urlscan.io logo urlscan.io
SecurityTrails logo

www.gridoto.com Open in urlscan Pro
18.161.111.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gridoto.com/
Effective URL: https://www.gridoto.com/
Submission: On February 02 via api from FI — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 10 countries across 67 domains to perform 477 HTTP transactions. The main IP is 18.161.111.34, located in United States and belongs to AMAZON-02, US. The main domain is www.gridoto.com. The Cisco Umbrella rank of the primary domain is 379108.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 23rd 2023. Valid for: a year.
This is the only time www.gridoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.251.217.254 16509 (AMAZON-02)
1 18.161.111.34 16509 (AMAZON-02)
80 54.230.112.100 16509 (AMAZON-02)
2 180.87.173.160 6453 (AS6453)
1 142.251.175.95 15169 (GOOGLE)
4 142.250.4.95 15169 (GOOGLE)
5 142.251.10.155 15169 (GOOGLE)
12 172.253.118.113 15169 (GOOGLE)
8 64.233.170.154 15169 (GOOGLE)
3 52.222.144.85 16509 (AMAZON-02)
1 3.5.149.125 16509 (AMAZON-02)
3 74.125.130.119 15169 (GOOGLE)
5 142.251.175.97 15169 (GOOGLE)
2 142.251.10.94 15169 (GOOGLE)
3 18.161.111.46 16509 (AMAZON-02)
4 74.125.200.94 15169 (GOOGLE)
3 54.151.237.84 16509 (AMAZON-02)
1 52.84.45.86 16509 (AMAZON-02)
1 151.101.65.229 54113 (FASTLY)
1 184.51.97.137 16625 (AKAMAI-AS)
6 23.106.127.160 59253 (LEASEWEB-...)
7 20 104.18.36.155 13335 (CLOUDFLAR...)
2 35.227.252.103 15169 (GOOGLE)
1 54.151.166.244 16509 (AMAZON-02)
6 69.173.158.65 26667 (RUBICONPR...)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 43.129.34.148 132203 (TENCENT-N...)
9 52.199.16.172 16509 (AMAZON-02)
1 10 213.180.204.90 13238 (YANDEX)
5 142.251.175.100 15169 (GOOGLE)
1 3 104.16.124.175 13335 (CLOUDFLAR...)
1 3.160.188.50 16509 (AMAZON-02)
2 74.125.24.84 15169 (GOOGLE)
3 5 35.244.159.8 15169 (GOOGLE)
21 60 74.125.200.156 15169 (GOOGLE)
1 1 103.229.10.211 16509 (AMAZON-02)
3 3 54.156.224.85 14618 (AMAZON-AES)
3 54.238.120.71 16509 (AMAZON-02)
3 4 35.71.178.8 16509 (AMAZON-02)
2 5 15.197.193.217 16509 (AMAZON-02)
1 1 74.214.196.131 19189 (PULSEPOINT)
6 6 35.213.12.39 15169 (GOOGLE)
1 1 51.255.68.171 16276 (OVH)
5 8 103.43.90.117 29990 (ASN-APPNEX)
4 43.129.34.52 132203 (TENCENT-N...)
2 42.99.140.179 4637 (ASN-TELST...)
3 216.239.36.181 15169 (GOOGLE)
3 172.217.194.154 15169 (GOOGLE)
3 172.253.118.94 15169 (GOOGLE)
2 74.125.68.102 15169 (GOOGLE)
48 142.251.12.155 15169 (GOOGLE)
1 52.84.42.47 16509 (AMAZON-02)
8 142.250.4.132 15169 (GOOGLE)
8 142.251.175.105 15169 (GOOGLE)
4 185.84.60.20 198622 (ADFORM)
6 89.187.162.136 60068 (CDN77 _)
1 69.173.158.67 26667 (RUBICONPR...)
8 74.125.68.155 15169 (GOOGLE)
4 8 54.65.92.192 16509 (AMAZON-02)
27 172.217.194.132 15169 (GOOGLE)
8 172.253.118.149 15169 (GOOGLE)
24 142.251.175.148 15169 (GOOGLE)
1 23.59.80.130 20940 (AKAMAI-ASN1)
2 74.125.68.95 15169 (GOOGLE)
1 1 35.247.47.28 396982 (GOOGLE-CL...)
2 2 54.168.194.38 16509 (AMAZON-02)
1 1 51.79.152.76 16276 (OVH)
6 6 74.118.186.107 6336 (TURN-US-ASN)
1 183.79.217.124 24572 (YAHOO-JP-...)
1 1 23.206.171.8 20940 (AKAMAI-ASN1)
2 2 89.207.22.76 399104 (CNVR-APAC)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 216.137.52.102 16509 (AMAZON-02)
2 2 23.106.127.165 59253 (LEASEWEB-...)
2 2 35.76.19.218 16509 (AMAZON-02)
3 3 185.84.60.23 198622 (ADFORM)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 3.112.158.142 16509 (AMAZON-02)
1 1 69.173.158.64 26667 (RUBICONPR...)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 211.120.53.202 4694 (IDCF IDC ...)
2 2 50.31.142.255 23352 (SERVERCEN...)
2 50.116.239.135 ()
1 2 184.26.21.27 16625 (AKAMAI-AS)
3 185.84.60.57 198622 (ADFORM)
6 52.84.45.62 16509 (AMAZON-02)
24 35.163.61.116 16509 (AMAZON-02)
4 142.250.71.35 15169 (GOOGLE)
1 23.47.190.187 20940 (AKAMAI-ASN1)
1 23.47.190.8 20940 (AKAMAI-ASN1)
1 34.149.43.113 ()
1 2 104.18.24.173 ()
1 124.146.153.152 ()
1 1 172.104.45.159 63949 (AKAMAI-LI...)
1 1 222.230.178.28 ()
2 54.148.120.126 ()
2 74.125.24.156 ()
1 180.87.173.171 ()
1 184.51.97.92 ()
477 76
1    13.251.217.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-217-254.ap-southeast-1.compute.amazonaws.com
gridoto.com
1    18.161.111.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-34.mrs52.r.cloudfront.net
www.gridoto.com
80    54.230.112.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-112-100.mrs52.r.cloudfront.net
imgx.gridoto.com
2    180.87.173.160 (India)

ASN6453 (AS6453, US)
scripts.jixie.media
1    142.251.175.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f95.1e100.net
ajax.googleapis.com
4    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
5    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
securepubads.g.doubleclick.net
12    172.253.118.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f113.1e100.net
fundingchoicesmessages.google.com
8    64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net
www.googletagservices.com
3    52.222.144.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-144-85.mrs52.r.cloudfront.net
ads.grid.id
1    3.5.149.125 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
kgdata-cdn.s3.ap-southeast-1.amazonaws.com
3    74.125.130.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f119.1e100.net
i.ytimg.com
5    142.251.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net
www.googletagmanager.com
2    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
3    18.161.111.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-46.mrs52.r.cloudfront.net
asset.kompas.com
assets.kompas.com
4    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
3    54.151.237.84 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-237-84.ap-southeast-1.compute.amazonaws.com
tracker.oval.id
1    52.84.45.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-86.mrs52.r.cloudfront.net
apis.kompas.com
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    184.51.97.137 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-97-137.deploy.static.akamaitechnologies.com
a.teads.tv
6    23.106.127.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
prg8.smartadserver.com
20    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
dsum-sec.casalemedia.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    54.151.166.244 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-166-244.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
6    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
1    43.129.34.148 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
hb.jixie.io
9    52.199.16.172 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
10    213.180.204.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
bs.yandex.ru
an.yandex.ru
5    142.251.175.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f100.1e100.net
www.google-analytics.com
3    104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    3.160.188.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-50.mrs52.r.cloudfront.net
sb.scorecardresearch.com
2    74.125.24.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f84.1e100.net
accounts.google.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
kompascybermedia-d.openx.net
us-u.openx.net
60    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
cm.g.doubleclick.net
1    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    54.156.224.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-224-85.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    54.238.120.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
4    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
5    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
8    103.43.90.117 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    43.129.34.52 (Jakarta, Indonesia)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
traid.jixie.io
2    42.99.140.179 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-179.pacnet.net
accounts.tokopedia.com
3    216.239.36.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
stats.g.doubleclick.net
3    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
www.google.com.sg
2    74.125.68.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f102.1e100.net
ampcid.google.com
ampcid.google.com.sg
48    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
pagead2.googlesyndication.com
bid.g.doubleclick.net
1    52.84.42.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-42-47.mrs52.r.cloudfront.net
cdn.prod.uidapi.com
8    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
8    142.251.175.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f105.1e100.net
www.google.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
asia.adform.net
6    89.187.162.136 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 599610281.sgp.cdn77.com
tag.adbro.me
1    69.173.158.67 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
beacon-sin1.rubiconproject.com
8    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
googleads.g.doubleclick.net
8    54.65.92.192 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-92-192.ap-northeast-1.compute.amazonaws.com
fw.adsafeprotected.com
27    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
8    172.253.118.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f149.1e100.net
ad.doubleclick.net
24    142.251.175.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f148.1e100.net
s0.2mdn.net
1    23.59.80.130 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-80-130.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
2    74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net
imasdk.googleapis.com
1    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
2    54.168.194.38 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-194-38.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    51.79.152.76 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip76.ip-51-79-152.net
onetag-sys.com
6    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    183.79.217.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
cksync.yahoo.co.jp
1    23.206.171.8 (Seattle, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-171-8.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
2    89.207.22.76 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-nessy-float2.dotomi.com
dclk-match.dotomi.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    216.137.52.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-52-102.mrs52.r.cloudfront.net
cr-p1.ladsp.com
2    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    35.76.19.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-19-218.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
3    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    3.112.158.142 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-158-142.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    211.120.53.202 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    50.31.142.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    50.116.239.135 (None, )

ASN- ()
d.turn.com
2    184.26.21.27 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-21-27.deploy.static.akamaitechnologies.com
sync.teads.tv
3    185.84.60.57 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
6    52.84.45.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-62.mrs52.r.cloudfront.net
static.adsafeprotected.com
24    35.163.61.116 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-61-116.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
4    142.250.71.35 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s35-in-f3.1e100.net
csi.gstatic.com
1    23.47.190.187 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-190-187.deploy.static.akamaitechnologies.com
p16-ttam-va.ibyteimg.com
1    23.47.190.8 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-190-8.deploy.static.akamaitechnologies.com
v16-ad.byteoversea.com
1    34.149.43.113 (None, )

ASN- ()
rtb0.doubleverify.com
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    124.146.153.152 (None, )

ASN- ()
gdn.socdm.com
1    172.104.45.159 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1625-159.members.linode.com
a.c.appier.net
1    222.230.178.28 (None, )

ASN- ()
rt.gsspat.jp
2    54.148.120.126 (None, )

ASN- ()
ads.everesttech.net
2    74.125.24.156 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    180.87.173.171 (None, )

ASN- ()
partnerrsc.jixie.io
1    184.51.97.92 (None, )

ASN- ()
eus.rubiconproject.com
Apex Domain
Subdomains		 Transfer
88 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
ad.doubleclick.net — Cisco Umbrella Rank: 163
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
googleads4.g.doubleclick.net
437 KB
82 gridoto.com
gridoto.com — Cisco Umbrella Rank: 169466
www.gridoto.com — Cisco Umbrella Rank: 379108
imgx.gridoto.com — Cisco Umbrella Rank: 246030
1 MB
81 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
530 KB
38 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
429 KB
26 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
accounts.google.com — Cisco Umbrella Rank: 23
analytics.google.com — Cisco Umbrella Rank: 154
ampcid.google.com — Cisco Umbrella Rank: 2967
www.google.com — Cisco Umbrella Rank: 2
216 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
598 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
13 KB
12 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1535
usersync.gumgum.com — Cisco Umbrella Rank: 1988
rtb.gumgum.com — Cisco Umbrella Rank: 1478
11 KB
10 adform.net
asia.adform.net — Cisco Umbrella Rank: 100902
c1.adform.net — Cisco Umbrella Rank: 583
s2.adform.net — Cisco Umbrella Rank: 7060
164 KB
10 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 11423
an.yandex.ru — Cisco Umbrella Rank: 6258
17 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
89 KB
9 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
beacon-sin1.rubiconproject.com — Cisco Umbrella Rank: 16588
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
eus.rubiconproject.com
7 KB
8 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
ib.adnxs.com — Cisco Umbrella Rank: 253
9 KB
8 smartadserver.com
prg8.smartadserver.com — Cisco Umbrella Rank: 19759
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
11 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
484 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
kompascybermedia-d.openx.net — Cisco Umbrella Rank: 62850
us-u.openx.net — Cisco Umbrella Rank: 524
1 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
172 KB
6 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 24451
34 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
4 KB
6 jixie.io
hb.jixie.io — Cisco Umbrella Rank: 36326
traid.jixie.io — Cisco Umbrella Rank: 34032
partnerrsc.jixie.io
prebid.jixie.io Failed
6 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
1 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 581
eb2.3lift.com — Cisco Umbrella Rank: 412
3 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
443 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
4 KB
4 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13364
ampcid.google.com.sg — Cisco Umbrella Rank: 114306
990 B
4 kompas.com
asset.kompas.com — Cisco Umbrella Rank: 38998
assets.kompas.com — Cisco Umbrella Rank: 297463
apis.kompas.com — Cisco Umbrella Rank: 48353
16 KB
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
gdn.socdm.com
3 KB
3 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 98022
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
2 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
5 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
sync.teads.tv — Cisco Umbrella Rank: 1376
1 KB
3 oval.id
tracker.oval.id — Cisco Umbrella Rank: 43106
2 KB
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
77 KB
3 grid.id
ads.grid.id — Cisco Umbrella Rank: 229243
270 KB
2 everesttech.net
ads.everesttech.net
14 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 turn.com
d.turn.com
796 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5392
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
974 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
1 KB
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 15751
1 KB
2 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 604
rtb0.doubleverify.com
tps.doubleverify.com Failed
102 KB
2 tokopedia.com
accounts.tokopedia.com — Cisco Umbrella Rank: 33603
3 KB
2 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 35636
19 KB
1 gsspat.jp
rt.gsspat.jp
408 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 9026
641 B
1 byteoversea.com
v16-ad.byteoversea.com — Cisco Umbrella Rank: 14982
1 ibyteimg.com
p16-ttam-va.ibyteimg.com — Cisco Umbrella Rank: 6342
48 KB
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5589
233 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 37465
640 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 100904
735 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
655 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2898
1 KB
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3994
623 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
440 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
755 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3291
582 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
853 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
511 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
2 KB
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 25120
178 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 amazonaws.com
kgdata-cdn.s3.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 53753
20 KB
0 tapad.com Failed
pixel.tapad.com Failed
477 67
Domain Requested by
80 imgx.gridoto.com www.gridoto.com
60 cm.g.doubleclick.net 21 redirects www.gridoto.com
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
46 pagead2.googlesyndication.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
www.gridoto.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
fw.adsafeprotected.com
27 tpc.googlesyndication.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
www.gridoto.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
24 dt.adsafeprotected.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
24 s0.2mdn.net f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
www.gridoto.com
s0.2mdn.net
16 dsum-sec.casalemedia.com 5 redirects www.gridoto.com
googleads.g.doubleclick.net
12 fundingchoicesmessages.google.com www.gridoto.com
securepubads.g.doubleclick.net
8 ad.doubleclick.net www.gridoto.com
8 fw.adsafeprotected.com 4 redirects f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
www.gridoto.com
8 googleads.g.doubleclick.net f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8 www.google.com www.gridoto.com
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
8 f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 bs.yandex.ru ads.grid.id
8 g2.gumgum.com ads.grid.id
8 www.googletagservices.com www.gridoto.com
securepubads.g.doubleclick.net
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
6 static.adsafeprotected.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
6 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
6 tag.adbro.me www.gridoto.com
6 x.bidswitch.net 6 redirects
6 fastlane.rubiconproject.com ads.grid.id
6 prg8.smartadserver.com ads.grid.id
5 match.adsrvr.org 2 redirects scripts.jixie.media
partnerrsc.jixie.io
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 www.googletagmanager.com www.gridoto.com
www.googletagmanager.com
5 securepubads.g.doubleclick.net www.gridoto.com
www.googletagservices.com
securepubads.g.doubleclick.net
4 csi.gstatic.com imasdk.googleapis.com
pagead2.googlesyndication.com
4 sync.1rx.io 4 redirects
4 asia.adform.net www.gridoto.com
s2.adform.net
4 traid.jixie.io scripts.jixie.media
4 eb2.3lift.com 3 redirects www.gridoto.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com www.gridoto.com
imgx.gridoto.com
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
3 s2.adform.net asia.adform.net
s2.adform.net
www.gridoto.com
3 c1.adform.net 3 redirects
3 cr-p1.ladsp.com 3 redirects
3 www.google.com.sg www.gridoto.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 analytics.google.com www.googletagmanager.com
3 usersync.gumgum.com www.gridoto.com
3 sync.srv.stackadapt.com 3 redirects
3 us-u.openx.net 1 redirects www.gridoto.com
googleads.g.doubleclick.net
3 unpkg.com 1 redirects www.gridoto.com
www.googletagmanager.com
3 tracker.oval.id kgdata-cdn.s3.ap-southeast-1.amazonaws.com
3 i.ytimg.com www.gridoto.com
3 ads.grid.id www.gridoto.com
ads.grid.id
2 googleads4.g.doubleclick.net fw.adsafeprotected.com
2 ads.everesttech.net fw.adsafeprotected.com
ads.everesttech.net
2 an.yandex.ru 1 redirects www.gridoto.com
2 bid.g.doubleclick.net f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 d.turn.com googleads.g.doubleclick.net
2 b1sync.zemanta.com 2 redirects
2 tg.socdm.com 2 redirects
2 pool.admedo.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ds.uncn.jp 2 redirects
2 imasdk.googleapis.com www.gridoto.com
2 accounts.tokopedia.com scripts.jixie.media
partnerrsc.jixie.io
2 secure.adnxs.com 2 redirects
2 dsum.casalemedia.com 2 redirects
2 kompascybermedia-d.openx.net 2 redirects
2 accounts.google.com imgx.gridoto.com
accounts.google.com
2 rtb.openx.net ads.grid.id
2 htlb.casalemedia.com ads.grid.id
2 assets.kompas.com www.gridoto.com
assets.kompas.com
2 www.gstatic.com www.gridoto.com
2 scripts.jixie.media www.gridoto.com
scripts.jixie.media
1 eus.rubiconproject.com www.gridoto.com
eus.rubiconproject.com
1 partnerrsc.jixie.io scripts.jixie.media
1 rt.gsspat.jp 1 redirects
1 a.c.appier.net 1 redirects
1 gdn.socdm.com www.gridoto.com
1 s.tribalfusion.com www.gridoto.com
1 a.tribalfusion.com 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 v16-ad.byteoversea.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
1 p16-ttam-va.ibyteimg.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
1 dsp.adkernel.com f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 cksync.yahoo.co.jp f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
1 onetag-sys.com 1 redirects
1 um.simpli.fi 1 redirects
1 cdn.doubleverify.com www.gridoto.com
1 beacon-sin1.rubiconproject.com www.gridoto.com
1 ampcid.google.com.sg www.google-analytics.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 ampcid.google.com www.google-analytics.com
1 dsp.nrich.ai 1 redirects
1 rtb.gumgum.com www.gridoto.com
1 bh.contextweb.com 1 redirects
1 cms.quantserve.com 1 redirects
1 sb.scorecardresearch.com www.gridoto.com
1 hb.jixie.io ads.grid.id
1 prebid-asia.creativecdn.com ads.grid.id
1 tlx.3lift.com ads.grid.id
1 a.teads.tv ads.grid.id
1 cdn.jsdelivr.net ads.grid.id
1 apis.kompas.com ajax.googleapis.com
1 asset.kompas.com www.gridoto.com
1 kgdata-cdn.s3.ap-southeast-1.amazonaws.com www.gridoto.com
1 ajax.googleapis.com www.gridoto.com
1 www.gridoto.com
1 gridoto.com 1 redirects
0 prebid.jixie.io Failed partnerrsc.jixie.io
0 tps.doubleverify.com Failed cdn.doubleverify.com
0 pixel.tapad.com Failed www.gridoto.com
477 113
Subject Issuer Validity Valid
*.gridoto.com
Amazon RSA 2048 M02		 2023-06-23 -
2024-07-22		 a year crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2023-09-15 -
2024-08-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.grid.id
Amazon RSA 2048 M01		 2023-06-19 -
2024-07-17		 a year crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-25		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
kompas.com
Amazon RSA 2048 M01		 2023-05-26 -
2024-06-23		 a year crt.sh
tracker.oval.id
Amazon RSA 2048 M03		 2023-08-07 -
2024-09-04		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.tokopedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-30 -
2024-07-30		 a year crt.sh
*.google.com.sg
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tag.adbro.me
Sectigo RSA Domain Validation Secure Server CA		 2023-12-18 -
2024-12-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2023-11-30 -
2024-12-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2024-01-12 -
2025-02-12		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.ibyteimg.com
RapidSSL TLS ECC CA G1		 2023-03-14 -
2024-04-13		 a year crt.sh
*.byteoversea.com
RapidSSL ECC CA 2018		 2023-12-18 -
2025-01-17		 a year crt.sh
*.everesttech.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-03-08		 a year crt.sh

This page contains 40 frames:

Primary Page: https://www.gridoto.com/
Frame ID: E5915C1F5F8CA8D2B93E221AB4D066C9
Requests: 200 HTTP requests in this frame

