607-SIN
khaos.json
token.rubiconproject.com/ Frame E866 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
/
c.bannerflow.net/tr/v2/pixel/ Frame 36E5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531450d843eb9eeda76b698?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstGrauT7dMAglKEtBjxi5rVttPdbIlmd0dERxepa-Kywol77x7VQX-2g6ySI7LP-TIxWfmKC27cHjYfZAx0LRB8CC7qpMoeNgSAgOljP2SBgQANj2x7m5tszjexVR0jslfZG5T1vjrYRTBwQA9OomU7O4BhLr1KjkHQ-bSrAPjGHNPQEFCSkgnIdHZH0dj0wtQJ5pAQ0srckS0IndyzJzy3EI2_cDpG4IF6ll9stynHq3PsIFSumLlmxTlvrk6WXcZAX1OqX-8tb7YcikdaEcX2TmrwV1RnHpHcU1SqhtqdZNW0_ss1BdhIh0q_eg22vOgIxk5Dl0YU3HhZkybd8uzL6k-huCSn_iJSYqU9s80bf3VIPbjeih7VSp08_W87uNovvez0Z32BR-gZpJpKYt_qdA5gd2IqYa6YA6iNbrklGXL2uWKS42ZqUfoUn4OUhjbBgjzD8usWSh4Z_nGt2yCJ5Z7YLm6e79eQdH_2NL7Aj4GMzW8Pzsi7WMfvItMSL1evNvqQWGzt4LDN9upDBDTD79_4hNtgySvN2iTD2ZrqgVOYNjtc5L65m-e-kwiSSTlLUtO7fE1UWJp_FqkYuktucsGj_F6izeFvWpIB40XSKuChX3dfVqE-CZ7cMdOG2inq2YDOU1JP34SJXCc5Hnj7hhrnH_nE5LIj_78dBIeGVX6bejblgQ3JfvCgRGfvMr27t9GHcWSUOhB16t6agdrnbj7_JeumvT2ma92gTuWJJKkGqHTiFhXgqolsBGtH9yTIjTzRN0FDOuoFhZevT05ASbO9phWSuh42UXyOsGM7Ptw8YvrhdacIsBoPgLXGImaD2cFkMA_6MFfX_K8bndt0zOO5lD3KJ1Lr-P6sJQNl3USbHzTSUmSudx9DXKuwU4R-V1u8jZ97yOsyyIGzW55XcuW1f9Ugj5D4u_Of75NWl-QyE-w0heh5nNdUkht4gGp9jhQ9buPkd8gaFLzHkH9M57kSGW5kDZi1XnzDlOJj2Vz3Ktf4v4ISPgztUuUc34PIo32w-_50mllLTIBfGuy3qrmctKuxTaeRqAcjH69XgY5HXYshZnc1w4More0ylj8IwNPhG9bKKMK-G0zeknI11xWIu486WlBNbfN0Ef9F_NeFAktTsZtvOpFlD_IcvIPEkyxjUcWRY5OxYi1JpEbVEZPfHAcxx4Cf6IhgquuT9rtjYViQmojSbXQ1240jNO6LjgYW9WQ9KHX61M73ayRTh5UwPyd4Y_a7SlXoQ-YCuBWri6a6247-_93hO3PgRIYmp7o0aChkzSc_5nIqKeC_7OdMsudIQbdfeOZWUR8wZN4muVfRTIxgEw5liPe-kXY13TZcdXe33uscNQl3Yuq3O49c-8i9M8JqqVxCAu8nDGdWNgC4wprMNJ5411jgA5UHOvroFeTcfZvSGDqo8J2XiBafYUjEJLLQPmuDKOj2kp6Tb8m2nxBNB79GgfCHg9_Ne1P5jS2kXRw4FBm6bNM_3grlHIKeeB9V9pFVFjKr1YKLFUqg6gExiOOldecimrGyzDDbL7hkPQ%26sai%3DAMfl-YTHHbbY8d3787PPmONcqwCx8S0A8uVl6kV3_uxSjLqAEOJokqLx5uaeJVPxbz-S_Y5v549WewrfRrRMzS4TIg1cOIlM9ovBhWpSXgUmoh59spJaUZexU-SqUyL_thj-ItGXvpl6gHNKoJb5tB-jJE5C-Kp7HUu4k7lSPtw_sRPt2Rxd4C9bWISZJIujMAj-gpO1HbkeApO3Wn0Q6VDLtofxpCQIhe7RPt_in7WDKKnTQPWLj1YdJtiTvwo7wDu1xkwztWrtoOaMepTo-j2RyqjQ8vIst-t2daJACuYXQ2NYhFP-jm44-HChGtA4e_M936gjvIulEAN29Q%26sig%3DCg0ArKJSzDOhPkvVD93FEAE%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D%255Brm_exit_id%255D%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 05:42:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8343a575396a5607-SIN
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
csi
csi.gstatic.com/ Frame 560D 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lq1x1wi8&c=2154691846134&slotId=1077345923067&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnF/4EfUv+ObssSILJImrMDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ymlz2jTlR2xCNKBKR4Ih2fnIX1dszhM1tc8eywCrkwIlW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=37811542
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:50 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnF/4EfUv+ObssSILJImrMDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ymlz2jTlR2xCNKBKR4Ih2fnIX1dszhM1tc8eywCrkwIneTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=13014242
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:50 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEGATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359770500&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td11_tt1_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 560D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lq1x1xmh&c=2154691846134&slotId=1077345923067&ghmsh_eids=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.php
stg.truvidplayer.com/ Frame E866
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LQ1X1XTY-1I-AT2K
  • https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LQ1X1XTY-1I-AT2K
0
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LQ1X1XTY-1I-AT2K
Protocol
H2
Server
13.226.120.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-31.hkg62.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
content-encoding
gzip
via
1.1 4131ec989d99fd1d462624964e79e8a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HKG62-C1
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
CEnAn7rbOLlvusYtZ3dEhMy3u_vlVIiKeHY7ovZdPlqC5Oa87M3M4w==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LQ1X1XTY-1I-AT2K
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mp4tvMa4BrXLT4wqO1yzRYTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yl3RHw6AIohwjsKG2UnLj027w+gRSTDk1BIN+GsF0ooRL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=85102408
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mp4tvMa4BrXLT4wqO1yzRYTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yl3RHw6AIohwjsKG2UnLj027w+gRSTDk1BIN+GsF0ooRogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=47352381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVEATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359770928&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td12_tt2_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E866
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&gdpr=0&gdpr_consent=&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a9d50d33-a8eb-4d2d-85e8-11fc2871945c&gdpr=0&gdpr_consent=&expires=30
date
Tue, 12 Dec 2023 05:42:51 GMT
server
Kestrel