Frame: https://ads.grid.id/DESKTOP/gridotoasset/pushdowndeskinternalbackup.html
Frame ID: CB2CDB5910F6F5502BEC92406827A825
Requests: 2 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CFAD1285BB0DF913D2F2F7A63448B80C
Requests: 1 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B2592C8EE297A94CB9C4A76000D6EE65
Requests: 23 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74BA10A4151C192C6A68D33C6FDF990C
Requests: 23 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67A69B26073B907D03266A2BF9C7A329
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiPOKzC4ofkFL9RwTzTagHJ9Qdzdpr19G8b63tmDTxdHK6NALUhBuI-30jN0i8dPAiNCaSIsw_PBvGyl_5U2d5ftilDLw4LEaJRifMQ7mZl7ukDemBSf3S7Li4J92kzLpPY2dUP5B2pat5asNXg_lcVwg09eu1EDijAdD8GSB8HKob39K8cRLkRzte6pFabRrtaym3HEUlCjxj9eO3MZZuxRTjVZ7CSivOx0B5_eh_m9IgFjzQqMDl80twNiI5TmLtoXXaAy7oKo9HT-ezn0LHdsRiQD4MdAKoEg9QtYzcdiNDWyqvbovJ7BfLNNy2ZAyGnFgITyS_Hge3Y2t5wvR2zZkfa9nyo9_gcTUmyZiplFM-59EfKWhf&sai=AMfl-YT-B_xM-5aLFmelOew1RgOZlMdP0u1O3YsaVlhJHHcYyAzQLjvO61hqy64k85obq7jhdyUdesGxxfW2-QTX7s_2S7NDSpLwNJJL4rhTxf_9vzF6pxOWHo3b8lerUw&sig=Cg0ArKJSzGslSFvOrHTZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0B4049F2567E8F439973F7BAF6D9BEA9
Requests: 11 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A99525C8D37F3D1DE1F3D4BD0059429
Requests: 23 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 059167A11161B560D57E1F13E748A83B
Requests: 23 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8A82507939F546F023CC3F5C81DF2D2
Requests: 17 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: 9CBA81F6A6C6FF7745B20C76E40238A3
Requests: 3 HTTP requests in this frame

Frame: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 435FB969FD8D6059D187FB60874E8000
Requests: 3 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: C2236EEB5BA8DDF4C73A944ADF4E15FD
Requests: 3 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: 924D70E112098B9D6A7BB3C37B6094B4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNW7uDde1re000n-qLizQM5JfONavFjB8t8imboccWu-Cf-EJZ7c4nikHkYWT6AEnYhQPC1Qbs1Gzi_TZYX7Wx9VWm2i7rs4OdlJUqeLIXdVfVSwv3Q
Frame ID: 631957C4844DEAFC1E81AF52ADA554BE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8oCr7gEwAQ&v=APEucNXIhTAPbIkRgJagtTXH-8wRKzf2QFU7XWeRzVoEav8noGbSdlRainFPXiNpoJZJLw7WPIjE634QXbNEqks0vkfvyqWiBez6IcW7gaSuDvcor9CUP58
Frame ID: 5D712AFCF801397EC77F922FC527C1F6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXRXRDhqMuWBBiK0OuFAjAB&v=APEucNXZm8byEovHC0HCDl5Wbdfvt4VtdKfuZ2salBK6MZxGvAPMOkw2VY-xWHrUu4aWruiDkw_toCoUmjZy1IDp5KReOYtrMp65OU1bLCYsLQrDob2un5c
Frame ID: 49D05D6CF35963A7B8C620679755D72A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3EB4DE020AE2E40F74AD1319E8D44A70
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNVZ9ass8ewY8NfB69GFmWcGBjCFbbbH9Hxke1BcH5ip5rhtGHQ1JrVL_IMtBLOn-oqtbEjJdk2RC8aC9UKn9uBzBrDQQoAb2-lrQETSPnQ6sb2UEPA
Frame ID: 34F5CCA2AD849434EC62DD05924792C2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2574FB908451BA25955A2C02509E4A53
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNXJSn665jQFuCOjex67acZ3LQHCqApaGMivuJCsjOOeb1fkFntudujOceNV9vz-CK2bg3GkzfGGoHmhsQGXsaCeAx1q8ZSh7UUhdD368suKWePEkSk
Frame ID: CA333A1CB57DEB817E3679BD7E122AE3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9A6E2BA79F7AEB05E8DB4990DDC223C1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD6ThCFlYCqAhjejryFAjAB&v=APEucNU5bco0oJ5Fjvj5XW92bfvC5gQyhVsJWcL_blr-BENc7hFeG0md6eNcnrkRzTxF71kPSty2XQGVL9stWgTxauQW2qmv1PJv2jnc0DTw8wYL8zrXfiM
Frame ID: F4AB479F5FF1155BA96979176BBF931A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C5F3BBE87B481C10172C365679C0B719
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Frame ID: 9EFA299EFC167645D250389BE84C19F7
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Frame ID: 69F34FFC27538BA406242C5FC42A3529
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Frame ID: 265981F4E2DCFD6D2139D4ED30F93279
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 76C8B3C3A48038B156113D0E6F2ED95D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C0CC8F2C730091C698892A8A13CFAE6C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7F52CFEC1B96EA6AFE46F3CBBDB82287
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 23550BEF1D382263A2FEDC952D5575A0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4C862BA56B65F97EA32AA79A14DD10BD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D6D24FDF118F773B8043AB0A1E422D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A51B293407B41B4F9271A7D77FAD9186
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8779C70027137A012CC66AD03F47E820
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6F3B7D496472619A7FF7BE356C6B7392
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0780DBBCDC78458FA5381B9DF0B64D15
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8657BAC4E11139CB36849865F6F6F733
Requests: 1 HTTP requests in this frame

Frame: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=bdc4478847af564dde5cd5bdb27fab31
Frame ID: 8F096EEA0E9F346D4F2D1B1B51DEE69D
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Frame ID: 55D4B5CA6AA84575506B52DFF2358BC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GridOto.com - Simply Automotive Guideyt-1inleftrightsearchlineplayfbgptwwa

Page URL History Show full URLs

  1. http://gridoto.com/ HTTP 301
    https://www.gridoto.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

477
Requests

84 %
HTTPS

0 %
IPv6

67
Domains

113
Subdomains

76
IPs

10
Countries

5302 kB
Transfer

15323 kB
Size

118
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gridoto.com/ HTTP 301
    https://www.gridoto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js
Request Chain 154
  • https://kompascybermedia-d.openx.net/w/1.0/pd HTTP 302
  • https://kompascybermedia-d.openx.net/w/1.0/pd?cc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1
Request Chain 155
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450357&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450357&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=np_bVJyf2wmFmo0ImMyUBJrLjgWFmo8BnpOJohnL
Request Chain 156
  • https://id5-sync.com/s/441/9.gif?puid=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/8/2.gif?puid=1941033958778798103&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=16f7f74f-1c32-47e5-b624-e3350477a8d5&ttl=%%TTL%% HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F441%252F826%252F6%252F4.gif%253Fpuid%253D05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F441%252F826%252F6%252F4.gif%253Fpuid%253D05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid%3D05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347%26gdpr%3D0%26gdpr_consent%3D
Request Chain 157
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1ac7bdb8-b17f-50b6-43d0-e02e31901ad7$ip$116.86.155.25
Request Chain 158
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=16f7f74f-1c32-47e5-b624-e3350477a8d5&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 159
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=9wS9I9RGzIqT&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=cf0933bb-d73a-43c9-a7e6-74a3a145056a&expires=1&user_group=5&ssp=gumgum2&bsw_param=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 161
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1941033958778798103
Request Chain 302
  • https://um.simpli.fi/gp_match?google_gid=CAESEBy5qRakqiQ4m4xexRZxDFE&google_cver=1&google_push=AXcoOmRH4TGJZzdJNbL6eUKuIItXiIx2nRlnbaEC5uGpyuTQQ2zEhg72_88Wboa78gsc6zvOmzrU5Pe9zgxJ-90rrcfWUFa6OiFkwE6rB_GXD2wiIbPVWsZMUzOv2QvdOcB8l5tlfMK537VIHbOXZsaOa2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214D46727CC94913944F8A12CD6C569C&google_push=AXcoOmRH4TGJZzdJNbL6eUKuIItXiIx2nRlnbaEC5uGpyuTQQ2zEhg72_88Wboa78gsc6zvOmzrU5Pe9zgxJ-90rrcfWUFa6OiFkwE6rB_GXD2wiIbPVWsZMUzOv2QvdOcB8l5tlfMK537VIHbOXZsaOa2A
Request Chain 303
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESENSt4Df0ELCNIOSzl3uLwXI&google_cver=1&google_push=AXcoOmT1JmyNDT8cM_ZIi5l7pNx6HoWqX7AbTc1wx7xSfy_iiyZ-pgqnPejQXG7cbB_9f26_U2l0jUezKCS5X9kOMooszPhzKwB9rvtgZ_cRzkIO3qeLnT3lwcb6fz9E-uIHLVEts78jAbih6k1AN-3UJw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT1JmyNDT8cM_ZIi5l7pNx6HoWqX7AbTc1wx7xSfy_iiyZ-pgqnPejQXG7cbB_9f26_U2l0jUezKCS5X9kOMooszPhzKwB9rvtgZ_cRzkIO3qeLnT3lwcb6fz9E-uIHLVEts78jAbih6k1AN-3UJw&google_hm=Ac9OIWvEOkS_jKEiaVSv0Mg
Request Chain 304
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDyaw1Xm1I1gSQG8KejHV6I&google_cver=1&google_push=AXcoOmQNO5qaCbq2SypJj5ou6cGi1HX4iikrTBnYaYnEuggA_6zNe6QqeNUDtq8WV3Lz8Lag1V7lPBUm5aItCoDBONz7k65T40ObciRLRpFApO6Bc3rNzee2Y8jsarrPRdP6lBoHExJRtKXDeOftgR_ydew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNO5qaCbq2SypJj5ou6cGi1HX4iikrTBnYaYnEuggA_6zNe6QqeNUDtq8WV3Lz8Lag1V7lPBUm5aItCoDBONz7k65T40ObciRLRpFApO6Bc3rNzee2Y8jsarrPRdP6lBoHExJRtKXDeOftgR_ydew
Request Chain 305
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOx4pPa8tu0-9RH0vwS_UGU&google_cver=1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg8JKVyBuVvgv0k0tLdDE HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg8JKVyBuVvgv0k0tLdDE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1706902970811 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ffaaab61-b90f-4690-9247-ae7cbc87c761-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg8JKVyBuVvgv0k0tLdDE%26google_hm%3DBP-qq2G5D0aQkkeufLyHx2E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg8JKVyBuVvgv0k0tLdDE&google_hm=BP-qq2G5D0aQkkeufLyHx2E
Request Chain 306
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAmV3TUmv_AVj-cGzMfMos8&google_cver=1&google_push=AXcoOmR05OoNFCAKpBBAOpoC_8CtdfINZxuIsdufh3brifkeiGWdV0SOH7pRFGt0GwPUDqIE_JBh84nMchnQIR65B5H9TxuTw-AmDv27N8mZBlMnB3lGw08NVW6VD17MHXc8CuupgduVNR9q1aj-Hk5mIHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR05OoNFCAKpBBAOpoC_8CtdfINZxuIsdufh3brifkeiGWdV0SOH7pRFGt0GwPUDqIE_JBh84nMchnQIR65B5H9TxuTw-AmDv27N8mZBlMnB3lGw08NVW6VD17MHXc8CuupgduVNR9q1aj-Hk5mIHQ
Request Chain 308
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMETQsI6Fgkb937V52sxRp4&google_cver=1&google_push=AXcoOmS1-2JrhCJG7Tk6n1AXS1l-unD3Rn_o4bD_SUkQ_Y46JTev4BISzTsffDz_weVAz47eZ9YfROY6FASIR8_wSd3Iecg9xilDbi0hl6_vN0Av6dhWaB_oQ1Gye_YNKm6hP5inoMmiI21ftTKkmtPnJpo6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS1-2JrhCJG7Tk6n1AXS1l-unD3Rn_o4bD_SUkQ_Y46JTev4BISzTsffDz_weVAz47eZ9YfROY6FASIR8_wSd3Iecg9xilDbi0hl6_vN0Av6dhWaB_oQ1Gye_YNKm6hP5inoMmiI21ftTKkmtPnJpo6
Request Chain 310
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_cver=1&google_push=AXcoOmTZ0Opybka7sxYaO-CNWrXfnL4u8U5LAM8M33IHYH63xb8aM9pVi9iFBWXYY5yQlD0n3WXZoLNYz0-iY5D55QHHCKcDtx0a57WdbexifJnTD79ueQNb37H59bwvmPbu-HxyduhsaKvQeMmJWffauA HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1eb31baba56f21f3&is_secure=true&networkId=14000&version=1&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_cver=1&google_push=AXcoOmTZ0Opybka7sxYaO-CNWrXfnL4u8U5LAM8M33IHYH63xb8aM9pVi9iFBWXYY5yQlD0n3WXZoLNYz0-iY5D55QHHCKcDtx0a57WdbexifJnTD79ueQNb37H59bwvmPbu-HxyduhsaKvQeMmJWffauA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAL3wSFLpNF8QNvRHO5AAAAAAA&expiration=1706989372&google_cver=1&is_secure=true&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_push=AXcoOmTZ0Opybka7sxYaO-CNWrXfnL4u8U5LAM8M33IHYH63xb8aM9pVi9iFBWXYY5yQlD0n3WXZoLNYz0-iY5D55QHHCKcDtx0a57WdbexifJnTD79ueQNb37H59bwvmPbu-HxyduhsaKvQeMmJWffauA
Request Chain 311
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB1whl69dVRz17VxjM-v0m8&google_cver=1&google_push=AXcoOmRhRiaDSQa8okFW9rxPcQZ7lAJ97IcvGScKyw4320F7Xnc-KvO13GP91j-xoBf03FC0fwL2IRGhn_p1qEZAlguoC0Ecfz_Vy3cIkBIhXNFqkM12t6zc9aTX-aN84CHldqhlMICpMcekfFY0QNw3Uw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZmN2Y3NGYtMWMzMi00N2U1LWI2MjQtZTMzNTA0NzdhOGQ1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16f7f74f-1c32-47e5-b624-e3350477a8d5
Request Chain 312
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMUfrl5XEFAPOCFKFPgJ_fM&google_cver=1&google_push=AXcoOmQ-n-hZvRS9x3QUmUo0G-0SOJFSjmtYMxLuWDz8FQL2-YukyuupjDXGAUf5cHe9e3HFQ6vgvMY-OHyF7jEIbyS6A8spRT6iSixAie-1JMY_5vVQFwONetjY9yC8MMnUsapATdGjl1FO8sHK0RHNPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ-n-hZvRS9x3QUmUo0G-0SOJFSjmtYMxLuWDz8FQL2-YukyuupjDXGAUf5cHe9e3HFQ6vgvMY-OHyF7jEIbyS6A8spRT6iSixAie-1JMY_5vVQFwONetjY9yC8MMnUsapATdGjl1FO8sHK0RHNPA&google_hm=5WTvFVFQSSiTdr2ku4_4sxk
Request Chain 313
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n6CgpbotbkZZ71MyOI&google_gid=CAESEDVOIQfS_NBHBJD7nABxXtk&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n6CgpbotbkZZ71MyOI&google_gid=CAESEDVOIQfS_NBHBJD7nABxXtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n6CgpbotbkZZ71MyOI&google_hm=AUF2J1lBUSh_ks8AEDxkMWc4V8A
Request Chain 314
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBTxeGqxOCH5uENqN8PzsNg&google_cver=1&google_push=AXcoOmSWzl82cvad4vJtP1giJCpbUwsbFSeRGZgRjCTEnmt-EE_XgO4z6Lz8U9AUDncBCWuszcb78LLfTnY7fBubAO39KaA50-92kJaebx_ZalNW1dCl6mxyiZMfJrivc_QidGS23Borz4tny1_gXrfQhtY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmSWzl82cvad4vJtP1giJCpbUwsbFSeRGZgRjCTEnmt-EE_XgO4z6Lz8U9AUDncBCWuszcb78LLfTnY7fBubAO39KaA50-92kJaebx_ZalNW1dCl6mxyiZMfJrivc_QidGS23Borz4tny1_gXrfQhtY
Request Chain 315
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEonsx3aCXCsFDde8oYW8LE&google_cver=1&google_push=AXcoOmRouWtTFummy8-a1aB2ptVff--FsMSS1kqgf-cmiW_Jq6kQPzHa180Y_BK9T8CWQMXxBCGI5CxSLEYjyjZffqK09-Ca6SOd4GoXFZLyOQPvTLugzC6hB-wyHrAfoupnTXeWTnzH4uHRShqowOrs5BU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRouWtTFummy8-a1aB2ptVff--FsMSS1kqgf-cmiW_Jq6kQPzHa180Y_BK9T8CWQMXxBCGI5CxSLEYjyjZffqK09-Ca6SOd4GoXFZLyOQPvTLugzC6hB-wyHrAfoupnTXeWTnzH4uHRShqowOrs5BU&google_hm=MTI5MzA2ODEwMDUwMjIwODIxMg%3D%3D
Request Chain 316
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAobOn_gARqLpx4YCCLFEhk&google_cver=1&google_push=AXcoOmQ4yAiGVnr2NdICSfzkJykVI84jIJ8n390IRykcS-_X0f8o3kA0zXM8xUoNm3ci7mDUdkV_DcXWBDT5v_ZCOUEcpO-Jia9r0VhAU8yt-YUg2iJ9sfjkOGnI8Ba62jj2RQ6EEFIhVjMSV2YiO2DYuRUx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4b9169ae-0d08-470c-8eaf-2dc6350960fe&%%GOOGLE_PUSH_PAIR%%
Request Chain 318
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDfr_wbBh4E1Aw_BK0RlST0&google_cver=1&google_push=AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVkoeWSdZnLrlic9t39TqnKZd61eb09LzWtSrVbZ7haHxHWKYNLBL-WuqTiVcaJrYQ HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4b9169ae-0d08-470c-8eaf-2dc6350960fe HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4b9169ae-0d08-470c-8eaf-2dc6350960fe HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=910a9142-6d3b-4094-b7c8-7b7a5768c438&user_group=1&ssp=google&bsw_param=4b9169ae-0d08-470c-8eaf-2dc6350960fe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVkoeWSdZnLrlic9t39TqnKZd61eb09LzWtSrVbZ7haHxHWKYNLBL-WuqTiVcaJrYQ&google_hm=S5Fprg0IRwyOry3GNQlg_g==
Request Chain 319
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKqYn_Ch4V6prk_MRREqZ6o&google_cver=1&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8KdUVwBubdFCztPNTbhN6hkfB0VkfV1yKlsKatUePy5bAyJF3xeIYivLrmRn57pZSzuG0mPXlnm-Q HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKqYn_Ch4V6prk_MRREqZ6o&google_cver=1&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8KdUVwBubdFCztPNTbhN6hkfB0VkfV1yKlsKatUePy5bAyJF3xeIYivLrmRn57pZSzuG0mPXlnm-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0OTM4NjMwMTk5NzAzNzk1MQ&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8KdUVwBubdFCztPNTbhN6hkfB0VkfV1yKlsKatUePy5bAyJF3xeIYivLrmRn57pZSzuG0mPXlnm-Q
Request Chain 320
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBTxeGqxOCH5uENqN8PzsNg&google_cver=1&google_push=AXcoOmRJQAkCrptTMsd_Ob-_bVaW4ldmiGNsQwPm_ZKxD7QUw9xiqIYVlUUNcVNzBdTSgJXkeiJBF07v79Htk21Cmf5TOZnKUUtu8jWzN1fSbMLC5RsVpipexsu1Aj6I3G7If-kAQmJanA9YJxrwO02x3mI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmRJQAkCrptTMsd_Ob-_bVaW4ldmiGNsQwPm_ZKxD7QUw9xiqIYVlUUNcVNzBdTSgJXkeiJBF07v79Htk21Cmf5TOZnKUUtu8jWzN1fSbMLC5RsVpipexsu1Aj6I3G7If-kAQmJanA9YJxrwO02x3mI
Request Chain 321
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESENSt4Df0ELCNIOSzl3uLwXI&google_cver=1&google_push=AXcoOmQCSP9g6HR_o-1i4ltEOB7UHjUYdbKTPK5uNb8Z5b7H2Uo0mnxQIvyQUIKq3Yf4B9a_BRPdExQ6RfVyB4ComOxJGf8biNTYHLn1uMz3gR9e3Do_fXpenW89yNJjfaJLEq8mDxEEBUbdfXFzDjsR1P4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQCSP9g6HR_o-1i4ltEOB7UHjUYdbKTPK5uNb8Z5b7H2Uo0mnxQIvyQUIKq3Yf4B9a_BRPdExQ6RfVyB4ComOxJGf8biNTYHLn1uMz3gR9e3Do_fXpenW89yNJjfaJLEq8mDxEEBUbdfXFzDjsR1P4&google_hm=AfFYcBcXxUPQv3pSXXm_C7o
Request Chain 322
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOx4pPa8tu0-9RH0vwS_UGU&google_cver=1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22LNxAv3AAhjtcT4i3WpA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22LNxAv3AAhjtcT4i3WpA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1706902970811 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ffaaab61-b90f-4690-9247-ae7cbc87c761-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22LNxAv3AAhjtcT4i3WpA%26google_hm%3DBP-qq2G5D0aQkkeufLyHx2E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22LNxAv3AAhjtcT4i3WpA&google_hm=BP-qq2G5D0aQkkeufLyHx2E
Request Chain 323
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEonsx3aCXCsFDde8oYW8LE&google_cver=1&google_push=AXcoOmTqEuS-DAwdYOPKDaiXcczCYtzAw3G-DYHBPjlBAFW4e8CyIIPM9dqamnqltezTlAJwBz_yCM6K10Csz8sq_VTm0MXBLOKdjc0Kqjg3ePe0GPyh7wE7amRDV9cFRp4TQq5xG9mOXpbdgD6kJDdaag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTqEuS-DAwdYOPKDaiXcczCYtzAw3G-DYHBPjlBAFW4e8CyIIPM9dqamnqltezTlAJwBz_yCM6K10Csz8sq_VTm0MXBLOKdjc0Kqjg3ePe0GPyh7wE7amRDV9cFRp4TQq5xG9mOXpbdgD6kJDdaag&google_hm=MTI5MzA2ODEwMDUwMjIwODIxMg%3D%3D
Request Chain 324
  • https://sync.inmobi.com/gob?google_gid=CAESEN41saE2m_Uom2IWy5LJnlg&google_cver=1&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo01hD5ekk5JVwMoJXDDuYwnX9q0wpHBPfjY7BexgdxIzVzQzLjjw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo01hD5ekk5JVwMoJXDDuYwnX9q0wpHBPfjY7BexgdxIzVzQzLjjw HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-af9c7lXCdjM5tg91Lylcecz1vvaO6banjveOYWXxrg&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo01hD5ekk5JVwMoJXDDuYwnX9q0wpHBPfjY7BexgdxIzVzQzLjjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=C00B38s3wDjr1M5EQKv_&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo01hD5ekk5JVwMoJXDDuYwnX9q0wpHBPfjY7BexgdxIzVzQzLjjw&google_nid=inmobi_new_eb
Request Chain 326
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECfWED4621eB1X73jerM2yw&google_cver=1&google_push=AXcoOmTQzDXyo9i8lQFQrQzp6ejuCwGdYBFRUabq3xtN-Dx5O0Ivk6_Yej_PBKUWXroVUwCeEUSQ4LudGFtyHHA01L4nPy4VkMQx17uQ-U-KZyuh2_Cgug_DFzbVUgO4lXzjkSed6qcdlZIICD-Ue0Zqng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTQzDXyo9i8lQFQrQzp6ejuCwGdYBFRUabq3xtN-Dx5O0Ivk6_Yej_PBKUWXroVUwCeEUSQ4LudGFtyHHA01L4nPy4VkMQx17uQ-U-KZyuh2_Cgug_DFzbVUgO4lXzjkSed6qcdlZIICD-Ue0Zqng&google_hm=NThkSmdwMDBSQkRFODAwNlJ4d0I
Request Chain 327
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEPjPxJqH2lGDM7xkX5Oz4To&google_cver=1&google_push=AXcoOmQaq_fNyf4wDPXRP5DQpvM7wt5wL08VCNpyy8vfxslUiVRZpJbghS_5sIrt1lZBVXRlAU_oxqm7G5hVGXsJWRh7q_kWLFwj3chOSt8ncNRuKWbyjz7u1mNA2helAKPmpaW6nrIRiVUNYF4Zi8NPLEU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg1Njg4OTI0NzM&google_push=AXcoOmQaq_fNyf4wDPXRP5DQpvM7wt5wL08VCNpyy8vfxslUiVRZpJbghS_5sIrt1lZBVXRlAU_oxqm7G5hVGXsJWRh7q_kWLFwj3chOSt8ncNRuKWbyjz7u1mNA2helAKPmpaW6nrIRiVUNYF4Zi8NPLEU
Request Chain 328
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENP6Pi_wopeFpsW7fjt_9Lc&google_cver=1&google_push=AXcoOmTJHN1goCyTG39WJe24NxYI7VLFxfH02M5tCmsXGSL8HQzpB-7b2B-4NIfCQO9mA551JFjO8MjpGARfPsE8lKgwaw6amLYWQod7GP176sQeAl23j9o53U2aimSFfGwzg4vtZ0NmNAO8vI1OPxQ1DA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM1MVlCUTQtMTAtSTFFNg==&google_push=AXcoOmTJHN1goCyTG39WJe24NxYI7VLFxfH02M5tCmsXGSL8HQzpB-7b2B-4NIfCQO9mA551JFjO8MjpGARfPsE8lKgwaw6amLYWQod7GP176sQeAl23j9o53U2aimSFfGwzg4vtZ0NmNAO8vI1OPxQ1DA
Request Chain 330
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAmV3TUmv_AVj-cGzMfMos8&google_cver=1&google_push=AXcoOmR8HiMNP-bS8nkMJW17qa7w-SKWGAmarfnU876gviRx7qcJg5ThF6FdFnpLbt0Zt7Ksz1B_e7FRR7RQJclB7sOCAJ1BGZZhrhhncr6zSYMWNun7hLs5DkFE2R0nF1hH54cV0LCB4ZjTicekuY2hUA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR8HiMNP-bS8nkMJW17qa7w-SKWGAmarfnU876gviRx7qcJg5ThF6FdFnpLbt0Zt7Ksz1B_e7FRR7RQJclB7sOCAJ1BGZZhrhhncr6zSYMWNun7hLs5DkFE2R0nF1hH54cV0LCB4ZjTicekuY2hUA
Request Chain 331
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFue5xbpBa27GGFsGeaJmWI&google_cver=1&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQTUeJGDwnxhXWPvgW9-8XoFRtPp5NdsBv4-1C7Muy1f87S8ybfTOzOrOyncQpR-zytwXyrj1DB0GISas HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQTUeJGDwnxhXWPvgW9-8XoFRtPp5NdsBv4-1C7Muy1f87S8ybfTOzOrOyncQpR-zytwXyrj1DB0GISas&google_hm=WmIxRnVzQ281czhBQUlkWWotTUFBQUFB
Request Chain 332
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMQVy0G2Iv19EL5XKReQ58A&google_cver=1&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOliOI-myiA5SLfmq3cgTjt2hA5FTHxITbZp6CD6w8wTQWe8-yPoqimrnl22zgGm-x-ZnCl6bUHO4QpLpW HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMQVy0G2Iv19EL5XKReQ58A&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOliOI-myiA5SLfmq3cgTjt2hA5FTHxITbZp6CD6w8wTQWe8-yPoqimrnl22zgGm-x-ZnCl6bUHO4QpLpW&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOliOI-myiA5SLfmq3cgTjt2hA5FTHxITbZp6CD6w8wTQWe8-yPoqimrnl22zgGm-x-ZnCl6bUHO4QpLpW&google_hm=WGtoblhEbzRRSWRmRW5ncENvdFM=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Request Chain 337
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Request Chain 340
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Request Chain 342
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
Request Chain 344
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Request Chain 346
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
Request Chain 348
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Request Chain 350
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
Request Chain 352
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1&gdpr=0
Request Chain 354
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM4NGExMjQtZDc3ZC02ZmE2LTVkYzctY2QyODE1YTgzOWQ5
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEET0QZGDr_9v-wNcWDJasYE&google_cver=1&gdpr=0
Request Chain 356
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmZlZTRjYzAtZjgyNy00YjFmLTkxODMtNGM1MWYyNTA2ZGZk
Request Chain 368
  • https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jG18BkTLYQb6-EREEpVldK&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bc3b56db-b679-5288-ace1-caf014b50877,c:37RrQo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:3fbb8be5-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1
Request Chain 391
  • https://fw.adsafeprotected.com/rfw/st/1937257/78037242/4.js?adContainerId=brand_safety_uEW9ZY_XO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZY_XO5uC9fwP8L6T8Aw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:216af7ef-6251-09e0-29d9-01403719e5ad,c:37Rs0S,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u39YV0k+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:71,oid:3fc85d32-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZY_XO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZY_XO5uC9fwP8L6T8Aw&true_pb=
Request Chain 393
  • https://fw.adsafeprotected.com/rfw/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-ehTRD0KrZe8kybktf-wN&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cbf2f895-ce6e-8277-8ee8-e0eed86f33ea,c:37Rs28,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-nv7hv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u39YV2c+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:32,oid:3fc88441-c203-11ee-bb43-eaac29bfea6b,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1
Request Chain 399
  • https://fw.adsafeprotected.com/rfw/st/1937257/78037242/4.js?adContainerId=brand_safety_uEW9ZZDXO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZZDXO5uC9fwP8L6T8Aw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c095e80c-544b-6118-90a3-76d13630a4bc,c:37Rs4x,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,tdt:s,fm:u39YV4y+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:36,oid:3fc85d31-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZZDXO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZZDXO5uC9fwP8L6T8Aw&true_pb=
Request Chain 407
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKScS8XKRlt2xBoL60p4k7k&google_cver=1&google_push=AXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKScS8XKRlt2xBoL60p4k7k&google_cver=1&google_push=AXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 408
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmRhPADH1r7IOsicuKhfWITRyitadh2G-iQaXhZClRQyi5M2d1vtj4Klj4FfN8DAQ18GokGVEnYrpUZqCVAnAOuEA09P8MgjGh6PBOEoVdZiNVYNX5Z-wpaGoU-GZssMU-qHb_hBAsATZa0dqBq2anI&google_gid=CAESEDVOIQfS_NBHBJD7nABxXtk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRhPADH1r7IOsicuKhfWITRyitadh2G-iQaXhZClRQyi5M2d1vtj4Klj4FfN8DAQ18GokGVEnYrpUZqCVAnAOuEA09P8MgjGh6PBOEoVdZiNVYNX5Z-wpaGoU-GZssMU-qHb_hBAsATZa0dqBq2anI&google_hm=AVvBkFz6RoCbks8AEDxkMWc4d8A
Request Chain 409
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1&google_push=AXcoOmR3TMn6lvVQPNUoOqgliqxwM-1hMq0aLWNir1-5E_UpBf6t_X35tQwPxhP_PHhwL1eGU00k336MXDviA4_WK62MB7Nl0PtGQyQLc3RYOmq50Ef3bTLTrFN4shAJj5TsNDQb16h3PH1NGWLQL7H8Tw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmIxRnVzQ281czhBQUlkWWotTUFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1
Request Chain 410
  • https://a.c.appier.net/gcm?google_gid=CAESEMtJLXVLqlUnQGOtr8r7nDI&google_cver=1&google_push=AXcoOmTCyAw5ZQr2ZLXYirt2zW1P_FPfzeWFiagR4Nb0ojSyZuYAbyHN9EzbqKvjlqU6QcCR_TKO6TaPl4LjeIKL_pz0dw0627qmCt_FW7sOU-f_ALV9LU1gE1CsHNMihSW7VMLWuSU3h9ngFwsIKxtGJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTVkMUZRNnpBc2ktUU1pWHZVVzlaUQ%3D%3D&google_push=AXcoOmTCyAw5ZQr2ZLXYirt2zW1P_FPfzeWFiagR4Nb0ojSyZuYAbyHN9EzbqKvjlqU6QcCR_TKO6TaPl4LjeIKL_pz0dw0627qmCt_FW7sOU-f_ALV9LU1gE1CsHNMihSW7VMLWuSU3h9ngFwsIKxtGJg
Request Chain 411
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKqYn_Ch4V6prk_MRREqZ6o&google_cver=1&google_push=AXcoOmTHrQSKEX7KmjbhBT07VlhrCZFzh702uI5G_QBekW55X-CMXz6WpF6XMzFAM7jcUrfRnfAOeoN-Fj2ioRKZwwmbOJ0BMvv00tsQq8xrE-tpf1_Y0KeU8qup3DUJIEq2UPzUBB3VggwYCgGGcXy_Iaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2NjU4NTQzMzM2Njk3OTI1NQ&google_push=AXcoOmTHrQSKEX7KmjbhBT07VlhrCZFzh702uI5G_QBekW55X-CMXz6WpF6XMzFAM7jcUrfRnfAOeoN-Fj2ioRKZwwmbOJ0BMvv00tsQq8xrE-tpf1_Y0KeU8qup3DUJIEq2UPzUBB3VggwYCgGGcXy_Iaw
Request Chain 412
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmSmVqoiGRfh6kNzueI8S2nr-RAcd9ErKIexgO4JrsoG-mZwnbUlnz3umHhpCO_X5GE3-8E1QLT-7496jhTr676C8tqJTlQIlkJww8RbqwTkBn-v3wVNLhzfu03sT9jXX_zU6YJD4mtBo6VNGXKDzNs&google_gid=CAESECjmoxaKW_45ilib_vkn2qQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=QPlv5aBTEiCqsDx-CHvHFg&google_push=AXcoOmSmVqoiGRfh6kNzueI8S2nr-RAcd9ErKIexgO4JrsoG-mZwnbUlnz3umHhpCO_X5GE3-8E1QLT-7496jhTr676C8tqJTlQIlkJww8RbqwTkBn-v3wVNLhzfu03sT9jXX_zU6YJD4mtBo6VNGXKDzNs
Request Chain 413
  • https://an.yandex.ru/mapuid/google/CAESEG3V16NQbdI7resira-xhbM?ext-param=AXcoOmS9A5ZIfAK6_YmiGRtsfXUM14CgxBr3E8h3pXtezyMU6Jmgm5q2a4tYU_eTKm4INSPfoSG5LRr2To6cjguSL3QL72wDpKstkeCDyuCyQnEGQl_TLNsd0sc9JIeUmj6g6QJlEPDxxRHNvp2lxQZScysO&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEG3V16NQbdI7resira-xhbM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif

477 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gridoto.com/
Redirect Chain
  • http://gridoto.com/
  • https://www.gridoto.com/
139 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-34.mrs52.r.cloudfront.net
Software
nginx / PHP/7.1.24
Resource Hash
d220d6b1d29a9ffe3efe18a465d043387cf65aa6639ca3cba48546ae87538f0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-methods
GET, OPTION
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 02 Feb 2024 19:42:38 GMT
server
nginx
vary
Accept-Encoding
via
1.1 cd436c4b56d76ad1cb04b447a4cd9cfe.cloudfront.net (CloudFront)
x-amz-cf-id
xLvjfeQ2MD5p76kC3aQVCwM1OOJiJ6grVbmpj3Sbc2rUMYPkr8scBA==
x-amz-cf-pop
MRS52-P4
x-cache
Miss from cloudfront
x-powered-by
PHP/7.1.24

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Fri, 02 Feb 2024 19:42:37 GMT
Location
https://www.gridoto.com:443/
Server
awselb/2.0
ssouser.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		789 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/ssouser.min.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
69ff80b1f39dcef3c8847941b7d46fe0b5274c098a22918179de39db44bfa1f1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:37:18 GMT
x-amz-version-id
MVHm_nbEqWEuxE3Px0a8AL.nMnM3a6TE
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
17838321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
789
last-modified
Thu, 20 Oct 2022 03:43:03 GMT
server
nginx
etag
"2b5c11fa1b5d0bea474a791251ef7b1f"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nIkYaAt4dJ-p5knwmKhVh68hqV1mUg6gWoHFOgdkPsy74puW2iWRtw==
expires
Wed, 10 Jul 2024 08:37:18 GMT
jxpublisher_3_1.min.js
scripts.jixie.media/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.min.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.87.173.160 , India, ASN6453 (AS6453, US),
Reverse DNS
Software
openresty /
Resource Hash
432bbbd1f881787a16cc58eec9206b765bd30cbe9829ea82bb16fe89b9ea9957

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

nginx-hit
1
date
Fri, 02 Feb 2024 19:42:39 GMT
x-amz-version-id
9Utx.pv5ga2WOOdkE3t8CjBpsC90xJJP
via
EA-SGP-EDGE7-CACHE15[2],EA-SGP-EDGE7-CACHE6[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE25[6],EA-SGP-GLOBAL1-CACHE29[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
M4KBWWMHXS5DWQB0
age
2579123
x-amz-server-side-encryption
AES256
x-amz-id-2
YPBvqwVb6abRjV9nnP1e1E/VxkNhJGMv+1OOOblLLf3vg8AKJAjKZdd+L+LyjL+TiyzLoQeL4QY=
last-modified
Wed, 03 Jan 2024 23:17:12 GMT
server
openresty
etag
W/"b9eb504073a9f1fc332d8da7f1c9fb67"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-ccdn-expires
401603
x-hcs-proxy-type
1
liftdown-cls.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		574 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/liftdown-cls.min.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
067d9b14d97656b91323b45c7d7efbd6e1f054bf1ed5534bf24a90466570971c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:37:18 GMT
x-amz-version-id
oE2uELhObGgR.w_f9PaF0CnZD7Cp_wk4
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jan 2022 05:18:54 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
17838321
etag
"91833cb0bab132f8e2df025a0f567c24"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
574
x-amz-cf-id
dHzD7MCAD5jFcqBNtLfEwh14k8f0p2AJqBbbVK4iK8_GC9YfQccpZg==
expires
Wed, 10 Jul 2024 08:37:18 GMT
additional-v2.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/additional-v2.min.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
790ed97f913e3a42a6fc482cd444ccbdeff27af8f36a52f52f939e8ad08d9f14

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 19:06:54 GMT
x-amz-version-id
kI7NDSn47OAYmcjT9eqIaLEvBg.oT2ST
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 06:16:37 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
1298145
etag
"3113349f9ed57ae045be1070dd2a450e"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1121
x-amz-cf-id
PJf8goGklF4gybL6PPbY0_RMkRY2z5Bw8SV_U0wM6Vv3FITYS4MMNQ==
expires
Fri, 17 Jan 2025 19:06:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f95.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 17:34:42 GMT
style-desktop-v2.min.css
imgx.gridoto.com/file/2017/gridoto/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/css/style-desktop-v2.min.css
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
1b0d2b11c10bea242ff0a659b9ff5c6d18eee9dd91c417411d29e5729a9e6036

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 20:15:12 GMT
x-amz-version-id
_IzPZhL.mIu6Yft72_tP4qXnvzolzQq2
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
7082847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 14 Sep 2023 05:02:47 GMT
server
nginx
etag
W/"333ae2a2af9009eaf06e5345858983f3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
RpWlwCcX0-MBqIplviZIlIXTBR2Sc2JQg5eL9ZGxcoKsFr-O6V63AA==
expires
Mon, 11 Nov 2024 20:15:12 GMT
icon.css
imgx.gridoto.com/file/2017/gridoto/fonts/icon/ 		418 B
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/fonts/icon/icon.css
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
9c36517a408bffbe9655e769a230bc1fe2fa3e9ebf557aef24c08378e81da7f2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:35:31 GMT
x-amz-version-id
null
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
17500028
x-cache
Hit from cloudfront
content-length
418
last-modified
Fri, 16 Nov 2018 10:09:36 GMT
server
nginx
etag
"e538f18c28c77358a811dd0c28f60002"
content-type
text/css
x-amz-meta-s3fox-filesize
418
cache-control
max-age=31536000
x-amz-meta-s3fox-modifiedtime
1542362901000
accept-ranges
bytes
x-amz-cf-id
Uk0LYrvPUI0wEV8rZbA3agatgsrPgHHmYUXiFgj07VRW3pFZXqRr1w==
expires
Sun, 14 Jul 2024 06:35:31 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Asap:400,700|Poppins:400,500,600|Roboto:300,400,500
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
e7a06001251f6162c86f637f48b5d7f62777234a8fda03a8bbda0f6b46f2a9d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 19:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 19:42:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 19:42:39 GMT
liftdown-cls.min.css
imgx.gridoto.com/file/2017/gridoto/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/css/liftdown-cls.min.css
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
fb3192b8e5895093b5733892aa8970cfdd19c99117c3278c24a91d61dc7cf741

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 04:38:06 GMT
x-amz-version-id
E_BYcTOF9NTriygYi13tvbweL.TGKs2k
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jan 2022 05:18:30 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
17161473
etag
"82cfd80690f1e0a4e3ee51e89d87fac5"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2296
x-amz-cf-id
1cXmNNVrJq_xvPlpm-69h-AKPXm4-lOuVpFLg3WKCk7YK_YD9QlkPQ==
expires
Thu, 18 Jul 2024 04:38:06 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
c142cf847b8624f43893f14c50075855aa56eae9055249898539f6b510659980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29611
x-xss-protection
0
server
cafe
etag
223 / 19755 / 31080791 / config-hash: 10252298388872573713
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:39 GMT
kgm-popup-light-v2.min.css
imgx.gridoto.com/file/2017/gridoto/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/css/kgm-popup-light-v2.min.css
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
7e732f81ce725d2831eaf2413925b1647ed9c61e9247a307f915ef302f471d2f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 05:23:01 GMT
x-amz-version-id
qzRCLTH_aZFsv1P7n8idEUtl4lDg2uE9
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
224378
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 30 Jan 2024 09:50:43 GMT
server
nginx
etag
W/"f3c47e26daf06deefb51b651e3901a7b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
wkCk9STFliUWgbN3NiT5mv_8ZHPGg8jy3nTlIOma4PILcSF-BSFGCA==
expires
Thu, 30 Jan 2025 05:23:01 GMT
pub-9012468469771973
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-9012468469771973?ers=1
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
1ad9674f27e463332eafdac79b370a6315f475667728a3b365835609a4757eac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h21hIAYSN9D8R3RFx5KJZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-h21hIAYSN9D8R3RFx5KJZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIm2Nj99e1bAITLixjBAB3OVjJ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
cafe /
Resource Hash
f577323c14a61623df6ca1cf0a886e8d4378a99942da44ae7926fc0113b1796a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29611
x-xss-protection
0
server
cafe
etag
311 / 19755 / 31080792 / config-hash: 10252298388872573713
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:41 GMT
prebid8.23.0-grid-network.js
ads.grid.id/PREBIDJS.JS/2023/NOV/ 		393 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-85.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
c9aa1d7770e262eecf21344b103f9a2b52ffd97beabbf855dcdf050d545c2d29
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:41 GMT
content-encoding
gzip
via
1.1 3023dc8a8cfbe8a17b250881da2ad446.cloudfront.net (CloudFront)
last-modified
Fri, 24 Nov 2023 09:08:40 GMT
server
nginx
x-amz-cf-pop
MRS52-C2
etag
W/"65606818-6233c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800
x-robots-tag
index, follow
x-amz-cf-id
slPAR23XO7GZEjbCVBj9QFCtWJlZp0xwVaelJC0uM29IyMEVQKBXxw==
x-xss-protection
1; mode=block
expires
Fri, 09 Feb 2024 19:42:41 GMT
oval_web_analytics_latest.js
kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/gridoto/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/gridoto/oval_web_analytics_latest.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.149.125 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
34f71260d09af021e3c8fa3f2a0f9b9db3e26811d8d5d1ad20bacf614f6f643a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 19:42:41 GMT
Last-Modified
Mon, 08 Jan 2024 04:44:15 GMT
Server
AmazonS3
x-amz-request-id
TZC7ZNCHFGG7R6DP
ETag
"c7a036fbf74b99562480df2825826bf7"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
20378
x-amz-id-2
jzMJ2uGS2w8xyH35wD2H827KbrqMu4mthFc3KkEzZd7+Vdt9gLR/Y90D/xEwT8d1Y2reM39GsPkebL/8vnxvQw==
close-liftdown.png
imgx.gridoto.com/file/2017/gridoto/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/close-liftdown.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
13d4dcf6ee0153bb3283714671fb0a53043f2c6a553d067267bcbe21d442723c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 07:11:04 GMT
x-amz-version-id
XE6RL5rkO1FCT2A_7LNXMlCc.H7dOoV_
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jan 2022 05:22:09 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
17411496
etag
"aeb4916e662ddb7319298fb014a06aaf"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1552
x-amz-cf-id
fUaZfBXm5eut6luZ6EZX5nkVNdScnqS_ojFMzZvoSJB7q7UjC0wqSw==
expires
Mon, 15 Jul 2024 07:11:04 GMT
3945973233.jpg
imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2019/12/30/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2019/12/30/3945973233.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
2e9b8575a4b5c0f85e46b34d9a650ebfa3204cca3f398c0a45ecd53d0f0f9274