content-length
289
setuid
px.ads.linkedin.com/ Frame E866
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1X1XTY-1I-AT2K
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1X1XTY-1I-AT2K
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4FDB0DA82A7846C4A28E55F7FC375BAF Ref B: SG1EDGE0320 Ref C: 2023-12-12T05:42:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMSYV9TVBDU2MSCFF/Tg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ1X1XTY-1I-AT2K
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E866
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFExWDFYVFktMUktQVQySw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBzKVGP0H5HkiZPaGdibPAw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWDFYVFktMUktQVQySw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWDFYVFktMUktQVQySw==&google_push=
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFExWDFYVFktMUktQVQySw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
ecm3
s.amazon-adsystem.com/ Frame E866
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V43zX9n0SZCu-3g0QGidjw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V43zX9n0SZCu-3g0QGidjw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V43zX9n0SZCu-3g0QGidjw
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0DFK9V45DKGKQK03VEGB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V43zX9n0SZCu-3g0QGidjw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E866
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OvepsGhBT12m1WO55120Ag&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OvepsGhBT12m1WO55120Ag
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OvepsGhBT12m1WO55120Ag
Protocol
HTTP/1.1
Server
52.95.122.74 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z6PWZCEPA1JSE5VFJZWS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OvepsGhBT12m1WO55120Ag
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E866
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmZhZDNiZDFiYzM4ZmEzMGFmZTQwNjRhYTliOWRjMzgwYWNkYTU3NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmZhZDNiZDFiYzM4ZmEzMGFmZTQwNjRhYTliOWRjMzgwYWNkYTU3NA
Protocol
H3
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmZhZDNiZDFiYzM4ZmEzMGFmZTQwNjRhYTliOWRjMzgwYWNkYTU3NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E866
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMQpLOY1jn8RQPKI-QnP9h0&google_cver=1
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMQpLOY1jn8RQPKI-QnP9h0&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMQpLOY1jn8RQPKI-QnP9h0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame E866
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ1X1XTY-1I-AT2K&ex=d-rubiconproject.com&status=ok
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ1X1XTY-1I-AT2K&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 05:42:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FQFM8X02RMTMJ2SG89D9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ1X1XTY-1I-AT2K&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E866
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bzpRVaCbD0015Eb_Av-nTMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PP0cQhBE2oLcLWJ9bUsXmcQ38rMwb8h0uiEOoA--~A
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PP0cQhBE2oLcLWJ9bUsXmcQ38rMwb8h0uiEOoA--~A
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 05:42:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PP0cQhBE2oLcLWJ9bUsXmcQ38rMwb8h0uiEOoA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame E866
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB2rk7K7-YAABWK8Z2eoQ&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB2rk7K7-YAABWK8Z2eoQ&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB2rk7K7-YAABWK8Z2eoQ&expires=30
Date
Tue, 12 Dec 2023 05:42:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame E866
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1X1XTY-1I-AT2K
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1X1XTY-1I-AT2K
Protocol
H2
Server
103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:52 GMT
an-x-request-uuid
fc546051-8a32-41ea-ae27-9b5e84accea5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.58.171; 116.86.58.171; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ1X1XTY-1I-AT2K
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame E866
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ1X1XTY-1I-AT2K
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQ1X1XTY-1I-AT2K
Protocol
H2
Server
131.153.206.101 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQ1X1XTY-1I-AT2K
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame E866
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ1X1XTY-1I-AT2K
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ1X1XTY-1I-AT2K
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ1X1XTY-1I-AT2K
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 12 Dec 2023 05:42:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ1X1XTY-1I-AT2K
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
capi.connatix.com/us/ Frame E866