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:29 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9671
etag
"3156b98e1f07f670ffea6c097b41f0441e4853c2"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
65110
x-amz-cf-id
5-5NdCgOALLHSgjXHkF82ZbWzCktJs_obtN9BrX5Bb-YGchipRGjVw==
expires
Sat, 01 Feb 2025 17:01:29 GMT
mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
dbd1dcb3c5ebfa57fc0865d87b3fe9aab6fbbc59798505c682fa77a66b38db1f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:33:43 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
14937
etag
"6c7ab7cd3a0955706d2de265af92551a1cdb039d"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
51387
x-amz-cf-id
vQsLFnHou7Faht2ddVNUt8_5avF7hHD79QLx5FRDmgLeLsGHcMyLTQ==
expires
Sat, 01 Feb 2025 15:33:43 GMT
whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
imgx.gridoto.com/crop/320x0:1600x959/700x465/photo/2024/02/02/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/320x0:1600x959/700x465/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
eb3130596a6dd5402a095224498b27051591bd97950d1cb04580f194991e1dda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:30 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9670
etag
"5837fdad72642faa8cf5d121ed2aa061e94b39d0"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
63573
x-amz-cf-id
OuSqD_JfDmiprqAvVLBfhNrZAusfjdpwDrie125su9dKJfy9C3P2YA==
expires
Sat, 01 Feb 2025 17:01:30 GMT
penampakan-hero-surge-s32-dari-20240202025924.jpg
imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/penampakan-hero-surge-s32-dari-20240202025924.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
7c89e1006689eb98f721c7dd029af394693c87991959f187281954092f36615b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 11:32:14 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
29425
etag
"183adee04176a9e1e64f7f5f21173a92d4171962"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
53478
x-amz-cf-id
AOws8Fkap0jnruciNGdGRt3D-nCQWtwjivKrb4hB4QkaM87FRz8JdQ==
expires
Sat, 01 Feb 2025 11:32:14 GMT
3945973233.jpg
imgx.gridoto.com/crop/0x0:0x0/174x110/photo/2019/12/30/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/174x110/photo/2019/12/30/3945973233.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
9e30e4aa6393737f33d17631e954cf2e5d3c8cd3cd1016b053b94c46b2d88c7a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:30 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9671
etag
"3ac4cb6f3fd318e11a2287b2690679ebc486e9ce"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
6453
x-amz-cf-id
UmVgnS3jxry2NkPp4XT9a-7p_6J1wyXyQM2GFu1qN3Hp9Jp0GU7tAA==
expires
Sat, 01 Feb 2025 17:01:30 GMT
mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
imgx.gridoto.com/crop/0x0:0x0/174x110/photo/2024/02/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/174x110/photo/2024/02/02/mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3e208e81b3ce0a867a3443d22880deb0f4e619f84f0ee20dec0ea87abbf0e2b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:30 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9671
etag
"ca32236b659225fef07f5e7af81385fa393be96a"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
6049
x-amz-cf-id
u9afCz5oIhrZ_SvkRvOUfLgPvhPyYAMC2QgpklJhYp9QhCbjzH1IIA==
expires
Sat, 01 Feb 2025 17:01:30 GMT
whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
imgx.gridoto.com/crop/320x0:1600x959/174x110/photo/2024/02/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/320x0:1600x959/174x110/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
92f542adf7cf045bc51284711f297f45659f9388f9fcdb389e6d0536de1e567a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:30 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9671
etag
"c49cdbf2399f9e56222cba60d3692123e1bb3331"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
6755
x-amz-cf-id
OaBFf7GVY--hqsh3i3FGHZ0hl4crBNmKgdzimOsi9Tt_2Y9Y3aVr7A==
expires
Sat, 01 Feb 2025 17:01:30 GMT
penampakan-hero-surge-s32-dari-20240202025924.jpg
imgx.gridoto.com/crop/0x0:0x0/174x110/photo/2024/02/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/174x110/photo/2024/02/02/penampakan-hero-surge-s32-dari-20240202025924.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
90ce33a833c1c479092e7e51130dcb4c66f5adaccb041f2ecb37f4e84be3fdab

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:30 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9671
etag
"9bb263c23bcdc013a1d66ecb1ef3f5b4d279f278"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
5857
x-amz-cf-id
-HCQwDxIUeft69n5TR-HX10luE6sNBML51ZWYbaruNn3sJosvV0gLQ==
expires
Sat, 01 Feb 2025 17:01:30 GMT
hqdefault.jpg
i.ytimg.com/vi/y_I0ABWCFcw/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/y_I0ABWCFcw/hqdefault.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f119.1e100.net
Software
sffe /
Resource Hash
50a6ab42c4fab62ec06c9672ed0e86932294683ce4933f8e8c3c3b5d85d14264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:40:20 GMT
x-content-type-options
nosniff
age
141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21760
x-xss-protection
0
server
sffe
etag
"1706859852"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Feb 2024 19:45:20 GMT
hqdefault.jpg
i.ytimg.com/vi/OO8RWMdFjS8/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/OO8RWMdFjS8/hqdefault.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f119.1e100.net
Software
sffe /
Resource Hash
d6bd96f87483739e231a0fdc135566fa1f57eb7d206dac3cc775635039115afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:10:58 GMT
x-content-type-options
nosniff
age
1903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17714
x-xss-protection
0
server
sffe
etag
"1706804430"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Feb 2024 21:10:58 GMT
hqdefault.jpg
i.ytimg.com/vi/JNLK6fB-1OY/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/JNLK6fB-1OY/hqdefault.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.119 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f119.1e100.net
Software
sffe /
Resource Hash
b198b4c9b992aff4bb82991f3ee2279e2548037c73b1414f5faff6c1d1bb15ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38301
x-xss-protection
0
server
sffe
etag
"1706344909"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 02 Feb 2024 21:42:41 GMT
mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
f8c56fe8975d3c881b32f1d998c1925ac372c560cbf051132c55f42ba2ce15c8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:12:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
16190
etag
"33d750fafc68b7e6c2030f4bff5f0520add61898"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8739
x-amz-cf-id
K4c9s_1_AJk1_ehwsFH3jVqqFkUSVnR53xtSU5N3YqEdVkDG7zc8Xw==
expires
Sat, 01 Feb 2025 15:12:52 GMT
widget_655afc555d0e0.png
imgx.gridoto.com/crop/0x0:0x0/217x145/file/2017/gridoto/kuis/photo/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/217x145/file/2017/gridoto/kuis/photo/widget_655afc555d0e0.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
d52efd688c566fd35c68e76c56b795babf0cc067f5f508a77c8bbe5d7be8c339

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 08:08:48 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
6435234
etag
"d8c697b154af4d470ad32fd68ae4fae66a2849d9"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
36869
x-amz-cf-id
fQ0KNvkRaeH3TyOh3UTSWiMvSYTSbIGKzQQK8cZ8hsPDaw2hnV00tw==
expires
Tue, 19 Nov 2024 08:08:48 GMT
widget_655aed3ad791f.png
imgx.gridoto.com/crop/0x0:0x0/217x145/file/2017/gridoto/kuis/photo/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/217x145/file/2017/gridoto/kuis/photo/widget_655aed3ad791f.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
842f0bf6fb491b61e79ad047cb1e2ba514b994a2e258cceef29983b1ba74ad44

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 08:08:48 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
6435234
etag
"385913a8d7f6d5839bd102ddaef5f2e324687c13"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
41270
x-amz-cf-id
qaWyUTUspeSSfD-w8utiWsJSMtmLacBNFjUo36tujMRJl-DECN0GNA==
expires
Tue, 19 Nov 2024 08:08:48 GMT
widget_6530a0da25756.png
imgx.gridoto.com/crop/0x0:0x0/217x145/file/2017/gridoto/kuis/photo/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/217x145/file/2017/gridoto/kuis/photo/widget_6530a0da25756.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
ed0a09cd80a7d1963cacf7d1381270598de7fb5b424bb31b74198ec490b5034d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 19:50:41 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
517921
etag
"1460b9ba47fa24daff9483c36cf60b03f2df02b0"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
41766
x-amz-cf-id
Z1T9bvgMfFYzF_wuNwxAuWxtVAKmZPsIn-w9Ue9ZhU0KLss-mBvklQ==
expires
Sun, 26 Jan 2025 19:50:41 GMT
widget-gridplay.js
imgx.gridoto.com/file/2017/gridoto/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/widget-gridplay.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
d1e3ef13e44d040cfdce0aacae314925903a0c5d19d41eb8a391539818bc3a00

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:37:18 GMT
x-amz-version-id
XDNEqiJXJ1BhHXEmA0eC4dPBcQrYWjN4
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 09:50:06 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
17838322
etag
"cb47bc1487b5ad68b185f6a0b8f5cdf1"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2200
x-amz-cf-id
nCGoQ5T8KdoNzj2pf9MLxl27A0Bz549KX5EeHIPXyb5qzKnKIy4-Pg==
expires
Wed, 10 Jul 2024 08:37:18 GMT
3945973233.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2019/12/30/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2019/12/30/3945973233.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
924fb6b475fc4bf95627a25d59c7d0dd93e413d696fad2610eb5b4e68bbdf5a1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 14:24:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
19070
etag
"3b63d9166fb817d67a09dcaa21ea4d903a479525"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9557
x-amz-cf-id
6VMpC5vEUI2TtFw_4-n-p-AuFRHSy3-9QG0ivYrNYqb8diSpDGrKhQ==
expires
Sat, 01 Feb 2025 14:24:52 GMT
img-20240202-wa0010jpg-20240202044249.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/img-20240202-wa0010jpg-20240202044249.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
a10ab74918e9f1f3738005ccd8281b01eca812a88ec8fe755e23445072246c13

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:52:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
20991
etag
"60f8a0a3ac1fdb7114da1f0efd9cc98f54a82567"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
10084
x-amz-cf-id
JFopH2rf0HbJetrKYHH0g7M4lPT2Tixp2lQFe9Saf3GrfGH0dV72tQ==
expires
Sat, 01 Feb 2025 13:52:51 GMT
whatsapp-image-2024-02-02-at-14-20240202055059.jpeg
imgx.gridoto.com/crop/240x44:1520x1003/220x140/photo/2024/02/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/240x44:1520x1003/220x140/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202055059.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
460591afec6d390a52c4e58d70d34200000d9b95b441cf406df45af347dc7858

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:36:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
21951
etag
"beff32c3d63334bfc6aa1e1cb9fcbfd66cdca3a6"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
10279
x-amz-cf-id
XmPrDTSlr0pXR9NsOOAExbBu3wScoVnTYor1q3LuDMLn9oVF9jOpDA==
expires
Sat, 01 Feb 2025 13:36:51 GMT
wmoto-greta-150-jadi-pilihan-sku-20240202044001.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/wmoto-greta-150-jadi-pilihan-sku-20240202044001.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
b32505639caaf59c0bc9f0d53064bd00701d9ce70062295d2441b04c1b25cfa2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:31:55 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
22247
etag
"b8224bdcc4dc56be2963a2273a7cb5da56b69b7b"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8065
x-amz-cf-id
4GAjLlFKl7sycQSxa4Lh3Ki6YP_DNxS-NekmLjF5JZl-d9RgesNU7A==
expires
Sat, 01 Feb 2025 13:31:55 GMT
whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
imgx.gridoto.com/crop/320x0:1600x959/220x140/photo/2024/02/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/320x0:1600x959/220x140/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
fdc5a967bb7a49a372a7b3acd9f4010c6439274e1caa52949becf5b7ab4e198a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 13:10:54 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
23509
etag
"856c57fc2f5f65618cb1d69b41451447f8c210c2"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9849
x-amz-cf-id
8wi00eNMIkci05A7to5rBIopsDVp6VnGHUGF_LMYNOCvhvZi9GZ3Gg==
expires
Sat, 01 Feb 2025 13:10:54 GMT
img-20240202-wa0005jpg-20240202042314.jpg
imgx.gridoto.com/crop/70x413:784x1019/220x140/photo/2024/02/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/70x413:784x1019/220x140/photo/2024/02/02/img-20240202-wa0005jpg-20240202042314.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5eda290d9452824cad6091e120d5b1458de51c9532824eadd102e8d8c9036c99

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 12:39:09 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
25414
etag
"95c24c21d78912aa218620f632e8106a212bc5a4"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
4905
x-amz-cf-id
1lCecxCBRa8sXKAwL-AexJOsx4o4JDh6EG53D-3aZohqdFfvO0Pgvw==
expires
Sat, 01 Feb 2025 12:39:09 GMT
harga-cruiser-kawasaki-vulcan-s-20240201035900.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/harga-cruiser-kawasaki-vulcan-s-20240201035900.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5d7c4c050fdcfdc0319954fe8f2a09365d1ddee7932fdba5c94c99ea99639924

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 10:08:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
34433
etag
"5ccafe83b5e4df8e9dac600d9ed2d5d365932f2a"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7014
x-amz-cf-id
DOzRHn9qncPOrcz9-d_5-W5voqwchO8AxWwAj3rwicTXJBAESRAeHg==
expires
Sat, 01 Feb 2025 10:08:51 GMT
whatsapp-image-2024-02-02-at-17-20240202050653.jpeg
imgx.gridoto.com/crop/336x259:1367x946/220x140/photo/2024/02/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/336x259:1367x946/220x140/photo/2024/02/02/whatsapp-image-2024-02-02-at-17-20240202050653.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
4f6cdf4a5fd22ce2789448f76f18191987e2a741f88fa07a6bf57cff4a476963

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 12:01:22 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
27682
etag
"43415744a8c81026e788f5ae58928256309df0b1"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9137
x-amz-cf-id
uOQPtUlurCcVWq7U1764j-1kLEoP9y_9-R0zjbMRqB67aS3ApUnGOg==
expires
Sat, 01 Feb 2025 12:01:22 GMT
whatsapp-image-2024-02-02-at-14-20240202024622.jpeg
imgx.gridoto.com/crop/50x99:1424x851/220x140/photo/2024/02/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/50x99:1424x851/220x140/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202024622.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
954b13d80b451386e8dd32e422c50d37aa2e5867ce7566a8f9fe652e47548ac2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:00:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
42113
etag
"aa9f105aa5ce65de8a1021ee47c65541e671855d"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9884
x-amz-cf-id
fyVUbdsE2UQuifi_VpKIhZj1a7L5v-qs4qmnh4N9MhcglPsZ4BPUxA==
expires
Sat, 01 Feb 2025 08:00:51 GMT
20240202_144406jpg-20240202024549.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/20240202_144406jpg-20240202024549.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
e02ea0e6065f2fe880b8219f8a3262768cfa562d22b347e48551326de09e783c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 11:12:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
30593
etag
"9d173afdb97ea98028a30c0c0e1c2668322289eb"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7683
x-amz-cf-id
L7d_1Bgx9RlVZfzSQhNmDKLNHGyGBFTlxiHMh0bwWbLV0OnKoeAFBw==
expires
Sat, 01 Feb 2025 11:12:51 GMT
penampakan-hero-surge-s32-dari-20240202025924.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/penampakan-hero-surge-s32-dari-20240202025924.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
96312839e203fe236e83eb167279b158ac7fe4f7394a5c50545cc1fff6bc57ef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 10:40:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
32513
etag
"82c6215c72b628b5128979e97e30e48574fd41f7"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8520
x-amz-cf-id
JfQ1x2HCsTaTrKSfxQkHAo_IZKVDdKB8LZeYBFiJznTafSZWCl7hhw==
expires
Sat, 01 Feb 2025 10:40:51 GMT
toyota-veloz-di-acara-safe-jakar-20220630072500.jpg
imgx.gridoto.com/crop/62x48:563x381/220x140/photo/2022/06/30/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/62x48:563x381/220x140/photo/2022/06/30/toyota-veloz-di-acara-safe-jakar-20220630072500.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
7fcc447aa5fd412a93c3439e1417d1e9d5e07452bc160fd7073d97fb1172b5c6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 09:36:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
36353
etag
"0e14a161ec44f5ea9688733d4749d0dabb754118"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8419
x-amz-cf-id
XRpiakyF3bNclmMq2G1wpJyCPgbN6orOOnLBmZkE-Ua0jp6vfUXmKg==
expires
Sat, 01 Feb 2025 09:36:51 GMT
screenshot_20240202-154912_galle-20240202035041.jpg
imgx.gridoto.com/crop/17x578:1033x1270/220x140/photo/2024/02/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/17x578:1033x1270/220x140/photo/2024/02/02/screenshot_20240202-154912_galle-20240202035041.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
bb72ac614c7ea0cc352c28e0d2396a56b79908fc5a9b3b9a389f9eea146c7c07

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 09:20:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
37312
etag
"aed2c92d6be2720c4e696f30ab1c1630dc29bee2"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8068
x-amz-cf-id
B33GRX8WVqswyxkVptgm0RDJFGuGVzpkZHEesdteVEP84oz2OASMXw==
expires
Sat, 01 Feb 2025 09:20:51 GMT
asdsadsadadasdasdjpg-20240202120737.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/asdsadsadadasdasdjpg-20240202120737.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
df77a6022174064d2efedf9cd0ab115bab39bca1788a3ed704bfabfae02cfdd4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 09:12:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
37793
etag
"0119feea065963160eec9ff7454768c7cbbfa243"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
12326
x-amz-cf-id
6G-qObrX2DRtnM1X3G_ZYnGgb9qniBNnPx8JrqJvSoj563ZwXiDuvg==
expires
Sat, 01 Feb 2025 09:12:51 GMT
210jpg-20240202012349.jpg
imgx.gridoto.com/crop/0x38:1214x678/220x140/photo/2024/02/02/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x38:1214x678/220x140/photo/2024/02/02/210jpg-20240202012349.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5fafece64f62ecbbd9597cf738b2fd033f6b929c69e9ac4b96272e634e70e1a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:48:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
39231
etag
"eeb04a5f3d2f7863587173b2a9f3fa41fad863a6"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7474
x-amz-cf-id
tczXpI0sdGOpMauU9_vinoemdtVE0zl4llaBaC9qZjkuriAkTblyMQ==
expires
Sat, 01 Feb 2025 08:48:51 GMT
img_2585jpg-20240202031034.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/img_2585jpg-20240202031034.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
01040c5ecf346412aa7fd7ae5a2a3fb6f59f8827a604e90be3258f0f9c924253