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQ1X1XTY-1I-AT2K&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQ1X1XTY-1I-AT2K&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQ1X1XTY-1I-AT2K&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8343a586794d9e2f-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 05:42:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQ1X1XTY-1I-AT2K&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8343a584ae739e2f-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame E866
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1X1XTY-1I-AT2K
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1X1XTY-1I-AT2K
Protocol
H2
Server
52.77.135.86 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ1X1XTY-1I-AT2K
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
cksync
hb.yahoo.net/ Frame E866
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ1X1XTY-1I-AT2K&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ1X1XTY-1I-AT2K&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ0VLZlZORTJ1SFFweE1WRXNTT2ZyeGxvQ0NWSVVOcn5B&ovsid=LQ1X1XTY-1I-AT2K&dpid=58160
53 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ0VLZlZORTJ1SFFweE1WRXNTT2ZyeGxvQ0NWSVVOcn5B&ovsid=LQ1X1XTY-1I-AT2K&dpid=58160
Protocol
H2
Server
23.46.16.190 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 05:42:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 05:42:53 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1vQ0VLZlZORTJ1SFFweE1WRXNTT2ZyeGxvQ0NWSVVOcn5B&ovsid=LQ1X1XTY-1I-AT2K&dpid=58160
date
Tue, 12 Dec 2023 05:42:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnMRIe3VN70k7SELUSvH9ZTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yd80bfjWYpPAvvrItqhAcvDPgudOT+4BGsLhmApIu7UJW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=02015850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnMRIe3VN70k7SELUSvH9ZTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yd80bfjWYpPAvvrItqhAcvDPgudOT+4BGsLhmApIu7ULeTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=86709657
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEBATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359771380&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td12_tt2_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mlCPzAD5eeR38lrrhdZ1PpzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YHdJub4MG93CgYK02WW9RlcrmYp9I5o+1PfViI91RdN7AzZkK5rVmXwF5tfuZVgpVc4dR8NTFGgwSGYL8pzC7sQPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ5alZelKiuiTcmcwQA04UZg==&cb=73912106
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mlCPzAD5eeR38lrrhdZ1PpzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YHdJub4MG93CgYK02WW9RlcrmYp9I5o+1PfViI91RdN59MHKF4zqXSXtQLxb6aNhReTFP+w1BH9yXSV5LQnQlDwPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ5alZelKiuiTcmcwQA04UZg==&cb=18396410
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:51 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359771655&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td13_tt3_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9m0sllZ0XlZoJ5cABoCKGCIjrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YUbgfRU35Ng3wx+2WnpLSy8Kn4BQmcpwjFal5oSqF7+pL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=91125459
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9m0sllZ0XlZoJ5cABoCKGCIjrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YUbgfRU35Ng3wx+2WnpLSy8Kn4BQmcpwjFal5oSqF7+pogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=04967940
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEIVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359772395&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td13_tt3_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mBpYyaHMi29T6ng+Z7I5qajrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yds6YRUHXdHu8tNCTgMEhQfcpECDG9HGLhqcdgwebs/rAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=72164382
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mBpYyaHMi29T6ng+Z7I5qajrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yds6YRUHXdHu8tNCTgMEhQfcpECDG9HGLhqcdgwebs/ogu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=00365275
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:52 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVIVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359772763&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td14_tt4_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9meRIysjCxClrl9ZONGu/wrzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YoYWFyjeO6PS4HkSTa5yzn6jRttyekxOVXoxh67YwmnNL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=33042638
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9meRIysjCxClrl9ZONGu/wrzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YoYWFyjeO6PS4HkSTa5yzn6jRttyekxOVXoxh67YwmnNogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=47464687
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEHVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359773166&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td14_tt4_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mRj7XPfkc1ghdeLcQsuvi3TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YjGzPIZWEiSbkhlEO8aS+wA/Rh5mcrPkDgChEB84JuKPAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=00480603
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mRj7XPfkc1ghdeLcQsuvi3TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YjGzPIZWEiSbkhlEO8aS+wA/Rh5mcrPkDgChEB84JuKMgu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=67738627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVHVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359773458&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td14_tt4_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mLppaNFkEEDDf6v1ISOgI0TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YF7o589atAvB+v/RJttytdvkkErIKNaBm86VJFBlEL95L6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=42859238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:54 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mLppaNFkEEDDf6v1ISOgI0TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YF7o589atAvB+v/RJttytdvkkErIKNaBm86VJFBlEL95ogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=46107935
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:54 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEGVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2157287391702839&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359773839&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td15_tt5_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mRTi2ZI+x6TougetXSEex+TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YeoolbLX/yX3bk1Vhhc4qyJc1LFbEhRyIwP5DaelTGLrAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=24249342
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:54 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mRTi2ZI+x6TougetXSEex+TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YeoolbLX/yX3bk1Vhhc4qyJc1LFbEhRyIwP5DaelTGLogu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=39240591
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:54 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVGVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359774578&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td16_tt6_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mG8X3ltxsZ7aUxtLMJ++tzTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YZR6fNdQpkfljEa+1ksWWQPeYUvSdKU0L/qZ9eZP8pthL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=36953318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mG8X3ltxsZ7aUxtLMJ++tzTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YZR6fNdQpkfljEa+1ksWWQPeYUvSdKU0L/qZ9eZP8pthogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=75611710
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVEFVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359774996&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td16_tt6_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mBqI5TSg/2aXGfFZkhW7O2jrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yh5VZvt+wVshYsnyX5pUTtfeYUvSdKU0L/qZ9eZP8pthL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=19582324
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mBqI5TSg/2aXGfFZkhW7O2jrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yh5VZvt+wVshYsnyX5pUTtfeYUvSdKU0L/qZ9eZP8pthogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=95115054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FEBFVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359775399&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td16_tt6_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mScEAhMb5/K9w0H5m/ck3hDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YI85dPd9WCCVa+Kla+HiY36is8TRVrJ/0fjVkt8OohPbAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=35402050
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mScEAhMb5/K9w0H5m/ck3hDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YI85dPd9WCCVa+Kla+HiY36is8TRVrJ/0fjVkt8OohPYgu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=24780152
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:55 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVFVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359775779&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td17_tt7_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mjs2eN7Joghqhsr+xMasSazrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ydu3tYjDzyzqJb6LIK7HpzFDlmaagbZIb7XjJkJkd5qBL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=52309405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mjs2eN7Joghqhsr+xMasSazrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ydu3tYjDzyzqJb6LIK7HpzFDlmaagbZIb7XjJkJkd5qBogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=14705373
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEEVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359776165&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td17_tt7_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIxuKaqJiJgwMV9kadCR1_EwVyEAAYACDvr-hgQhMI9PKyp5iJgwMV86asAh3ijQWD;dc_eps=AHas8cBxsFqsU9pWVhD3iHnEUro7PWscI_XqOZuDw8c8BrmgnI3b5jg_GXIsda5ItHhDxq0zhWR165FTuw;met=1;&timestamp=1702359776273;e...
ade.googlesyndication.com/ddm/activity/ Frame ACD2 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxuKaqJiJgwMV9kadCR1_EwVyEAAYACDvr-hgQhMI9PKyp5iJgwMV86asAh3ijQWD;dc_eps=AHas8cBxsFqsU9pWVhD3iHnEUro7PWscI_XqOZuDw8c8BrmgnI3b5jg_GXIsda5ItHhDxq0zhWR165FTuw;met=1;&timestamp=1702359776273;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgoSdqJiJgwMV6kadCR1KkAXKEAAYACCEk8BgQhMI9vKyp5iJgwMV86asAh3ijQWD;dc_eps=AHas8cC_j8aRKN-5JxiyGvkDEEmSanxRwACYsFAh6naN2p58FriYp1Lno3X-gcEl0kDhOSHRIKAYumQUkQ;met=1;&timestamp=1702359776293;e...