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:48:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
39232
etag
"54869af7c8ed46202b5cc0cb4f1cde7899e1134e"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8229
x-amz-cf-id
y3Exwb90nWefTJC_tAeZkEI8Nw7BNpn8JInv0u4iVw7Cj7HmRJ4UsA==
expires
Sat, 01 Feb 2025 08:48:52 GMT
img-20240201-wa0021jpg-20240201102430.jpg
imgx.gridoto.com/crop/48x149:1170x1229/220x140/photo/2024/02/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/48x149:1170x1229/220x140/photo/2024/02/01/img-20240201-wa0021jpg-20240201102430.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
0908706be57b3ce7d6d6a3d0074b24228c3b191fb3a70673e473cdc154bd51e3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:16:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
41154
etag
"8453883af18e28ab8ac84f0ef0455f44c79910da"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7544
x-amz-cf-id
Z7PcSjfRTRz5WN57-_UgRnm9so1cDtS1BWGmMJlQR62eu2367dWgjg==
expires
Sat, 01 Feb 2025 08:16:51 GMT
img-20240129-wa0024jpg-20240202105356.jpg
imgx.gridoto.com/crop/128x178:1408x1138/220x140/photo/2024/02/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/128x178:1408x1138/220x140/photo/2024/02/02/img-20240129-wa0024jpg-20240202105356.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
2198a83adb021e91741237412b01f39e2fb2bd1469523d533b43a760c9ea782f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 07:44:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
43074
etag
"12092e5dfa1f8dd2264a423ec99dc408dc0f1c71"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
11792
x-amz-cf-id
A6GT0vY1-Yj3-_NFT3eAYHnKCoVXCCgx6tKHptCH0GCH2Vofluib-A==
expires
Sat, 01 Feb 2025 07:44:51 GMT
20240202_135741jpg-20240202015821.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/20240202_135741jpg-20240202015821.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
df6db6fa0c9f9b5efae313b4e40fdd431f01f424bb385662d88c92c9f81dcbfb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 07:28:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
44034
etag
"4de8bf61c0a73cf1e0291ca278d46dce77a15377"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8527
x-amz-cf-id
jmiNyM5p8Ryo0nNClI_zMJL5gPJfxEbTWccFjWPmCGp_Gjx62z_b1A==
expires
Sat, 01 Feb 2025 07:28:51 GMT
gtm.js
www.googletagmanager.com/ 		272 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ab8a8ffa9b1809e2315e21cde7a4d07503c8cd2bb18614bfa4b671045760f694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89307
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 18:16:54 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Feb 2024 19:42:45 GMT
illustrationjpg-20240202072604.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/illustrationjpg-20240202072604.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
c009ac686105fb45eb8dbc153d9202f9d0f93a9989140c023d0c46a80f78ffd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 07:12:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
44994
etag
"359ece8651fd1d71c8a6cd4f3bdd9c7bc507d257"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
12187
x-amz-cf-id
t6DGkz6uoPjJMHebuj77k8pkD-e7Ta_bBRq_LxA93grCNegIGT6cUw==
expires
Sat, 01 Feb 2025 07:12:51 GMT
wujud-motor-retro-suzuki-vanvan-20240202113234.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/02/wujud-motor-retro-suzuki-vanvan-20240202113234.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
ed92f7ae86206ee9ffebd000e6fe8b4c88e21e4a723372fa53f0a30c2e98b5bc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 06:40:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
46914
etag
"dd1b77c7ae121c2b1d32f9df6fefbd25bda4aa2a"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
10510
x-amz-cf-id
88nbca_MqLSJRZCB6fNY-dKvrn-8PCTGr2Ued0NsqkoyLRYDHgtpSw==
expires
Sat, 01 Feb 2025 06:40:51 GMT
img-20240202-wa0015jpg-20240202113532.jpg
imgx.gridoto.com/crop/101x106:1381x958/220x140/photo/2024/02/02/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/101x106:1381x958/220x140/photo/2024/02/02/img-20240202-wa0015jpg-20240202113532.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3e6c991ee063c5ae971a76cc9bc46956f860db0db4c98ee1e608f8369c66e871

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 06:25:22 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
47843
etag
"80556a9d0c1b2948ab4ef4c69199cf00392b940e"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7646
x-amz-cf-id
Tw7N_hCMJ36d4u_bl-s15PWvk9o5PVA_1rbtsSNfnMjG4WiPDGMUYQ==
expires
Sat, 01 Feb 2025 06:25:22 GMT
2023_bims_toyota_vios_modellista-20230323023539.jpg
imgx.gridoto.com/crop/15x12:820x519/220x140/photo/2023/03/23/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/15x12:820x519/220x140/photo/2023/03/23/2023_bims_toyota_vios_modellista-20230323023539.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
8f42fb821bad2dde3d26349f3d002bda7e1f80f82c1a670d450b0d8164b768be

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:10:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
106314
etag
"a8afc29c4a9a45f8aa40d63b036f65bd4f6cef93"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9583
x-amz-cf-id
pEX1e2KjKREeANbjRApD97ds-uTrLB-CcGVgbB7Lq2gEGV2BUaL7Jw==
expires
Fri, 31 Jan 2025 14:10:51 GMT
mitsubishi-xpander-hybridjpg-20240201074300.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/mitsubishi-xpander-hybridjpg-20240201074300.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
6b91d521a640e5667eba1a3f4cedd1bbbe506940430922b904ef2fcefcbe88de

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 13:05:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
110213
etag
"8814388ef427015e80cdf99b4243ca6759ad8d62"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7936
x-amz-cf-id
OWnEf1GkjO82lQvoMhRxP_zrR8HtWEW1eB_OhAguJKBUpAYyUwmpqQ==
expires
Fri, 31 Jan 2025 13:05:52 GMT
sipander-hevjpg-20240201075954.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/sipander-hevjpg-20240201075954.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
a5364650aa0cb2cec4c886f100ea126443dd9607331170855f230f610c24bbda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:09:10 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
102815
etag
"3b1bedb9bf66d8e38165147e6f2eb420ad3a0891"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
12332
x-amz-cf-id
YUixr23jLKzngUmkFCOefXOsbCb9lQo9h7DE51p_AMm89Dv3hpnMTg==
expires
Fri, 31 Jan 2025 15:09:10 GMT
m404514jpg-20240201060033.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/m404514jpg-20240201060033.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
7dde5327a6649b85728a53d294060fbb17dcf9f4b2f8d3b0bd7ec7f97a14e789

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 12:45:11 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
111454
etag
"13f53e903edeb6b621b5ab0a8b1bcff8ae6908a0"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
6999
x-amz-cf-id
6Brkr5a_UX4wnsGbQw8YnFCtJ-LaWZV9hoc2feNYYRjVEPnwvOBrwA==
expires
Fri, 31 Jan 2025 12:45:11 GMT
hz-auto-detailing-bekasi-3jpe-20231114082804.jpeg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2023/11/14/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2023/11/14/hz-auto-detailing-bekasi-3jpe-20231114082804.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
74b7579d2d0e26467f4ba1b71e3cb9aec713db49ac6d7b74e1220dfbbeb32493

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:12:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
102593
etag
"20fbbeccf114dfcd674edae5cf585d7a1e35738f"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
8168
x-amz-cf-id
--OclZDxsbZlSpnEHWvdWWtpS_b4gxmoFxDvIehZsatuG5rLlzZI9Q==
expires
Fri, 31 Jan 2025 15:12:51 GMT
img_6134jpeg-20240201031655.jpeg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/img_6134jpeg-20240201031655.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
a0fc50e45d9a5fd4f6de5434f6997f30d240f83bf815088a68beeb843f0b8c8e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 13:21:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
109253
etag
"4ccc5142152ec63b3638f74b9205f88e8d6de45a"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9778
x-amz-cf-id
sjB6J_SxKiq4Ne2qZ83o9n6xQ6RYrjuNIDKUDpwpGJkdeuv4iDza9A==
expires
Fri, 31 Jan 2025 13:21:51 GMT
otomotifnet.png
imgx.gridoto.com/file/2017/gridoto/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/otomotifnet.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
75d0c20052bd374a2a5550ab475b4b1589ccd78dc2120de4ff9b91b1d586941d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:34:31 GMT
x-amz-version-id
null
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Mon, 04 Mar 2019 09:50:34 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
17838494
etag
"a5967c35e51270422283c93e300b2df6"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4769
x-amz-cf-id
vNojM0218t_JXckrlI8YedtZpa4x8lHSRpjAGdOVe6y2fD2VC0MgKQ==
expires
Wed, 10 Jul 2024 08:34:31 GMT
otomania.png
imgx.gridoto.com/file/2017/gridoto/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/otomania.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
37487478b24c2cb75eb8affb037fbc2666d8fd8e1e49f584de85a039cf879819

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 08:42:12 GMT
x-amz-version-id
null
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Mon, 04 Mar 2019 09:44:34 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
16887634
etag
"b4b1f1040f5ecbd47a7cf93bc92b6ed4"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1819
x-amz-cf-id
ghZGhpRuYc3guFH5bZMEGONptKq85JQX7hXmQ4My-cH-rerqc7C0Og==
expires
Sun, 21 Jul 2024 08:42:12 GMT
logo-otoseken-id-min.png
imgx.gridoto.com/file/2017/gridoto/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/logo-otoseken-id-min.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
67c150bf7bcd5bf240b59644501b4490d21426a3416e5d39a598e0535b488b2b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 00:40:53 GMT
x-amz-version-id
null
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Mon, 04 Mar 2019 09:41:53 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
7066913
etag
"a5c0023bd770d3510e7f23447fbd2b89"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3709
x-amz-cf-id
2QYAPPrkHwWk0iu5s-uib_RH2-ipOCFb57v9BYsmTe1mS3T-0XpSxg==
expires
Tue, 12 Nov 2024 00:40:53 GMT
800434905.jpg
imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2020/05/18/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2020/05/18/800434905.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3fb7debdf3bb090673141e7d7b81f9119cd258e26b8a6afc36694eea1d0a84da

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 12:04:48 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
459478
etag
"85c53c31d6d8bc49932624ebe006b280dbb3b8cb"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
3970
x-amz-cf-id
ALkh9NH5DLJoJ-H88ECwVK8irbF5nCEKIESE_odsAQbGl5iXSkyg7g==
expires
Mon, 27 Jan 2025 12:04:48 GMT
4270714128.jpg
imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2022/09/29/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2022/09/29/4270714128.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
43812577c59ff0ba14d12d41fc67ff3fa504b34eb46d0b064243cd2769352b53

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 12:04:47 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
459479
etag
"3a4b643e53ccea518da22d91f287782f62d15e59"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
5011
x-amz-cf-id
feFVrvnqpe-eBxovH3gYm7Lo12rWbwL1oYSd_aKJJG5qAbFwPFp9ww==
expires
Mon, 27 Jan 2025 12:04:47 GMT
3150742178.jpg
imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2023/01/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2023/01/03/3150742178.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
f56626feef118edb73b33c150593c0cf4b5a1a3448bbd1bc426866c524a99e09

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 09:43:54 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
295132
etag
"80a3642d4f675f4e84aa4e423199aeb894b6ffd7"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
3068
x-amz-cf-id
R1v4jD-8eXphV0ZC67IO5Sb17uUOoDgWmCJCobyaqQs8KkHJI8_J3Q==
expires
Wed, 29 Jan 2025 09:43:54 GMT
verify.png
imgx.gridoto.com/file/2017/gridoto/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/verify.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5d6a1b09de90d6f0c4d6f4350ad72e0a9426bfc7c812ce986e19407d43fa2602

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:37:18 GMT
x-amz-version-id
fsfknOYKgTqUAHC8QcRWbQ4sYxTXaefd
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
17838328
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9301
last-modified
Tue, 11 Apr 2023 04:33:25 GMT
server
nginx
etag
"32d9725eafac5b2fa68b526060439976"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6jcHNYUQ_LcwdaBI7tC_qIz8-eizTTEJn34QNkDHFYHV6niDQnd_KQ==
expires
Wed, 10 Jul 2024 08:37:18 GMT
gridoto-desktop.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/gridoto-desktop.min.js?v=E1OgULmy
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
d7977ba839b64b777deb2875bbdbf3736070d49241be7c9ecbcddaf9739059f9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:19:30 GMT
x-amz-version-id
i2b9JqVHFaA8w6gLzwQQjQl96.4DHVHo
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 09:50:04 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
336195
etag
"7ad3a80af85d560b5939e3f252f097fd"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2864
x-amz-cf-id
Z-7ega7ucl8K6Ecn_AU0bdXoA5fffqQQdx9WPyefNwTqKBTOm_DUdg==
expires
Tue, 28 Jan 2025 22:19:30 GMT
slick.gz.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/slick.gz.min.js?v=eiCSaO4n
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
59d38599195139ad88a9e09a3c6b37b83ab9ca400805da08dc93d62fe2025d8d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:56:06 GMT
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-version-id
angm1puHLtfm9f0GvuoTglTDmccgPZNG
x-amz-cf-pop
MRS52-C1
age
1201600
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9945
last-modified
Tue, 13 Jun 2023 04:32:51 GMT
server
nginx
etag
"1afe59b9bf2e633727ad2e4d0982b309"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IqYhPsGF3vwE2CWOtEuIocBAuOUJtnm-OymPrT74JIk8NvsnkUy5nw==
expires
Sat, 18 Jan 2025 21:56:06 GMT
lozad.gz.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/lozad.gz.min.js?v=eVEsW0gZ
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
019896fcd906b732c768016a7ce3695b56b8ad077b709d9cd8925e8444b4e92d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 18:58:24 GMT
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-version-id
grUeitXqk_jYlVi4MgyTcQSHsTUni17P
x-amz-cf-pop
MRS52-C1
age
434655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1160
last-modified
Tue, 13 Jun 2023 08:09:51 GMT
server
nginx
etag
"b3ff703d70c2b262cce5f6b299431316"
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
np5cLjQfv4oQBTST_RcCq1D-vTvEoFVfzSpPqAccCuhOjpBFVBulQA==
expires
Mon, 27 Jan 2025 18:58:24 GMT
general-v1.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/general-v1.min.js?v=UgNEz0AO
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
1a64924ad6dafb421bd25430fccf14720ca013cc9e3142517bb51b1367e2d53a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:32:31 GMT
x-amz-version-id
kRHtSgshHv6A3fhGMHKgXh3mC8dF8l5i
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Mon, 05 Apr 2021 09:50:04 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
339015
etag
"4921df445246e402fafd3746d3125701"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1112
x-amz-cf-id
5mYRR-LfLmPOgAQb5EB-hdxZyxJAjIIojZkXg-iGBBM45IWaoM5vqg==
expires
Tue, 28 Jan 2025 21:32:31 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.5.6/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-app.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12419
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:36:45 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.6/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.6/firebase-messaging.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10096
x-xss-protection
0
last-modified
Thu, 25 Oct 2018 20:51:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:41:35 GMT
grid.js
asset.kompas.com/kgnotif/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.kompas.com/kgnotif/grid.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-46.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
eef2525c2fdb145070cc666174212f34c138606674ae23e4a7d035a88282a048

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 14:10:10 GMT
x-amz-version-id
W2CwcLzOL_OJd6Yw3VB97tj0aeunI7Cu
content-encoding
gzip
via
1.1 04c6517ef1a7f980b7117fb82ad4cd18.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
19114349
x-cache
Hit from cloudfront
last-modified
Thu, 17 Dec 2020 08:09:15 GMT
server
nginx
etag
W/"e920a7927585b8b2b81444732670719e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
DbRdZD9oQTISukM34qSvrkOqQgUVrOW2K5Avsg3yCxbfOMV9BAQa8Q==
expires
Tue, 25 Jun 2024 14:10:10 GMT
sso_g_signin_v5.min.js.gz
imgx.gridoto.com/file/2017/gridoto/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/sso_g_signin_v5.min.js.gz?v=yI3pUisw
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
079631c1fe46563971edbb7b9955f112b5f9a699f0131fb9ca37a5201b44dee6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:23:31 GMT
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-version-id
bvC_YJ7s3kCQ8m18WiUQbGeZtGGlwPFk
x-amz-cf-pop
MRS52-C1
age
847155
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4586
last-modified
Mon, 04 Sep 2023 03:49:04 GMT
server
nginx
etag
"57fca83e08efd0d6e3fff975ac137b52"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DfshyqG_9gVM4n-u4_da7cqt7BP4X5ffpi8LwLW-aG5pNWv53qk-aA==
expires
Thu, 23 Jan 2025 00:23:31 GMT
sso_js_extender_v2.min.js.gz
imgx.gridoto.com/file/2017/gridoto/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/sso_js_extender_v2.min.js.gz?v=hLtDBCxi
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5e212f9be2fcc03a0553b54beb6816b8b900357923b1c62a5f2cddf805671d93

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:56:11 GMT
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-version-id
wKRc.XJy7CWsG9VAoX0NhD1dwSvFXp_s
x-amz-cf-pop
MRS52-C1
age
1201595
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2116
last-modified
Mon, 04 Sep 2023 03:48:27 GMT
server
nginx
etag
"237918923b79f7722f104d92d811f3a0"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
SfRIhoa85vPXF7_Jhq5xutS7nwSxvWn3gJivDj5Ilux_yOmDpcZLtQ==
expires
Sat, 18 Jan 2025 21:56:11 GMT
sso_personalisasi_nk.min.js.gz
imgx.gridoto.com/file/2017/gridoto/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/sso_personalisasi_nk.min.js.gz?v=nGRz7pks
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
cf7fa00b9e1d696bce006b3a599f03086f44987c6b19b4dda8063c69a403df25

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 21:31:51 GMT
content-encoding
gzip
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-version-id
t8pkHNm5QQJ1i3TXTCIa_X08gG44WNqP
x-amz-cf-pop
MRS52-C1
age
339055
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3480
last-modified
Thu, 07 Sep 2023 06:39:10 GMT
server
nginx
etag
"ec32357c8104a275761baf0d39fcb997"
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
08ZERMdx9uaIrGBZTPGDRtskRwTMPsGTo1ASuT0OAjx-giIa_wOAdw==
expires
Tue, 28 Jan 2025 21:31:51 GMT
additional-v2.min.js
imgx.gridoto.com/file/2017/gridoto/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgx.gridoto.com/file/2017/gridoto/js/additional-v2.min.js?v=iITr0OJ4
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
790ed97f913e3a42a6fc482cd444ccbdeff27af8f36a52f52f939e8ad08d9f14

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 19:06:54 GMT
x-amz-version-id
kI7NDSn47OAYmcjT9eqIaLEvBg.oT2ST
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 06:16:37 GMT
server
nginx
x-amz-cf-pop
MRS52-C1
age
1298152
etag
"3113349f9ed57ae045be1070dd2a450e"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1121
x-amz-cf-id
gzdpFWe4pW_Q8gH-XrXTJQY5JYiwVkCUauygkbZRNSOhzF_xNr109g==
expires
Fri, 17 Jan 2025 19:06:54 GMT
sdk-cookie-consent-v2.js
assets.kompas.com/data/2023/sso/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kompas.com/data/2023/sso/js/sdk-cookie-consent-v2.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-46.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
b956b883772b6d0f0ac383019e723ff95acdf5d63efc324a9bf2409095656d85

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 07:43:12 GMT
x-amz-version-id
wLDaYOludoVDKSGOfxdZFUV91ONTbOOX
content-encoding
gzip
via
1.1 04c6517ef1a7f980b7117fb82ad4cd18.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
2203174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 Jan 2024 05:04:52 GMT
server
nginx
etag
W/"f32472146777a22142585aa663ddb841"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
JLnXD5V5DShV-Hx-zZyEXTQLfgnrcE38cT0iU9Tuhk7F56kU2KvlIQ==
expires
Tue, 07 Jan 2025 07:43:12 GMT
css2
fonts.googleapis.com/ 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: imgx.gridoto.com
URL: https://imgx.gridoto.com/file/2017/gridoto/css/kgm-popup-light-v2.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://imgx.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 19:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:50:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 19:42:39 GMT
pushdowndeskinternalbackup.html
ads.grid.id/DESKTOP/gridotoasset/ Frame CB2C 		722 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.grid.id/DESKTOP/gridotoasset/pushdowndeskinternalbackup.html
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-85.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
221be6fcf0feedd4fdaccd604ba0fbb8896a7a22bd5ec7940e2c973b35286e3f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 02 Feb 2024 19:42:41 GMT
etag
W/"63182230-2d2"
last-modified
Wed, 07 Sep 2022 04:46:40 GMT
server
nginx
vary
Accept-Encoding
via
1.1 3023dc8a8cfbe8a17b250881da2ad446.cloudfront.net (CloudFront)
x-amz-cf-id
p9xAvXSmbGOtpKipyBLuXrJ45aOPhdoCWMXwC5-F8p6OqjDf38dn6A==
x-amz-cf-pop
MRS52-C2
x-cache
Miss from cloudfront
x-robots-tag
index, follow
x-xss-protection
1; mode=block
truncated
/ 		455 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1824ef0b5074e0d055c51de0db27684daca92d5077225951e277e1ea7bf5bf8f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,700|Poppins:400,500,600|Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gridoto.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 16:59:19 GMT
x-content-type-options
nosniff
age
182601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 16:59:19 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,700|Poppins:400,500,600|Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gridoto.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:24:57 GMT
x-content-type-options
nosniff
age
181063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 17:24:57 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,700|Poppins:400,500,600|Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gridoto.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:27:57 GMT
x-content-type-options
nosniff
age
180883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 17:27:57 GMT
KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
fonts.gstatic.com/s/asap/v30/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/asap/v30/KFO9CniXp96a4Tc2DaTeuDAoKsE615hJW34.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,700|Poppins:400,500,600|Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
b1128adb79c7208d410630c04fe6e8ac8886aeb778aafb3f4195fe735acc1d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gridoto.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 16:55:13 GMT
x-content-type-options
nosniff
age
182847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42616
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 20:38:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 16:55:13 GMT
brand.png
imgx.gridoto.com/file/2017/gridoto/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/brand.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
ef18eb1587d67f59a495697d71792aef77eeebcc345ee818d6b37e188ed55dac

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:34:31 GMT
x-amz-version-id
null
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
17838489
x-cache
Hit from cloudfront
content-length
3651
last-modified
Fri, 16 Nov 2018 10:09:30 GMT
server
nginx
etag
"7a1b9d7ee4102ac92a622085886f5ffa"
content-type
image/png
x-amz-meta-s3fox-filesize
3651
cache-control
max-age=31536000
x-amz-meta-s3fox-modifiedtime
1542362901000
accept-ranges
bytes
x-amz-cf-id
ScNgEdl8Tni_DWj3ui9qcAsKD71r_B5oENPGXfnEPRiY5TeZ0HHJUQ==
expires
Wed, 10 Jul 2024 08:34:31 GMT
harga-cruiser-kawasaki-vulcan-s-20240201035900.jpg
imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/220x140/photo/2024/02/01/harga-cruiser-kawasaki-vulcan-s-20240201035900.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5d7c4c050fdcfdc0319954fe8f2a09365d1ddee7932fdba5c94c99ea99639924

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 10:08:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
34435
etag
"5ccafe83b5e4df8e9dac600d9ed2d5d365932f2a"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
7014
x-amz-cf-id
-HO4ojbZlFm1kett0y2UUz5IDfSg3gljC3gkMl58B6wkGnyGHzDZcA==
expires
Sat, 01 Feb 2025 10:08:51 GMT
whatsapp-image-2024-02-02-at-14-20240202024622.jpeg
imgx.gridoto.com/crop/50x99:1424x851/220x140/photo/2024/02/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/50x99:1424x851/220x140/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202024622.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
954b13d80b451386e8dd32e422c50d37aa2e5867ce7566a8f9fe652e47548ac2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:00:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
42116
etag
"aa9f105aa5ce65de8a1021ee47c65541e671855d"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
9884
x-amz-cf-id
tiNZjhi2LSIe-TghncSPuFzB9ulkWemx-ofWqbSkZ8rPhwWihk-6wA==
expires
Sat, 01 Feb 2025 08:00:51 GMT
800434905.jpg
imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2020/05/18/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2020/05/18/800434905.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
3fb7debdf3bb090673141e7d7b81f9119cd258e26b8a6afc36694eea1d0a84da

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 12:04:48 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
459479
etag
"85c53c31d6d8bc49932624ebe006b280dbb3b8cb"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
3970
x-amz-cf-id
-EJCUFv5DKzefOEtB_s0HYCUFbygI1zoqsivSgKtSxICVsfHU_LFNQ==
expires
Mon, 27 Jan 2025 12:04:48 GMT
4270714128.jpg
imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2022/09/29/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/120x120/photo/2022/09/29/4270714128.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
43812577c59ff0ba14d12d41fc67ff3fa504b34eb46d0b064243cd2769352b53

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 12:04:47 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
459480
etag
"3a4b643e53ccea518da22d91f287782f62d15e59"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
5011
x-amz-cf-id
fGzsXnyGqsEQ0_RRciOm2ltTGkOls8gyMpasE0oL1nTbFOOMmaCcfA==
expires
Mon, 27 Jan 2025 12:04:47 GMT
710019876.jpg
imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2020/09/28/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2020/09/28/710019876.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
39d1aa27ac537234e6cca6a8391048fe49d5f6da794d00b92cee4412b77d802b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:07:17 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
12930
etag
"0c67cca9d7439c211a0d81e965f2994422d93f23"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2641
x-amz-cf-id
4u1NvVekBI1_-FXCcTy_eXNfnyrnA8xPLulsz3-_TLpn4sGd5Z-dHg==
expires
Sat, 01 Feb 2025 16:07:17 GMT
listrikjpeg-20231205060506.jpeg
imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2023/12/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2023/12/05/listrikjpeg-20231205060506.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
b76eebf57b8661717f074da7dc163453dd7da77e438d86597967423b076603c9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:12:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
16195
etag
"99216e35515bdc23163ccf93b4333f6bb5fa5005"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
3601
x-amz-cf-id
E9MhL_wN15EeUeOfUFtPr6ZGCA7Ik8__TUV5kKwTGTKj6MqHP8tFkw==
expires
Sat, 01 Feb 2025 15:12:52 GMT
2934131948jpeg-20220713042411.jpeg
imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2022/07/13/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2022/07/13/2934131948jpeg-20220713042411.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
0440aa3379ad312e26e9a66d6ce6cce7b199537e29f4996ffc7ef852553c7ed3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 09:12:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
37795
etag
"1e2ed757c1680c9a4c0ffc69aa6af292adb49c30"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
2576
x-amz-cf-id
ruj_teCCSjKlqi7SCSuq8-IMjbwW-dU9LIkg275KufKkk_Wu5QaByw==
expires
Sat, 01 Feb 2025 09:12:52 GMT
nikahan9hjpg-20210726103726jpg-20220328015709.jpg
imgx.gridoto.com/crop/85x216:501x439/130x82/photo/2022/03/28/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/85x216:501x439/130x82/photo/2022/03/28/nikahan9hjpg-20210726103726jpg-20220328015709.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
91f843b9eaf44456e505b51215d694964867dc0aa59e3b5545efb80e752d4032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 09:12:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
37795
etag
"3e2559dbf24bbdd117a1441ec3a569bc6d9f678d"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
3578
x-amz-cf-id
t9bZzGnJ1DbX0-UBl0yIscYFXm47DYeeYCufI4uwNXTecj9rP4nZkw==
expires
Sat, 01 Feb 2025 09:12:52 GMT
3156071094.jpg
imgx.gridoto.com/crop/0x0:0x0/130x82/photo/gridoto/2017/11/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/130x82/photo/gridoto/2017/11/06/3156071094.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
948ada99051f251d3aaf277f01eb9d04b7a873572e117145c5ef710b28f8573b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:48:52 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
39235
etag
"34549f6d5caf59ef3bbe9b1cec1e7639885e2a34"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
3597
x-amz-cf-id
6LfgW6GTFQSkIL8nbp86PJUnSTs07UpoAzShikk0CEutjIwQzSweMQ==
expires
Sat, 01 Feb 2025 08:48:52 GMT
1764930634.jpeg
imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2020/06/03/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/130x82/photo/2020/06/03/1764930634.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
59da79aae3797c8022aa6dd0f4ab33d5b10c171d6af6cc43eed1bd776f88f0b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 07:28:51 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
44036
etag
"156f6955565babc531dc6d06fd8bf4cdab3b90d8"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
4416
x-amz-cf-id
I7pzmPZVRu3OGqa32s1-Va2KWqdc7k4wZmroRcWrsFfTE8hgkx-F3w==
expires
Sat, 01 Feb 2025 07:28:51 GMT
event-tracker
tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/event-tracker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.237.84 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-237-84.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gridoto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.gridoto.com
allow
OPTIONS, POST
date
Fri, 02 Feb 2024 19:42:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event-tracker
tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/event-tracker
Requested by
Host: kgdata-cdn.s3.ap-southeast-1.amazonaws.com
URL: https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/gridoto/oval_web_analytics_latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.237.84 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-237-84.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
f700ceccd155271f555f6594aa9f804e5308b426f9fd133948697653217a76d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.gridoto.com
date
Fri, 02 Feb 2024 19:42:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
1137
vary
Origin
content-type
application/json; charset=UTF-8
AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--ZwUyObbKl57--W6Znv7TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--ZwUyObbKl57--W6Znv7TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw05BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcGzs_rqWTWBB08I-JgDnCCIc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.gridoto.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWSO7XuErQAYsRP94y7nh66oS8tnUyNgvrJcTqXRu2SDGZeush7J58ptPgLgz4Dq82Xqgzw0qqDtoFfwEgiYHt7zWSbuCEPhQnZOOm30e-eNvKJPSFhedqmoTRZ-OSH8klYNB8ZxA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWSO7XuErQAYsRP94y7nh66oS8tnUyNgvrJcTqXRu2SDGZeush7J58ptPgLgz4Dq82Xqgzw0qqDtoFfwEgiYHt7zWSbuCEPhQnZOOm30e-eNvKJPSFhedqmoTRZ-OSH8klYNB8ZxA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTAyOTYxLDcyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5ncmlkb3RvLmNvbS8iLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJ6aC1DTiJdLFs3LCIzIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
fd51de5f39d5745037dae822cc9d6f205eff381c202814fc25edb3f41d79e1eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1c7k3p9FaaGHNm0TE3EyWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-1c7k3p9FaaGHNm0TE3EyWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh2N799e1bAILJl5czAwA23VZfQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
139dfee3-1adb-4011-841e-4ace5413dfa4
tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/user-segments/ 		122 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/user-segments/139dfee3-1adb-4011-841e-4ace5413dfa4
Requested by
Host: kgdata-cdn.s3.ap-southeast-1.amazonaws.com
URL: https://kgdata-cdn.s3.ap-southeast-1.amazonaws.com/tracker/p/gridoto/oval_web_analytics_latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.237.84 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-237-84.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a68fcd3f2b8a0babdd32d798a5af06f37f8ee88605a972c08c9ccbd4312896c9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://www.gridoto.com
date
Fri, 02 Feb 2024 19:42:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
122
vary
Origin
content-type
application/json; charset=UTF-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/ 		435 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
14642
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139509
x-xss-protection
0
server
cafe
etag
15006055029041311047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 01 Feb 2025 15:38:45 GMT
user
apis.kompas.com/api/activity/ 		88 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.kompas.com/api/activity/user
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
nginx / PHP/7.3.28
Resource Hash
78ff6466224df98524cf6c8d784347189585d19fa1f9606a8ab8313617e6dc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:42 GMT
via
1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
MRS52-P1
x-powered-by
PHP/7.3.28
x-cache
Miss from cloudfront
mail-subject
Join_via_header
we-hiring
jobs@kompas.com
content-length
88
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, X-Requested-With
x-amz-cf-id
23o1CUaXB9ETiXMVa7aTdfKv1tgv0C9H55wM99YOK_VKdMxuURrBvQ==
expires
-1
brand.png
imgx.gridoto.com/file/2017/gridoto/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/file/2017/gridoto/img/brand.png
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
ef18eb1587d67f59a495697d71792aef77eeebcc345ee818d6b37e188ed55dac

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 08:34:31 GMT
x-amz-version-id
null
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-C1
age
17838497
x-cache
Hit from cloudfront
content-length
3651
last-modified
Fri, 16 Nov 2018 10:09:30 GMT
server
nginx
etag
"7a1b9d7ee4102ac92a622085886f5ffa"
content-type
image/png
x-amz-meta-s3fox-filesize
3651
cache-control
max-age=31536000
x-amz-meta-s3fox-modifiedtime
1542362901000
accept-ranges
bytes
x-amz-cf-id
ips9U2RYTXCsIjeSmarCaQmK3BHsuVzDKPJ3AZGyEXez803c-sHogA==
expires
Wed, 10 Jul 2024 08:34:31 GMT
3945973233.jpg
imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2019/12/30/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2019/12/30/3945973233.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
2e9b8575a4b5c0f85e46b34d9a650ebfa3204cca3f398c0a45ecd53d0f0f9274

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:29 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9678
etag
"3156b98e1f07f670ffea6c097b41f0441e4853c2"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
65110
x-amz-cf-id
P7JdGajj7V0Cqg9VFaxQTuuebCpToWrH32G2wWKPxTPUAav3ub1RNg==
expires
Sat, 01 Feb 2025 17:01:29 GMT
640x600-2.png
ads.grid.id/DESKTOP/gridotoasset/ Frame CB2C 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.grid.id/DESKTOP/gridotoasset/640x600-2.png
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/DESKTOP/gridotoasset/pushdowndeskinternalbackup.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-85.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
5b3d817aca7b645eb9d4563a24aa147740ef279bf2f2b0986564fccf35c41061
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.grid.id/DESKTOP/gridotoasset/pushdowndeskinternalbackup.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:41 GMT
via
1.1 3023dc8a8cfbe8a17b250881da2ad446.cloudfront.net (CloudFront)
last-modified
Wed, 07 Sep 2022 04:46:40 GMT
server
nginx
x-amz-cf-pop
MRS52-C2
etag
"63182230-24180"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-robots-tag
index, follow
x-amz-cf-id
mFTXNzajWooQuuxLufSNwhGq7YVj9MWzZnh6sJrwv4ZbezTGE7jdRQ==
content-length
147840
x-xss-protection
1; mode=block
expires
Fri, 09 Feb 2024 19:42:41 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240203
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Feb 2024 19:42:43 GMT
x-content-type-options
nosniff
content-encoding
br
age
13310
x-jsd-version
1.0.1954
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
925
x-served-by
cache-fra-eddf8230103-FRA, cache-qpg1258-QPG
x-jsd-version-type
version
etag
W/"63e-zKye8DGOlI++j9Gh5MFhkVbcuaw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bid-request
a.teads.tv/hb/ 		414 B
876 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b61725beabdf0afb9ca455f4757609d8f8536b307c948aacedcb1b1354ef80b

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
303
expires
Fri, 02 Feb 2024 19:42:43 GMT
v1
prg8.smartadserver.com/prebid/ 		878 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
58b250e8d3c2bcf65704cc7552196205b36940d11cb2335fdc0653fa3b48452a

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:42 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
0b2e405022468a100cf76962723d696e3c0d93e67f0e54efda5dbe778d6c85c3

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:42 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
1fc937d407a80bc9876ef28260a615bb1ee5e394afd2e0ad2fca309535995b2f

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:42 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		998 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
c253109c5e48ae6d2bd62028932e1b2b7fd72a16967d3ba084da90fcd0f74ffe

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:42 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
34f410da3a00092949f20a2e802b6a40aa9761953a121df4701a517eafc96ca8

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/ 		0
337 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:42 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=450357
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8172ce5d108e0d250163488dac0ff7daa64dfd641a16b1b606170803684a109a

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1VMsWwLIbmQCwduLqDhE0%2F9hX8Zgz%2BaJR2xQ9fFVY5OfzhZN2XgaMAbqyMxLq1CJBgxP3eK4UxcX7whbLIROj2WXvnDvMYDEGcoVGbHI02YKwKRB9yI8zKiMNm9eGDqhBVBfzbq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84f4eb3e4de43fec-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
674 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=450357
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8172ce5d108e0d250163488dac0ff7daa64dfd641a16b1b606170803684a109a

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPrT%2BvXyfNC5FQFB94hwLaLjQWEWR6skkKTfUvNgC3ILnKMqj57kFa1VJXb11r5RR3XDyktCcHr4ZC2cWwyzzgpKkKFutu%2BWO2wGqVEXj%2BVEyy%2B63Bd6qZYxIsb%2F26N%2FsKifdQFy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84f4eb3e4de63fec-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e02f9ab3e3d3ba339a3551a90fd56574c48f127acfde5453d5bd76e9b92e1ace

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
df6c6ac209cad1173a9eec675425c475ec0d6ca5ce2669e2808d6ac273549f1c

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:42 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
tlx.3lift.com/header/ 		19 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.23.0&referrer=https%3A%2F%2Fwww.gridoto.com%2F&tmax=2000
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.151.166.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-166-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
29, 29, 29
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		354 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434072&zone_id=2484280&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.gridoto.com%2F&kw=beritaotomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobilbekas%2Ctipsotomotif%2Cmodifikasimobil%2Ckomunitasotomotif%2CHargaMobilBekas%2Chargamotorbekas%2Chargapartsfastmoving%2Cmotorbekas%2Cmodifikasimesin%2Cmobilbaru%2Cmotorbaru%2Cmobillistrik%2Cserviscvt&tg_i.domain=gridoto.com&tg_i.page=https%3A%2F%2Fwww.gridoto.com%2F&tg_i.pbadslot=1000049-wY6jBOAiVO&tk_flint=pbjs_lite_v8.23.0&x_source.tid=4507fcea-d0a5-4163-a2e3-f52cc3114983&l_pb_bid_id=537b9f4a8cbdfdd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b0c42ce6-762e-492f-8797-a80ac910e6fa&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=1000049-wY6jBOAiVO&slots=1&rand=0.9775602865260251
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a6ed2efcbec6a678e202597504af620372e2daa474491ba07481a5afe6fc92bb

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
354
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		332 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434072&zone_id=2484282&size_id=15&rf=https%3A%2F%2Fwww.gridoto.com%2F&kw=beritaotomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobilbekas%2Ctipsotomotif%2Cmodifikasimobil%2Ckomunitasotomotif%2CHargaMobilBekas%2Chargamotorbekas%2Chargapartsfastmoving%2Cmotorbekas%2Cmodifikasimesin%2Cmobilbaru%2Cmotorbaru%2Cmobillistrik%2Cserviscvt&tg_i.domain=gridoto.com&tg_i.page=https%3A%2F%2Fwww.gridoto.com%2F&tg_i.pbadslot=1000049-WERIR7ZbUQ&tk_flint=pbjs_lite_v8.23.0&x_source.tid=4507fcea-d0a5-4163-a2e3-f52cc3114983&l_pb_bid_id=5462fd51a06d8b7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=12bbffd1-6267-41a9-bfbe-3fb90aeb328d&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=1000049-WERIR7ZbUQ&slots=1&rand=0.8989195706185165
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd0227b00004613a927308d7f226e78753fef52c41e5b472f2254a4076ace73e

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
332
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		332 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434072&zone_id=2484282&size_id=15&rf=https%3A%2F%2Fwww.gridoto.com%2F&kw=beritaotomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobilbekas%2Ctipsotomotif%2Cmodifikasimobil%2Ckomunitasotomotif%2CHargaMobilBekas%2Chargamotorbekas%2Chargapartsfastmoving%2Cmotorbekas%2Cmodifikasimesin%2Cmobilbaru%2Cmotorbaru%2Cmobillistrik%2Cserviscvt&tg_i.domain=gridoto.com&tg_i.page=https%3A%2F%2Fwww.gridoto.com%2F&tg_i.pbadslot=1000049-WERIR7ZbUQ&tk_flint=pbjs_lite_v8.23.0&x_source.tid=4507fcea-d0a5-4163-a2e3-f52cc3114983&l_pb_bid_id=55c76b67bc12e07&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=12bbffd1-6267-41a9-bfbe-3fb90aeb328d&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=1000049-WERIR7ZbUQ&slots=1&rand=0.35854652877476134
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71e4192ca604daca238b4a0c6523b3ae613ed8820697eda1667c8e123c07b601

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
332
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		332 B
839 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434072&zone_id=2484284&size_id=10&rf=https%3A%2F%2Fwww.gridoto.com%2F&kw=beritaotomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobilbekas%2Ctipsotomotif%2Cmodifikasimobil%2Ckomunitasotomotif%2CHargaMobilBekas%2Chargamotorbekas%2Chargapartsfastmoving%2Cmotorbekas%2Cmodifikasimesin%2Cmobilbaru%2Cmotorbaru%2Cmobillistrik%2Cserviscvt&tg_i.domain=gridoto.com&tg_i.page=https%3A%2F%2Fwww.gridoto.com%2F&tg_i.pbadslot=1000049-GXPQIB41DN&tk_flint=pbjs_lite_v8.23.0&x_source.tid=4507fcea-d0a5-4163-a2e3-f52cc3114983&l_pb_bid_id=56bf0dc4353741a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d1ad9edd-1b5c-4a18-89a7-6f2d49f37ec5&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=1000049-GXPQIB41DN&slots=1&rand=0.5681547134389282
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
03c030ba67e8c18d496a7c97e8262fa929d599deda978778da63ce8859c15900

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
332
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434072&zone_id=2484286&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.gridoto.com%2F&kw=beritaotomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobilbekas%2Ctipsotomotif%2Cmodifikasimobil%2Ckomunitasotomotif%2CHargaMobilBekas%2Chargamotorbekas%2Chargapartsfastmoving%2Cmotorbekas%2Cmodifikasimesin%2Cmobilbaru%2Cmotorbaru%2Cmobillistrik%2Cserviscvt&tg_i.domain=gridoto.com&tg_i.page=https%3A%2F%2Fwww.gridoto.com%2F&tg_i.pbadslot=1000216-syyNZsqOeh&tk_flint=pbjs_lite_v8.23.0&x_source.tid=4507fcea-d0a5-4163-a2e3-f52cc3114983&l_pb_bid_id=5731a952939f9a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e3657cc0-e7d0-48ce-a709-9d2344b68d0d&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=1000216-syyNZsqOeh&slots=1&rand=0.847238310787102
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
713a99c48e02b90834b7fba522bfce3249e8dbf7c719b9daa10ef98bf0fd33e9

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		350 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11834&site_id=434072&zone_id=2484288&size_id=9&alt_size_ids=8&rf=https%3A%2F%2Fwww.gridoto.com%2F&kw=beritaotomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobilbekas%2Ctipsotomotif%2Cmodifikasimobil%2Ckomunitasotomotif%2CHargaMobilBekas%2Chargamotorbekas%2Chargapartsfastmoving%2Cmotorbekas%2Cmodifikasimesin%2Cmobilbaru%2Cmotorbaru%2Cmobillistrik%2Cserviscvt&tg_i.domain=gridoto.com&tg_i.page=https%3A%2F%2Fwww.gridoto.com%2F&tg_i.pbadslot=1000216-Wau5EuoqBf&tk_flint=pbjs_lite_v8.23.0&x_source.tid=4507fcea-d0a5-4163-a2e3-f52cc3114983&l_pb_bid_id=58a44d6855d3735&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7f7b9ba2-14f0-4a97-9824-a9060172213d&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=1000216-Wau5EuoqBf&slots=1&rand=0.899203143846562
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9b66ad685b5dc7f12fdefbf70d6e5cf26a30f3626f75a621491c2addfb0a371e

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
350
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.gridoto.com
date
Fri, 02 Feb 2024 19:42:42 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbpost
hb.jixie.io/v2/ 		198 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.jixie.io/v2/hbpost
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.148 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
6728f6465cb558dd6a0f253401ef02cd364a66e81efef45805856bc1b93d9944
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
W/"c6-5uIATiOh/Xn0FrONxGOxEWtpKDo"
x-frame-options
Deny
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
1
expires
-1
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962813&to=-480&aun=div-gpt-ad-head-banner&tdid=&gpid=1000049-wY6jBOAiVO&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=970&maxh=250&si=986630&bf=728x90%2C970x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be0f062e720cd82841e4116ce1e3fa7e8e741695b77123b1c917009f817e225d

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962814&to=-480&aun=div-gpt-ad-head-banner&tdid=&gpid=1000049-wY6jBOAiVO&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=970&maxh=250&si=986631&bf=728x90%2C970x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
66bdb7956c2c20e913748b1c70ee39f83d4bed10309e51e100e703200c4aaaa0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962814&to=-480&aun=div-gpt-ad-head-banner&tdid=&gpid=1000049-wY6jBOAiVO&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=970&maxh=250&si=986632&bf=728x90%2C970x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2c102b19bfa6f14369a635beabbff435945fed09d64f5484abc29d1b9390e75e