ade.googlesyndication.com/ddm/activity/ Frame 2824 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgoSdqJiJgwMV6kadCR1KkAXKEAAYACCEk8BgQhMI9vKyp5iJgwMV86asAh3ijQWD;dc_eps=AHas8cC_j8aRKN-5JxiyGvkDEEmSanxRwACYsFAh6naN2p58FriYp1Lno3X-gcEl0kDhOSHRIKAYumQUkQ;met=1;&timestamp=1702359776293;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mM3s4H+N/2GXKobcwBOu1xTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Y2OKtj3xWTjB0+11PeJf63q9B4+z4umEkUQvVDAdOiSvAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=35736619
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mM3s4H+N/2GXKobcwBOu1xTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Y2OKtj3xWTjB0+11PeJf63q9B4+z4umEkUQvVDAdOiSsgu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=31734020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVEVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359776496&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td17_tt7_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mmo6YidxAUPn231mFUGAtiDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YmE3UfLxijYfF5hVHLbnaC1euIGrcTEjJ9bqw1ouZVE5L6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=75768375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:57 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mmo6YidxAUPn231mFUGAtiDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YmE3UfLxijYfF5hVHLbnaC1euIGrcTEjJ9bqw1ouZVE5ogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=08034270
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:57 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEDVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359776963&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td18_tt8_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9m76BrEUouW0Nx8HUVZPf7hDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YQImduCrpgVq1H4f34D4C5hlO/sjWDE3+cZpMUj0C/wbAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=86191136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:57 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9m76BrEUouW0Nx8HUVZPf7hDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YQImduCrpgVq1H4f34D4C5hlO/sjWDE3+cZpMUj0C/wYgu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=49961816
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.192.234 -, , ASN (),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:57 GMT
server
nginx/1.6.2
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://reurl.cc/2EXk56
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 05:42:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVDVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359777307&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td18_tt8_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:42:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
0
pixel.gif
p.trvdp.com/ 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 560D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.trvdp.com
URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1mgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mPQrWVPA2pJqW4lVNCq537TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YTKLzCaxczitDETZjF4y1m0gyhTX+NeUmrs2YmqerxqlL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=78967259
Domain
p.trvdp.com
URL
https://p.trvdp.com/pixel.gif?e=70NTyDQnPiEPNNk4B/Ak3QNJi/5bpHIwj7HcL7VQy1msXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HQeovvefysjjIwkkZabqFOQiHAcZoL3D3B7VRJ8/+GW4x8/FPM2myApNo4LyNRoKmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mPQrWVPA2pJqW4lVNCq537TrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YTKLzCaxczitDETZjF4y1m0gyhTX+NeUmrs2Ymqerxqlogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=37273652
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&id=ima_html5&c=1434818759469915&domain=reurl.cc