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962814&to=-480&aun=div-gpt-ad-MR3&tdid=&gpid=1000049-WERIR7ZbUQ&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=300&maxh=250&si=986633&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
43e9b8efbf09e93f574c30dae5c301e7e48f1cc613548b34600daf1832af3caa

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962814&to=-480&aun=div-gpt-ad-giant&tdid=&gpid=1000049-GXPQIB41DN&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=300&maxh=600&si=986635&bf=300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4fc0058bc4ebfc454067538dff139e3910b3b7ca4ed98ca4cc7f57dc110df06f

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962815&to=-480&aun=div-gpt-ad-giant2&tdid=&gpid=1000216-syyNZsqOeh&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=300&maxh=600&si=986636&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
563d663e7c6f0140c86e1318a3f0f051a18593a3f586f804f89a9b67cd9f49af

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962815&to=-480&aun=div-gpt-ad-bottom-frame&tdid=&gpid=1000049-rCGBhlsDvA&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=1100&maxh=50&si=986638&bf=468x60%2C1100x50%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bf55e8f971a71ab29b20601372b89a73d3138f8a708efe0e6d58c5537323ce52

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1706902962815&to=-480&aun=div-gpt-ad-head-skyscraper&tdid=&gpid=1000216-Wau5EuoqBf&fp=0.1&fpc=USD&t=z92bhfyz&pi=3&maxw=160&maxh=600&si=986637&bf=160x600%2C120x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.gridoto.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.23.0%22%7D&ogu=https%3A%2F%2Fwww.gridoto.com%2F&ns=9318
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c2386d82c6b2538e1ce74645158a71fea5d1b908f04690bf9cf490458ddf85a4

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
2392259
bs.yandex.ru/prebid/ 		0
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963644271-220552662932392963000361-production-app-host-vla-pcode-472
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		47 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
7f9b8b2651a0f775543e87532fc3fb4edc643ae7c67bbd45ac37f9a33859c05c

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

x-ya-format-type
banner
date
Fri, 02 Feb 2024 19:42:43 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1706902963643557-387812847042626231100370-production-app-host-vla-pcode-136
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-ya-request-id
1706902963643557-387812847042626231100370-production-app-host-vla-pcode-136
x-ya-product-type
direct
uniformat-product-type
Direct
pragma
no-cache
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
uniformat
true
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		0
166 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963643811-348712412194060452400373-production-app-host-vla-pcode-399
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		0
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963823100-1324861665390861896900326-production-app-host-vla-pcode-511
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		0
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963821748-1606944611028021642800286-production-app-host-sas-pcode-218
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		0
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963643845-351187044704910665500179-production-app-host-vla-pcode-522
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		0
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963643730-47931944512800965100176-production-app-host-vla-pcode-538
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
2392259
bs.yandex.ru/prebid/ 		0
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2392259?imp-id=1&target-ref=www.gridoto.com&ssp-id=10500&ssp-cur=USD
Requested by
Host: ads.grid.id
URL: https://ads.grid.id/PREBIDJS.JS/2023/NOV/prebid8.23.0-grid-network.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:43 GMT
last-modified
Fri, 02 Feb 2024 19:42:43 GMT
x-yandex-req-id
1706902963642506-115659059520223362800275-production-app-host-sas-pcode-505
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.gridoto.com
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Fri, 02 Feb 2024 19:42:43 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2TX2MX67CX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fd3c9e7640b5c659b5e8886e5739ccf8a02d6ad4be65f76b7a3ff634ace61a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90564
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 19:42:47 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BFRLBQN3RX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e8bce37dbdd629f680fb5d0e670ee0e6a2fd29c8c84d7013f7eab08b9589a1c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90569
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 19:42:47 GMT
js
www.googletagmanager.com/gtag/ 		251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7HVKPKQRQR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
52b4515a7a7f81cce755af23a14d1467abda12ad451dd3bd03224907a0815504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 19:42:48 GMT
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9TZYVFXGRP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
39b77adb365ae8dffae3b2c931aa0b42d4de991b6f9c3d659f6a48b3d9cca15f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94140
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Feb 2024 19:42:48 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Feb 2024 19:32:30 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
618
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 02 Feb 2024 21:32:30 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.5.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0e1f95aa09754b10449fd8cd7f2e76d8f232d1038b6cf7454db558ac79962e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
687509
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HN15VJA8J0TTH62WNFY6W33B-sin
server
cloudflare
etag
W/"1bff-XBuNuslfZI/SL2xuiJqqum43R9A"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84f4eb627d968965-SIN

Redirect headers

date
Fri, 02 Feb 2024 19:42:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HNNND2EVBQ13H2K55023KMNH-sin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
118
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.5.2/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
84f4eb61bd088965-SIN
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.188.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-188-50.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 04:24:55 GMT
content-encoding
gzip
via
1.1 266242db9b2c9428b93e6f2afa4051f2.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P5
age
55074
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Tm6PSlgplaE4U1L_QbQb9WoDhoqf4ruCSAUHFmmAHjw-wJs3JAe49Q==
web-vitals.umd.js
unpkg.com/web-vitals@1.1.1/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMPZ39Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5508292
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGHGCY7DNJYR0A2WVCDGW859-sin
server
cloudflare
etag
W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
84f4eb61bd0b8965-SIN
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: imgx.gridoto.com
URL: https://imgx.gridoto.com/file/2017/gridoto/js/sso_g_signin_v5.min.js.gz?v=yI3pUisw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f84.1e100.net
Software
ESF /
Resource Hash
dfc1030cbc4043633193866e93e378b2db965ca4cfce4befb2415f8e073065d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S0jE2ahDVTP8Gi68lDGjXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-S0jE2ahDVTP8Gi68lDGjXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 02 Feb 2024 19:42:48 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://kompascybermedia-d.openx.net/w/1.0/pd
  • https://kompascybermedia-d.openx.net/w/1.0/pd?cc=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450357&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=450357&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=np_bVJyf2wmFmo0ImMyUBJrLjgWFmo8BnpOJohnL
43 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=np_bVJyf2wmFmo0ImMyUBJrLjgWFmo8BnpOJohnL
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYmaJNgDXV6io0ByI7d7g9%2FXogo89uoK%2BVlGWmJQOorkXIGPqY7RWyA37Z39f2Uxf7ytVjcVVC0kFeKzaMtK%2FOaQ7ZQ4IRJIywhM1g3pIzDtzzLXNBMVGLuTps%2F3sXjS1ZCCOsrXX6Jwag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb648c7d3fec-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=np_bVJyf2wmFmo0ImMyUBJrLjgWFmo8BnpOJohnL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
push
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/8/2.gif?puid=1941033958778798103&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=16f7f74f-1c32-47e5-b624-e3350477a8d5&ttl=%%TTL%%
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid...
0
0
usersync
usersync.gumgum.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1ac7bdb8-b17f-50b6-43d0-e02e31901ad7$ip$116.86.155.25
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1ac7bdb8-b17f-50b6-43d0-e02e31901ad7$ip$116.86.155.25
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 02 Feb 2024 19:42:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1ac7bdb8-b17f-50b6-43d0-e02e31901ad7$ip$116.86.155.25
Date
Fri, 02 Feb 2024 19:42:49 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=16f7f74f-1c32-47e5-b624-e3350477a8d5&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=16f7f74f-1c32-47e5-b624-e3350477a8d5&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 02 Feb 2024 19:42:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=16f7f74f-1c32-47e5-b624-e3350477a8d5&dongle=0cfd&gdpr=0&gdpr_consent=
date
Fri, 02 Feb 2024 19:42:48 GMT
server
Kestrel
content-length
251
usersync
rtb.gumgum.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=9wS9I9RGzIqT&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=9wS9I9RGzIqT&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
52.199.16.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-16-172.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
zh-SG
location
https://rtb.gumgum.com/usersync?b=pln&i=9wS9I9RGzIqT&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-75cb9dc7bc-cmr9d
expires
-1
usersync
usersync.gumgum.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_82691a7d-127a-4a49-b1a0-e54f2159555f&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=cf0933bb-d73a-43c9-a7e6-74a3a145056a&expires=1&user_group=5&ssp=gumgum2&bsw_param=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 02 Feb 2024 19:42:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=4b9169ae-0d08-470c-8eaf-2dc6350960fe&gdpr=0&gdpr_consent=&us_privacy=
Date
Fri, 02 Feb 2024 19:42:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1941033958778798103
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1941033958778798103
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Server
54.238.120.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-120-71.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 02 Feb 2024 19:42:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
an-x-request-uuid
4e70dd0d-2797-4fdc-b22c-1cd84a855680
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1941033958778798103
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
kgm-verify.min.css
assets.kompas.com/data/2023/sso/css/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.kompas.com/data/2023/sso/css/kgm-verify.min.css
Requested by
Host: assets.kompas.com
URL: https://assets.kompas.com/data/2023/sso/js/sdk-cookie-consent-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-46.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
f0fda098b0d7515fd624a7c82d9a4649cd727681c5d8f9afc46dae06258bbf53

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 23:43:11 GMT
x-amz-version-id
sZnObR3.sTNilHNFDOYJ1sfpL9AyayMa
content-encoding
gzip
via
1.1 04c6517ef1a7f980b7117fb82ad4cd18.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P4
age
2231976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 29 Nov 2023 08:08:17 GMT
server
nginx
etag
W/"53258cbd0e75232c8a62f4db47f98b2e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTION
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
LVVu-V1tD8naK_KdW-u1HmlGr7LbVF065nWdaLh6L4Itz__QB3i4mg==
expires
Mon, 06 Jan 2025 23:43:11 GMT
loaduser
traid.jixie.io/api/ 		52 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/loaduser?accountid=bdc4478847af564dde5cd5bdb27fab31
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
db6afb65d3fe14a65d2aa3522cd54ec93f37b0c90512a1d05fdfd20dfe7fb011
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
W/"34-9gw5mxn1DCHbY8gH+HXSA39PUDE"
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
access-control-allow-credentials
true
x-xss-protection
1
mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/mitsubishi-xpander-hybrid-thaila-20240202085058.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
dbd1dcb3c5ebfa57fc0865d87b3fe9aab6fbbc59798505c682fa77a66b38db1f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:33:43 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
14945
etag
"6c7ab7cd3a0955706d2de265af92551a1cdb039d"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
51387
x-amz-cf-id
z1Bit56YgS7KUiQkJhPrym0mYZI38EefFlAnV4TPs2GzphwVn8pPrQ==
expires
Sat, 01 Feb 2025 15:33:43 GMT
whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
imgx.gridoto.com/crop/320x0:1600x959/700x465/photo/2024/02/02/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/320x0:1600x959/700x465/photo/2024/02/02/whatsapp-image-2024-02-02-at-14-20240202025453.jpeg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
eb3130596a6dd5402a095224498b27051591bd97950d1cb04580f194991e1dda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:01:30 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
9678
etag
"5837fdad72642faa8cf5d121ed2aa061e94b39d0"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
63573
x-amz-cf-id
nyeQEEXpTrYY3hU6Ug4IRzZQQJmlAZ2WIH_b7PUMdISzVb4WQg3aoQ==
expires
Sat, 01 Feb 2025 17:01:30 GMT
penampakan-hero-surge-s32-dari-20240202025924.jpg
imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgx.gridoto.com/crop/0x0:0x0/700x465/photo/2024/02/02/penampakan-hero-surge-s32-dari-20240202025924.jpg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-112-100.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
7c89e1006689eb98f721c7dd029af394693c87991959f187281954092f36615b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 11:32:14 GMT
via
1.1 6539a76bb06cb86ff6a4a036edfec006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MRS52-C1
age
29433
etag
"183adee04176a9e1e64f7f5f21173a92d4171962"
x-cache-status
MISS
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
content-length
53478
x-amz-cf-id
FZ3vrmFvajla63rT3bbIejac0ObiiI2HUeE3pqyfDH3pZxjBFC5DvA==
expires
Sat, 01 Feb 2025 11:32:14 GMT
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.gridoto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://www.gridoto.com
content-length
25
date
Fri, 02 Feb 2024 19:42:47 GMT
server
Kestrel
vary
Origin
rid
match.adsrvr.org/track/ 		109 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f0ee29ce372941903d91363424523fabd33344524c315588b573ff3382bfffee