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVECVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2769453809873383&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2F2EXk56&description_url=https%3A%2F%2Freurl.cc%2F2EXk56&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=8E798094-549C-4D35-AE4F-26F839199A80&a3p=EloKDWNyd2RjbnRybC5uZXQSQGUyM2ZmMjJkZWNlYzkxZjUwZGQxN2Y5ZGU1MDYxODVjYTAyY2VhOGIyNWI1NGU1NjcyYWExMWUzYjU5NTU0OWEY0Jiy5MUxSAASGwoMMzNhY3Jvc3MuY29tGNCLsuTFMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjPi7LkxTFIAFICCGQSFwoIcnRiaG91c2UYh5ay5MUxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVpGSXJObUZ1UVd4Uk1tbHhXSGNyZW1FME1uTk5aejA5SW4wPRi9l7LkxTFIAA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44803785%2C44804291%2C44804618&top=https%3A%2F%2Freurl.cc%2F2EXk56&loc=https%3A%2F%2Freurl.cc%2F2EXk56&dlt=1702359759292&idt=9785&dt=1702359777962&cookie=ID%3D207dff0c7d5c1bd7%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ&gpic=UID%3D00000caa73bfaf20%3AT%3D1702359762%3ART%3D1702359762%3AS%3DALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ&scor=2232603621069942&ged=ve4_td19_tt9_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData undefined| google_measure_js_timing number| google_unique_id object| regeneratorRuntime object| ox_esp object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| brWidgetInit object| truvid_protected object| GoogleGcLKhOms object| google_image_requests function| playerLog object| trv_players

37 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _ga
Value: GA1.2.889905670.1702359761
.reurl.cc/ Name: _gid
Value: GA1.2.1730347951.1702359761
.reurl.cc/ Name: _gat
Value: 1
.prnasia.com/ Name: __cf_bm
Value: O9zKC.6ZoMAiOxCw8iIPxW.856VTAWjDHlQNPEVTuBo-1702359761-1-Ad6AWwfAONPULh0XHdJZ4QnAJmBzb8WU/5usVxQ9v4Sxm//F3mK6kUrqHgBhfxwntmoenb+cyCvD4MoDHB719XY=
.reurl.cc/ Name: _fbp
Value: fb.1.1702359762334.1999135445
.reurl.cc/ Name: __gads
Value: ID=207dff0c7d5c1bd7:T=1702359762:RT=1702359762:S=ALNI_MZoxaO980eO_1PZMtNhK8qQtUySRQ
.reurl.cc/ Name: __gpi
Value: UID=00000caa73bfaf20:T=1702359762:RT=1702359762:S=ALNI_MbMATIRCYOcMn1NaOr5RiHrEMkTjQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlTuqQuXEjb1h1uq16j8OaVBHxzsUjN8OfYnEnKdFOKeyY3EVr8MvLn3XwJjNY
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1702359760.1.0.1702359763.57.0.0
.openx.net/ Name: i
Value: 751fba6a-7025-4368-aa5f-0fb36b8dac32|1702359763
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 574f0a2e67d2dbd97a3b8b14bc9ddb69
.reurl.cc/ Name: _cc_id
Value: 574f0a2e67d2dbd97a3b8b14bc9ddb69
.reurl.cc/ Name: panoramaId_expiry
Value: 1702964563941
.reurl.cc/ Name: panoramaId
Value: e23ff22decec91f50dd17f9de506185ca02cea8b25b54e5672aa11e3b595549a
.reurl.cc/ Name: panoramaIdType
Value: panoDevice
.criteo.com/ Name: uid
Value: 0a8abefa-6e4e-48c2-9fb2-e3bd52b04f0e
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.reurl.cc/ Name: cto_bundle
Value: THxXUl9vRWpLY0YyJTJGOXlOSXJENCUyQnZmWmJ1T2JXMDZrNnJkajlCV0lHYlFhb2pndmFCVzhvVkY0bEFYeDhoVDBKJTJCUHVCOE56Q29ud2R1Y3BqTDFRNHV2MUZZOWtEWDh0UEJBZGw0S1k2QWEwWml3TVJuaTl2cTRMcG02clJXUDNYdHNrVkx5bXpaUnRNbHFlQ0prblpFMHdlRkElM0QlM0Q
.doubleclick.net/ Name: APC
Value: AfxxVi7DouwUBAwxEp6QwZtkXLKsHBKwh6fFQfWYtqqzroYD7SZS7Q
.openx.net/ Name: pd
Value: v2|1702359764|jElYiuvOhI
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVIte#2A!]tbPl1M>e)ZlrFUfJ+tGXvWBX!QiHK%t<^>rylYKK*oDB!V-xaaSO1uO.`r3If)y3KL9D3I?+X5b#7P
.adnxs.com/ Name: uuid2
Value: 7491090743981668830
.casalemedia.com/ Name: CMPS
Value: 4692
.adsrvr.org/ Name: TDID
Value: a9d50d33-a8eb-4d2d-85e8-11fc2871945c
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiCwdzW_Le9PBAFOAE.
.casalemedia.com/ Name: CMID
Value: ZXfy1Ch6LZeFKR4Z7gV.-QAA
.casalemedia.com/ Name: CMPRO
Value: 4800
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyMzU5NzY0fQ
.openx.net/ Name: univ_id
Value: 537072971|a9d50d33-a8eb-4d2d-85e8-11fc2871945c|1702359765037791
.ladsp.com/ Name: smn_uid
Value: VVCBL6hEkHR5_33TykKSLRA-NbSqfKk
.ladsp.com/ Name: lum
Value: CPehsuTFMRIFCAMQ0AU
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.reurl.cc/ Name: truvid_protected
Value: {"val":"c","level":1,"geo":"SG","timestamp":1702359768}
stg.truvidplayer.com/ Name: truvid_protected_s
Value: %7B%22val%22%3A%22c%22%2C%22level%22%3A%221%22%2C%22geo%22%3A%22SG%22%2C%22timestamp%22%3A1702359768%7D

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
deprecation warning URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/NV8BoM1XChV.js?_nc_x=Ij3Wp8lg5Kz(Line 276)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ade.googlesyndication.com
ads.stickyadstv.com
analytics.google.com
anymind360.com
asset.re-news.tw
b32fbc683d02b377105de986710b33a3.safeframe.googlesyndication.com
bcp.crwdcntrl.net
blog.alphaloan.co
c.bannerflow.net
capi.connatix.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
csi.gstatic.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
external.fsin16-1.fna.fbcdn.net
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i0.wp.com
ib.adnxs.com
imasdk.googleapis.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
p.trvdp.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubads.g.doubleclick.net
px.ads.linkedin.com
reurl.cc
rt.ad-score.com
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
scontent.fsin16-1.fna.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
shared.bannerflow.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
p.trvdp.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
103.43.90.114
104.17.111.249
104.17.201.110
104.17.239.194
104.18.36.155
104.18.41.104
104.69.39.62
124.146.153.162
13.107.42.14
13.113.141.188
13.224.167.106
13.224.167.47
13.224.167.65
13.225.103.47
13.226.120.31
13.228.126.19
131.153.206.101
139.99.122.53
142.250.186.35
142.250.4.154
142.251.10.155
142.251.12.132
142.251.12.149
142.251.12.156
142.251.12.157
142.251.175.104
15.197.193.217
151.101.1.229
151.101.1.55
157.240.235.1
157.240.235.35
172.217.194.95
172.217.194.97
172.253.118.132
172.253.118.94
172.64.152.89
172.67.150.31
18.211.192.234
182.161.73.129
182.161.73.136
184.25.222.66
192.0.77.2
192.0.78.187
192.0.78.25
203.117.89.148
209.54.182.161
216.239.32.181
23.46.16.190
34.102.146.192
34.111.113.62
34.117.23.234
34.120.135.53
34.149.98.30
34.160.17.71
34.96.70.87
34.98.64.218
35.185.130.121
35.208.216.174
35.244.196.223
52.77.135.86
52.95.122.74
54.179.210.192
54.192.18.65
54.192.18.73
54.255.118.208
61.216.47.122
64.233.170.102
64.233.170.156
64.233.170.157
69.173.158.64
74.125.130.156
74.125.130.94
74.125.200.157
74.125.24.157
74.125.68.94
74.125.68.95
8.43.72.98
0343a7310b60e542faedf167129bccc3c54da19f3a51b68994bfd076c2d19c09
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
091be78648540ebe17e28bb24f6fbd0c86ee72f0981a34a1a5bfacd661adaca9
09220d95a594d96edb7b812467cb4c048aca524c1876a229930879e64b28148b
096b029c8f65acc4691e0f6c4c6d1d3a049e3dab8754d2c2444a1e9612c8ff6b
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
09d37d5154f46e118abb3adead8557c6094198e959b823fdd29aa224aa90ab87
0a7673f8105c3ed374be18f1aa2f32ea33d8818f1ba86bda9cc36f5aa7c74883
0ad5920e3de2d02ca93b81772e599c49917fd42922ea3fbf226b915a23fd062e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed52d2d1392d912fef2f22a3d62ad0b89496325dee4bacf6da720290085b64c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f57b3c13de0c5a9e47a94346f8462bcbbbfa297d8ce3050a6dea2fe9c2108b4
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
10becb862d56d9599b65883e23aacfcf1c800311135d7727230f7c50d4d0f453
1213d8f3e5597bb7e50c81a51edd4306ed609762f0541c716a9887ac4e228116
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
142def09d9dbc6078f880d256cadd2e15f3808f149bfed6163de428ad0ab7d72
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
236858260a5b5a35991c9255afe177bdc456c017efd8edffbfa707662484987f
24a974b3e7c7bd25a28a932f1b467fa67110a067a58b695d6687a98e7bb5c2e7
25715c52b05e62b783ac4a6ce99e19e7ec57063396afc0971a76082699b41b8a
2c9a1bcd3d8193197c2b2b66dd5cb5ac0f6c5d7df46302f84fa27d1c61639a31
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
342981db2158e1167f3c2b5de10802b0679db161f68b152fe5a469ec15669ce8
35907d747924496255493374f099551b8d617ecdfe6762395dc23e79958eb199
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42aa051551a96f11dedce4fe6e7d3de5e6dc3b87ed100efa8d711a61d0efee95
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4494a59979e42737d886e373a8837cc6a8902a245f3f0b98f4ac62782458b7ee
452c285b4190ade67a437b5388e4056f52e3d31d3098f477b931c84c25570138
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cae1a25d86e49521475bc48221489901b3b39d63c07e9889de221bad8d7ac16
4d1628d5574dfe02b292b455dfc39cdfbcd02d65673500b051e0a30b57651063
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec7e2cdfaf63939b2388677506d602546be7d1a21a55e8ab672d34cbe6ea80f
50ed878400e9e3a30e849d745378b9b839b39e3142452c742d33354fad19a661
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
5342b55777589d3586d978c85c78a21415a11cb8375a1c41ab43450b54cb4376
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562a3f00ee8b3f6173157185b49f0b0c0caddf9ac78ad6bbcf70182177241e3e
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57ec8945431d1626621c734fbec5f3fcbd223d145527460352bac2606024d9f4
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
5b20686ed8a48f9b98bbf4f39eda04ae2fa4116cf90e3707802c5358690acc91
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
5f2dacbb7aa5dbc0d2d60126f649de0a910356072a4e1a0b95fbe54495c6f358
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6181cd50cc2d4b87c7babd0494171d6884bf39317aa94e566494ae238d1992f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
689ff60a7ae5e8b1accec4c461c3d529e7099cd6b265bd214ae45a5e2ccd5fc4
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
69c6c22a1f80db87cbb8a3fa56216c94a7f6a9a453728bbf04f39eeb1eae7157
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6cfc1244156b0f38f72bc161168afe067ef7d553bff6eaa10c54eed2f677b49b
6e130a84f32acbb8f10ecc944bc9b0d27131df8e4f823fbaa047f14c84ec5e85
6eabe31f4afb0b4370083d5354f5668a9586aea3c670d5a5e482c5f4250c210a
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
738ace8eb2eee87271d7ae9c8607360e0ebfafa0b0b3b10245e58c62d40894ff
74293afa95dcbd91642f02400175667775e99f363ad58444d7463670f89797ff
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
77346cbb67be753c266961545d64638a6bd8771c1031ff30846e36fba0b786f9
7cf8928ddba04f94e9092d0dd6d39dab8e30fa420377f1564069c547b8d5bbc0
7f7ce6720d28cc601ac9a03885cfa03ab7af2c4ffd98287b40eaac52a037a80d
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
8538ac8affdd67f70b035156cbf6303a83988bff319be7eb3d61cdd61be84926
8560e8debe09dfa1ce16b81647c4b0900b6575324cddef0d27b43e8f5be8fdfa
87ae91e390e5e2738143bfe09cfdd67f215aa3d7ed025ca8e0bb2fb1f18f2ea3
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f4ec11203b2d4ad097a98cae744d31e6310c9c2869a245dace4ca4c6426265d
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9b74e4c7a0bb376193410718eef3475bf52586dbac54a32e5625a618975427e8
9c9521893fa13addb40a46af5a54983bca24dca5f09a5f21f5d96fa3c73a0f02
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3579a1bc25be56f318b27bdadca1d332c142b985f579a68bd0804e7b0e90ea9
a85f16d8ac04fbd72937932c3421de5a88b47eb8b510d3ca1d373dc80d1a686c
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab34343b7e5c6413c07f5afc0fa30d5d9faae5b0df4c041c44584f11045fb5f8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9d8824cc72c97eaaa269cd5fcb061e212a8cbc462f8cd191ad3ae792768677
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b82fdbc474d8380a69fa34d303b8af0df698743e7c2d7f6d919c90d06c6279f1
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95
bc62be07d652f0c17d0ac238df52c7f628e1a00836060ac88493bcf1c5f328f7
be191a83b016b3636a12f4c8043e306a4eef8edba5b334e2199cdf6e16de6bde
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c06a2c413eeb1521830517cbe79c147db78403d03cf2abdad8b60e7ab4741d10
c0b10eb992c2fa0e7dedc1a0b6928bc7b4a878fef9e93e3c1e6305912e408a26
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3544d047edf9692494611d15ecbc3b3b89544605f81f7cfb7ff8e15175706c9
c4e5ce550c2838b7dd4d44cf2285a2b4707c25f0a30a33917c25a0aa2ce94586
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7a230951774a1e4124863cab4f66f6660313eb167e4a09749a8f04082750abe
c7b4b5dc3ddc85576c11a8d1fe5d82316632454870c40f31616ccc4e249c4fc6
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9d0079eac6d586130799aa185270e78614f268aa07439386f894361e170c6f2
cccb0188958b243490ad0cedf7e2749170adb8701f14cf76b3d4ddc47f3530c0
cd22ff59bf38a22857fa45078271a17861347925d06ff7c89df897447a24b08e
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cef88ff8abadf0b41bb159bac3473dd11e870f25583e78aa6ec180f8076c6d7c
cf818741d89b8858ebc0068986712987c2caaa8d044a3095b1ba24fe7d912ecb
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d9bf15bff194c24e180cde56d1126881b90d85c38a06e977d5ef225d3888dc6b
d9d82fda9aab8d3c10f09220d42b49e5cec40920940a144c93de042f0e5e2456
dbd47670b0bb46f0bf402a24a3793ed813de07921a104da141c9d68e5f5cd074
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0754d4bba38c7f711e86437d4bbba70c048496a3d3f41e5117d33f12de5189e
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e15f3a37ee4e6cf34fc36840b0a5a60d5ddbed696fe966807d40fa16c7ceedd6
e34227557e8309f359ef824733c25736bc0e2104c38c86c307142ef6d721b147
e36b00b21cc4eb1371844238bc3dd243f2a04894f8407a155f6b14dc153b0490
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82f3213862ab66ee4c6792ca782e15f4fb70a821e1a38c4eecb83896c07b898
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebf59dfe9a31ceef06700f1754e8f180cf7cdc831e1fc22bd8a200ad0afe9b71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fa3060f84bf87410eb675aee2691dc61267f9fc09306e21f485e42126393abc0
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f
fc546d3033220d2fb65343b4f297fa8a65fd16211b5e4534cd745d2440ff8920
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
fdea4ae7c0e538c3049295d94448b74f050bb03c0608f3c759faa166bc1f0986