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 03 Mar 2024 19:42:47 GMT
upkiejson
accounts.tokopedia.com/ 		127 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.tokopedia.com/upkiejson
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.179 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-179.pacnet.net
Software
nginx /
Resource Hash
c2b1c29f1e4c1ee1437c94660bef3e14f9164845c1d71a1b1698a4a92257aba2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tkp-srv-id
accountsapp-10-41-75-7
x-tkpd-origin-match
origin-accounts.tokopedia.com
content-length
127
usersync
traid.jixie.io/api/ 		52 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/usersync?info=interests-short,intends-short,cohort,encio&idlist=3b3dcb60-c203-11ee-b423-a705f91a135b:jx,16f7f74f-1c32-47e5-b624-e3350477a8d5:ttd&sid=1706902000-3b3dcb60-c203-11ee-b423-a705f91a135b~1706902967&accountid=bdc4478847af564dde5cd5bdb27fab31
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
db6afb65d3fe14a65d2aa3522cd54ec93f37b0c90512a1d05fdfd20dfe7fb011
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:47 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
W/"34-9gw5mxn1DCHbY8gH+HXSA39PUDE"
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
access-control-allow-credentials
true
x-xss-protection
1
prod
traid.jixie.io/sync/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
etag
3b3dcb60-c203-11ee-b423-a705f91a135b
vary
Origin
x-frame-options
Deny
access-control-allow-origin
https://www.gridoto.com
cache-control
private
access-control-allow-credentials
true
x-xss-protection
1
prod
traid.jixie.io/sync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/sync/prod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 Jakarta, Indonesia, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.gridoto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.gridoto.com
date
Fri, 02 Feb 2024 19:42:48 GMT
vary
Origin, Access-Control-Request-Headers
31800665
fundingchoicesmessages.google.com/i/ 		183 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/31800665?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
da1cc3c45fbd4743c15e37b84e2993a984987eafac57da60436f59b1e4affc76
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2bu2w2DRXrZBG5tREvEgFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-2bu2w2DRXrZBG5tREvEgFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh2NH99e1bAInfqxsZgYA0KJZtg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2TX2MX67CX&gtm=45je41v0v881291252z877494712za200&_p=1706902958985&_gaz=1&gcs=G1--&gcd=11l1l1l1l5&npa=0&dma=0&tcfd=10000&cid=266424015.1706902968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706902968&sct=1&seg=0&dl=https%3A%2F%2Fwww.gridoto.com%2F&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ArtikellD=&ep.Author=Gridoto.com&ep.AuthorID=&ep.Editor=&ep.EditorID=&ep.TotalWords=&ep.Category=home&ep.PublishedDate=&ep.SiteName=Gridoto&ep.SitelD=22&ep.ArtikelSource=&ep.SubCategory=&ep.ArtikelTag=berita%20otomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobil%20bekas%2Ctips%20otomotif%2Cmodifikasi%20mobil%2Ckomunitas%20otomotif%2CHarga%20Mobil%20Bekas%2C%20harga%20motor%20bekas%2C%20harga%20parts%20fast%20moving%2C%20motor%20bekas%2C%20modifikasi%20mesin%2C%20mobil%20baru%2C%20motor%20baru%2C%20mobil%20listrik%2C%20servis%20cvt&ep.ArtikelType=Standard&ep.ArtikelTitle=GridOto.com%20-%20Simply%20Automotive%20Guide&ep.UID=e45f698f3680e5dbdbe9973b1709dd51&ep.Lipsus=&tfd=11118
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TX2MX67CX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2TX2MX67CX&cid=266424015.1706902968&gtm=45je41v0v881291252z877494712za200&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TX2MX67CX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2TX2MX67CX&cid=266424015.1706902968&gtm=45je41v0v881291252z877494712za200&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5&npa=0&z=513929623
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-BFRLBQN3RX&gtm=45je41v0v874954075z877494712za200&_p=1706902958985&_gaz=1&gcs=G1--&gcd=11l1l1l1l5&npa=0&dma=0&tcfd=10000&cid=266424015.1706902968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706902968&sct=1&seg=0&dl=https%3A%2F%2Fwww.gridoto.com%2F&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&en=page_view&_fv=1&_ss=1&tfd=11259
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFRLBQN3RX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BFRLBQN3RX&cid=266424015.1706902968&gtm=45je41v0v874954075z877494712za200&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFRLBQN3RX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BFRLBQN3RX&cid=266424015.1706902968&gtm=45je41v0v874954075z877494712za200&aip=1&dma=0&gcs=G1--&gcd=11l1l1l1l5&npa=0&z=1479943830
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9TZYVFXGRP&gtm=45je41v0v9175910237z877494712za200&_p=1706902958985&gcs=G1--&gcd=11l1l1l1l5&npa=0&dma=0&tcfd=10000&cid=266424015.1706902968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706902968&sct=1&seg=0&dl=https%3A%2F%2Fwww.gridoto.com%2F&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&en=page_view&_fv=1&_ss=1&tfd=11365
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9TZYVFXGRP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7HVKPKQRQR&gtm=45je41v0v9108141174z877494712za200&_p=1706902958985&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&cid=266424015.1706902968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706902968&sct=1&seg=0&dl=https%3A%2F%2Fwww.gridoto.com%2F&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&en=page_view&_fv=1&_ss=1&tfd=11417
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7HVKPKQRQR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		78 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f102.1e100.net
Software
ESF /
Resource Hash
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
0
defaultad
fundingchoicesmessages.google.com/f/AGSKWxXs_SYPaRXO8tBrLHzBewYSfDHwlpgtEZbKZr777BS8OYPO5o_uXGP8NWcpv11_AsNbHJzrCNU2SLPgZU9OFWIDhOjvdIrJ_-ztDVtEdPiWV8jAPD_X9YxoLg0baadFizCB5_ldZWxw7TKrgvx_iftacrQRT... 		54 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXs_SYPaRXO8tBrLHzBewYSfDHwlpgtEZbKZr777BS8OYPO5o_uXGP8NWcpv11_AsNbHJzrCNU2SLPgZU9OFWIDhOjvdIrJ_-ztDVtEdPiWV8jAPD_X9YxoLg0baadFizCB5_ldZWxw7TKrgvx_iftacrQRTcMPRomhR_5Y72NgdkuUFkaxjDyWD7CV/_/defaultad?/companionAdFunc./GetAdForCallBack?/AdsenseBlockView./mobile-ad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwaY2rwd9o1ILV96uHMbfnfPqgI7w/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
26f321176cd418bc971a63b94d68633cf28a572b7303f2aaf2b24ce457c0e7c9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pDRSSVSl8qMZ6SifFw8_VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-pDRSSVSl8qMZ6SifFw8_VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh2NH99e1bAILlrQ0MwMA101ZIA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwaY2rwd9o1ILV96uHMbfnfPqgI7w/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
3148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24657
x-xss-protection
0
server
cafe
etag
1770201614985610734
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:50:21 GMT
AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
fundingchoicesmessages.google.com/el/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OJROb0d5yadW0bVb4E4FDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-OJROb0d5yadW0bVb4E4FDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcOzo_rqWTeDFpRV9TADoDiK8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.gridoto.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tO5zLDvzL-X4tRKeKLEpOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tO5zLDvzL-X4tRKeKLEpOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 02 Feb 2024 19:42:48 GMT
AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
fundingchoicesmessages.google.com/el/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3hrpiYF27_5PYw-PeiOhWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3hrpiYF27_5PYw-PeiOhWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcOzo_rqWTaBj_ZZjzADmjSJ_"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.42.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-42-47.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Fri, 02 Feb 2024 06:54:01 GMT
Via
1.1 235fd46744276a751642777ed38c479c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MRS52-P1
Age
47956
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
omYWJr_kFMGsD8yCGGXJ2R0uLgiZnzh5jb3JDuP43MiI1-VC12tFAQ==
ads
securepubads.g.doubleclick.net/gampad/ 		709 KB
180 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3754652288110366&correlator=1654171003607309&eid=44809527%2C31080781%2C31080792%2C31080732&output=ldjh&gdfp_req=1&vrg=202401290201&ptt=17&impl=fifs&gdpr=0&iu_parts=31800665%2CGRIDOTO.COM%2Cgridoto%2Cvignette&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2C%2F0%2F1%2F2%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C160x600%7C120x600%7C100x650%7C100x550%2C160x600%7C120x600%7C100x650%7C100x550%2C468x60%7C728x90%7C970x90%7C1100x50%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=63&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706902968875&lmt=1706902968&adxs=270%2C1010%2C1010%2C1010%2C90%2C1350%2C250%2C480%2C-9%2C270%2C270%2C990%2C990&adys=671%2C1758%2C1313%2C5433%2C966%2C966%2C1140%2C0%2C-9%2C983%2C2127%2C2277%2C2277&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C0%7C0%7C0%7C0%7C-1%7C0%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gridoto.com%2F&vis=1&psz=1060x250%7C340x250%7C340x600%7C340x600%7C160x-1%7C160x-1%7C1100x-1%7C640x-1%7C0x-1%7C1090x5891%7C700x4300%7C340x520%7C340x520&msz=1060x0%7C300x250%7C300x600%7C300x600%7C160x-1%7C160x-1%7C1100x-1%7C0x-1%7C0x-1%7C0x-1%7C700x0%7C0x0%7C0x0&fws=4%2C4%2C4%2C4%2C516%2C516%2C516%2C516%2C2%2C4%2C4%2C132%2C132&ohw=1600%2C340%2C340%2C340%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600&ga_vid=266424015.1706902968&ga_sid=1706902969&ga_hid=863704756&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YprTh2tYxSABSAghk&dlt=1706902958957&idt=9008&prev_scp=Pos%3DTop_1%26kg_pos%3Dtop_1%7CPos%3DRight_3%26kg_pos%3Dright_3%26hb_format_yandex%3Dbanner%26hb_size_yandex%3D300x250%26hb_pb_yandex%3D0.11%26hb_adid_yandex%3D97cff18850da74%26hb_bidder_yandex%3Dyandex%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D97cff18850da74%26hb_bidder%3Dyandex%7CPos%3DGiant%26kg_pos%3Dgiant%7CPos%3DGiant2%26kg_pos%3Dgiant2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D1.46%26hb_adid_rubicon%3D9617f6f8035dcfa%26hb_bidder_rubicon%3Drubicon%26hb_format_teads%3Dbanner%26hb_size_teads%3D300x600%26hb_pb_teads%3D0.44%26hb_adid_teads%3D95f06a399d792f6%26hb_bidder_teads%3Dteads%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D1.46%26hb_adid%3D9617f6f8035dcfa%26hb_bidder%3Drubicon%7CPos%3DSkin_Left%26kg_pos%3Dskin_left%7Ckg_pos%3Dskin_right%26Pos%3DSkin_Right%7CPos%3DHorizontal_Ad%26kg_pos%3Dhorizontal_ad%7CPos%3Doverlay%7CPos%3Dvignette%26kg_pos%3Dvignette%7Cpos%3DBalloonAds%7Cpos%3DTerkini%7Cpos%3DPopular_1%7Cpos%3DPopular_2&cust_params=contextual_targeting%3Dberita%2520otomotif%252Cmodifikasi%252Cmobil%252Cmotor%252Cskutik%252Cmobil%2520bekas%252Ctips%2520otomotif%252Cmodifikasi%2520mobil%252Ckomunitas%2520otomotif%252Charga%2520mobil%2520bekas%252Charga%2520motor%2520bekas%252Charga%2520parts%2520fast%2520moving%252Cmotor%2520bekas%252Cmodifikasi%2520mesin%252Cmobil%2520baru%252Cmotor%2520baru%252Cmobil%2520listrik%252Cservis%2520cvt%26kg_inv_type%3Ddesktop%26kg_group_sites%3Dgridoto_com&adks=3841269460%2C4216706567%2C879279150%2C2925070547%2C1329966283%2C3008935663%2C1161391715%2C93436661%2C2493175330%2C2623454474%2C2528238645%2C1699725587%2C1699725584&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
a5690d872e7d339a26df1d3a91c9bd962d8f31870aebd6d623cb7a4ddf2a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183595
x-xss-protection
0
google-lineitem-id
-1,-1,-1,5124411753,-1,-1,-1,5752983095,-1,5752983095,5752983095,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138276460408,-1,-1,-1,138388868520,-1,138358237956,138388766009,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CFAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl_page_level_ads.js?cb=31080792
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
5a3a7a2c91fd7277a40f1e2269da0fea83c99739d0c7f2e2f9aa471cfa37efcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
14307
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14221
x-xss-protection
0
server
cafe
etag
13458906051555334587
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 01 Feb 2025 15:44:21 GMT
publisher:getClientId
ampcid.google.com.sg/v1/ 		3 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com.sg/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f102.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.gridoto.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
fundingchoicesmessages.google.com/el/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-12WIzV0P-T-u1ro-mndqKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-12WIzV0P-T-u1ro-mndqKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcOzs_rqWTWDF4WVHGAHsYiKx"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
fundingchoicesmessages.google.com/el/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU21RhxOTCEnpdR8mU4Ba6nlBk07dEyEx0316TMV5Fms_q6bGQJ7JRhXnJNaCc98mKtOl-aBt6uYFJTAnMQttNEzvqMD3pNJC7QYdlAOjr18jc70-1B-n25jHlDMC9b5e4PfgMNJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nC69R-jVy0m5CmkrnFLskQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nC69R-jVy0m5CmkrnFLskQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcOzs_rqWTeDCxzmnGAHsIiL-"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.gridoto.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWQl_uOut6S6roSoUZrnVHTCIASc-uygPgKybzpSAHARo7rNHE2VrzoHtuf_I0K4WWmowhHKnruG3mGM4hyLunEQ1Lc15ONIvThINwdwIPSACoHUdZWPkccITWlxrKH5_scPDVtvg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWQl_uOut6S6roSoUZrnVHTCIASc-uygPgKybzpSAHARo7rNHE2VrzoHtuf_I0K4WWmowhHKnruG3mGM4hyLunEQ1Lc15ONIvThINwdwIPSACoHUdZWPkccITWlxrKH5_scPDVtvg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTAyOTY5LDM5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmdyaWRvdG8uY29tLyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksInpoLUNOIl0sWzcsIjMiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
2926034b689945162c2b2873cdd8afd28a39bce7837dae2cc027cd5bd8b5a10f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WEgcUvs2NndCqWJSnUZ4Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-WEgcUvs2NndCqWJSnUZ4Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KAhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAvG7Ly-ZOL6-ZJIAYjUgfif5iukbEO_w8WB5Ez6dlS0CiCums_IBcVzddNYcIOZbN51Vc_101i1nprPuAeKY59NZU4B4MesM1tVAPCVwBuscIG6JnsE6CYid0mewBgDx58wZrL-B2Kd-BmsUEJfdPsdaB8TCcudZpYFYiIdjZ_fXtWwCG_5fv8EEAB4HXzY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=863704756&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gridoto.com%2F&ul=en-us&de=UTF-8&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAQCACAEK~&jid=766083215&gjid=819778068&cid=266424015.1706902968&uid=e45f698f3680e5dbdbe9973b1709dd51&tid=UA-106088976-1&_gid=1616509534.1706902969&_slc=1&gtm=45He41v0n81NMPZ39Zv77494712za200&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd10=&cd11=&cd12=&cd13=&cd14=Gridoto&cd15=&cd16=&cd19=&cd20=&cd21=0&cd22=e45f698f3680e5dbdbe9973b1709dd51&cm1=&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cd25=266424015.1706902968&z=1928074531
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-106088976-1&cid=266424015.1706902968&jid=766083215&uid=e45f698f3680e5dbdbe9973b1709dd51&gjid=819778068&_gid=1616509534.1706902969&_u=YCDAiEABBAQCAGAEK~&z=635514993
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=863704756&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gridoto.com%2F&ul=en-us&de=UTF-8&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAQCAGAEK~&jid=55911569&gjid=836811193&cid=266424015.1706902968&uid=e45f698f3680e5dbdbe9973b1709dd51&tid=UA-93462315-18&_gid=1616509534.1706902969&_r=1&_slc=1&gtm=45He41v0n81NMPZ39Zv77494712za200&cd1=&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=e45f698f3680e5dbdbe9973b1709dd51&cd13=&cd14=NaN&cd15=NaN&cd16=NaN&cd19=0&gcs=G1--&gcd=11l1l1l1l5&dma=0&tcfd=10000&cd23=&z=1345924917
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106088976-1&cid=266424015.1706902968&jid=766083215&_u=YCDAiEABBAQCAGAEK~&z=1846700022
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106088976-1&cid=266424015.1706902968&jid=766083215&_u=YCDAiEABBAQCAGAEK~&z=1846700022
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B259 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74BA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0B40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiPOKzC4ofkFL9RwTzTagHJ9Qdzdpr19G8b63tmDTxdHK6NALUhBuI-30jN0i8dPAiNCaSIsw_PBvGyl_5U2d5ftilDLw4LEaJRifMQ7mZl7ukDemBSf3S7Li4J92kzLpPY2dUP5B2pat5asNXg_lcVwg09eu1EDijAdD8GSB8HKob39K8cRLkRzte6pFabRrtaym3HEUlCjxj9eO3MZZuxRTjVZ7CSivOx0B5_eh_m9IgFjzQqMDl80twNiI5TmLtoXXaAy7oKo9HT-ezn0LHdsRiQD4MdAKoEg9QtYzcdiNDWyqvbovJ7BfLNNy2ZAyGnFgITyS_Hge3Y2t5wvR2zZkfa9nyo9_gcTUmyZiplFM-59EfKWhf&sai=AMfl-YT-B_xM-5aLFmelOew1RgOZlMdP0u1O3YsaVlhJHHcYyAzQLjvO61hqy64k85obq7jhdyUdesGxxfW2-QTX7s_2S7NDSpLwNJJL4rhTxf_9vzF6pxOWHo3b8lerUw&sig=Cg0ArKJSzGslSFvOrHTZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
asia.adform.net/adfscript/ Frame 0B40 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfscript/?bn=71174490;rtbwp=3587444100755FA7;rtbdata=Ld4lKAHxgaMUd3CeoRYeVHF3MzrDCzY8IjssHNACtQN4nJKVv7XCACxT1DiHl_BGGNB7MXBH_MT-vRgXc2z59XZ0fXcArzbugmf9ZQbJMaU_JjueFJgvkuHiNWfyAnTOikSyMY6XAlzn5NVclBZJ2jNg6XFcyCp3jKUHE1bqjWUt-pIqtUO62_53y_mXxtO7LBN-EO_Zou3k5klQBUJwelXA335yo2UUlvOcRluCLv7M-mKSGNd8_Th35rlg2QnuLvfGGVRulIApifyFOpkPMt_8XFAedtKw0khXRwdaSoE522vNtB8Sk0vLtfFSyyAe4K29f_IEpS8zYEhU4d9DNdJsi4LGDDecIdDbpLtEJtAlRp-VhDF9tcz6YpIY13z9pPLt2tjXjkZk9JUJFwE_MQ2;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/sin1/0/0d60094e-3970-4c2d-b79c-564ecfd253d8/
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
999c40fafd231bcec465339a73efe5bf7604de0dcb68e45650d8a294485f33fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1065
expires
-1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0B40 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:49 GMT
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A99 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0591 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ptag.js
tag.adbro.me/tags/ Frame 9CBA 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.136 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
599610281.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2c16c8296ab71eb861dabd7a644527900c6a2aca2beb2c4aab496a039ac11ed5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-age-lb
464, 5634
content-md5
teHYcfSZ/pfeqOnP7w8Y/A==
x-77-cache
HIT
x-accel-date
1706897336
x-77-nzt
EwwBWbuihwH3AhYAAAwBWbuiMAH30AEAAAgB1GY4nAFh
x-accel-expires
@1706911736
x-77-age
6098
x-cache-lb
HIT, HIT
last-modified
Thu, 04 Jan 2024 14:12:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
a953bd239fe1e279ba45bd6559543714
vary
Accept-Encoding
x-azure-ref
20240104T141314Z-u5hwzzwsw9457c1k2mxm8f7c5400000000ag00000000qpp1
content-type
application/javascript
am7tgodk.js
tag.adbro.me/configs/ Frame 9CBA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/am7tgodk.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.136 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
599610281.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
8431b25bb9205ccd0ceed08c7430ad09a5925053183ef5f67bb12141acfdd6ab

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-age-lb
237, 12913
x-77-cache
HIT
x-accel-date
1706890057
x-77-nzt
EwwBWbuihwH3cTIAAAwBWbujMgH37QAAAAgBJRPCLgGB
x-accel-expires
@1706904452
x-77-age
13150
x-cache-lb
HIT, HIT
last-modified
Tue, 19 Dec 2023 09:48:53 GMT
server
CDN77-Turbo
x-77-nzt-ray
a953bd239fe1e279ba45bd6504c52814
vary
Accept-Encoding
x-azure-ref
20231219T100420Z-7fa2467s855svah0uagxfvx1f400000000bg00000000fpsg
content-type
application/javascript
truncated
/ Frame 9CBA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3131795b06dea0b432e206f99d18931f3c4023d43a36dcebaff55aa282f3b98e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
container.html
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 435F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290201/pubads_impl.js?cb=31080792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:49 GMT
expires
Sat, 01 Feb 2025 19:42:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ptag.js
tag.adbro.me/tags/ Frame C223 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.136 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
599610281.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2c16c8296ab71eb861dabd7a644527900c6a2aca2beb2c4aab496a039ac11ed5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-age-lb
464, 5634
content-md5
teHYcfSZ/pfeqOnP7w8Y/A==
x-77-cache
HIT
x-accel-date
1706897336
x-77-nzt
EwwBWbuihwH3AhYAAAwBWbuiMAH30AEAAAgB1GY4nAFh
x-accel-expires
@1706911736
x-77-age
6098
x-cache-lb
HIT, HIT
last-modified
Thu, 04 Jan 2024 14:12:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
a953bd239fe1e279ba45bd65e2c03f14
vary
Accept-Encoding
x-azure-ref
20240104T141314Z-u5hwzzwsw9457c1k2mxm8f7c5400000000ag00000000qpp1
content-type
application/javascript
am7tgodk.js
tag.adbro.me/configs/ Frame C223 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/am7tgodk.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.136 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
599610281.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
8431b25bb9205ccd0ceed08c7430ad09a5925053183ef5f67bb12141acfdd6ab

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-age-lb
237, 12913
x-77-cache
HIT
x-accel-date
1706890057
x-77-nzt
EwwBWbuihwH3cTIAAAwBWbujMgH37QAAAAgBJRPCLgGB
x-accel-expires
@1706904452
x-77-age
13150
x-cache-lb
HIT, HIT
last-modified
Tue, 19 Dec 2023 09:48:53 GMT
server
CDN77-Turbo
x-77-nzt-ray
a953bd239fe1e279ba45bd6596a35714
vary
Accept-Encoding
x-azure-ref
20231219T100420Z-7fa2467s855svah0uagxfvx1f400000000bg00000000fpsg
content-type
application/javascript
truncated
/ Frame C223 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d83ba0811457eb2df7c37e2b265c3993a5c315a8657521d45f1c06c50d56960

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
ptag.js
tag.adbro.me/tags/ Frame 924D 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.136 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
599610281.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2c16c8296ab71eb861dabd7a644527900c6a2aca2beb2c4aab496a039ac11ed5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-age-lb
464, 5634
content-md5
teHYcfSZ/pfeqOnP7w8Y/A==
x-77-cache
HIT
x-accel-date
1706897336
x-77-nzt
EwwBWbuihwH3AhYAAAwBWbuiMAH30AEAAAgB1GY4nAFh
x-accel-expires
@1706911736
x-77-age
6098
x-cache-lb
HIT, HIT
last-modified
Thu, 04 Jan 2024 14:12:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
a953bd239fe1e279ba45bd6516f64f14
vary
Accept-Encoding
x-azure-ref
20240104T141314Z-u5hwzzwsw9457c1k2mxm8f7c5400000000ag00000000qpp1
content-type
application/javascript
am7tgodk.js
tag.adbro.me/configs/ Frame 924D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/am7tgodk.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.162.136 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
599610281.sgp.cdn77.com
Software
CDN77-Turbo /
Resource Hash
8431b25bb9205ccd0ceed08c7430ad09a5925053183ef5f67bb12141acfdd6ab

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-age-lb
237, 12913
x-77-cache
HIT
x-accel-date
1706890057
x-77-nzt
EwwBWbuihwH3cTIAAAwBWbujMgH37QAAAAgBJRPCLgGB
x-accel-expires
@1706904452
x-77-age
13150
x-cache-lb
HIT, HIT
last-modified
Tue, 19 Dec 2023 09:48:53 GMT
server
CDN77-Turbo
x-77-nzt-ray
a953bd239fe1e279ba45bd650e4e4814
vary
Accept-Encoding
x-azure-ref
20231219T100420Z-7fa2467s855svah0uagxfvx1f400000000bg00000000fpsg
content-type
application/javascript
truncated
/ Frame 924D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3623ba746955e7c482d6c0496565c4f2ab270ddfb9428e38edbec92118738d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
/
asia.adform.net/rtb/billing/ Frame 0B40 		35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asia.adform.net/rtb/billing/?bn=71174490&rtbwp=3587444100755FA7&rtbdata=Ld4lKAHxgaMUd3CeoRYeVHF3MzrDCzY8IjssHNACtQN4nJKVv7XCACxT1DiHl_BGGNB7MXBH_MT-vRgXc2z59XZ0fXcArzbugmf9ZQbJMaU_JjueFJgvkuHiNWfyAnTOikSyMY6XAlzn5NVclBZJ2jNg6XFcyCp3jKUHE1bqjWUt-pIqtUO62_53y_mXxtO7LBN-EO_Zou3k5klQBUJwelXA335yo2UUlvOcRluCLv7M-mKSGNd8_Th35rlg2QnuLvfGGVRulIApifyFOpkPMt_8XFAedtKw0khXRwdaSoE522vNtB8Sk0vLtfFSyyAe4K29f_IEpS8zYEhU4d9DNdJsi4LGDDecIdDbpLtEJtAlRp-VhDF9tcz6YpIY13z9pPLt2tjXjkZk9JUJFwE_MQ2&winparams=eCSubjR3VpVxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdm7Q3OqijEJT92S99HRjMzvIWmQFO1awrRESFCXvS7T2VMpGhWGd_9KYPS-sfazoI2ebrkpUjiBzh9bjC3siczgQ2
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
0d60094e-3970-4c2d-b79c-564ecfd253d8
beacon-sin1.rubiconproject.com/beacon/d/ Frame 0B40 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-sin1.rubiconproject.com/beacon/d/0d60094e-3970-4c2d-b79c-564ecfd253d8?oo=0&accountId=11834&siteId=434072&zoneId=2484286&sizeId=15&e=6A1E40E384DA563BA8464C169651E9C5AA769044E8AE816E8F08CD24E9AD8D14D77105DFB62A1DAA8DA2FE9B304D6E4B602DA246F639F0C494634C21F3F014E9D8E955F86956C05DF52D2027F1AFC572EDECFFE61A6DD512D52DD7BE9D7FE72DD28903B3E16AC5C04933B2638C076E34C81E598A81D68DDDE7ACAD1CBA2A835A9D9D4CB4D6CF0A5E2A615B2C7D830916E88D14A8E282D0F9644CDB70BC65359322ABC23C2B1F9C84C6C718CD7958165C12F28F6A11B5F3E6F557DD7AAD4F0EC1F90735264263E351
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.67 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6319 		489 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNW7uDde1re000n-qLizQM5JfONavFjB8t8imboccWu-Cf-EJZ7c4nikHkYWT6AEnYhQPC1Qbs1Gzi_TZYX7Wx9VWm2i7rs4OdlJUqeLIXdVfVSwv3Q
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
7a98efbd48e727770b5d6f5bc67c24a9b37d4e95ef05d0b2d81362e16ee0f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
187
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B259 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B259 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AExHFsEKmN5bnkSv8WigCx13XuSczpwDulF7eyfopL1Wx9MNtwxcUkOIAbygdkXuHGVUPrqPQiT5XtVcO4qGK_uJzXNMZXLg81FK5H4R4h77BnSUA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1525559/72176526/xbbe/creative/ Frame B259 		279 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jG18BkTLYQb6-EREEpVldK
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.92.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-92-192.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
496d9d3400faf301bedb34080e296142b9fbcbf98d7efe326ebf57584cd78eae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B259 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B259 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
l
www.google.com/ads/measurement/ Frame B259 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMXlo4P6b2IrD1UwUreVbD18BA9uBvvPxNPJzjvS3yPb0iGy7LtcpQiAwtdDKOFFIVy0tburCT2S13eJgN-XM-T4BP1A
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B259 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5D71 		489 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8oCr7gEwAQ&v=APEucNXIhTAPbIkRgJagtTXH-8wRKzf2QFU7XWeRzVoEav8noGbSdlRainFPXiNpoJZJLw7WPIjE634QXbNEqks0vkfvyqWiBez6IcW7gaSuDvcor9CUP58
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
7a98efbd48e727770b5d6f5bc67c24a9b37d4e95ef05d0b2d81362e16ee0f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
187
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 74BA 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74BA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CzV8Gud6G1LSeE8NJz3ydeW-SbLLpFU7N4LThZO82VwWz_hvQp7y4S0qlTXHBOsJY9td7kPvcVTSEsLAYMc8SnWm4gqhSmeJf1I9lgBKiM8ee6tgQ
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1525559/72176522/xbbe/creative/ Frame 74BA 		279 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-ehTRD0KrZe8kybktf-wN
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.92.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-92-192.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
acd57e79b4881ec0feb6d7830bc15e03b566b2ab8c836d2233aff823b88a4aa9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 74BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 74BA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
l
www.google.com/ads/measurement/ Frame 74BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKLcQr5NedNAEfB6gUxplwwaC-ICxLQTYPcDZcpa3hmXnKEPpAYMftKJyEKPjfZlZ68NyiFBK36jAr46RTzYknd7BcZA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 74BA 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
AGSKWxXO5e-yA-5x9hh8fy1wEcsGdf4uxcJcV-kq4HLRHUVoDXhaGTPNSqtUNclWg-Yvhz1YqXC4FIOkiVnknVfdNGyuaHZ8ebazHk1mOekYkhqPD-rXSitPrLo8WHQ2j2XIeOxKHNoVAw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXO5e-yA-5x9hh8fy1wEcsGdf4uxcJcV-kq4HLRHUVoDXhaGTPNSqtUNclWg-Yvhz1YqXC4FIOkiVnknVfdNGyuaHZ8ebazHk1mOekYkhqPD-rXSitPrLo8WHQ2j2XIeOxKHNoVAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2OTAyOTcwLDY3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDldLG51bGwsMixudWxsLCJ6aC1DTiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3d3dy5ncmlkb3RvLmNvbS8iLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJ6aC1DTiJdLFs3LCIzIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
f0b5187a74d6d10b0d7a289040ee7b4d34399b660b2598c03f6e9b03d3274094
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aKVnGNiGEan3AMof28LO4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-aKVnGNiGEan3AMof28LO4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh2NX99e1bAITnn1fxggA1zZZ5Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 49D0 		645 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXRXRDhqMuWBBiK0OuFAjAB&v=APEucNXZm8byEovHC0HCDl5Wbdfvt4VtdKfuZ2salBK6MZxGvAPMOkw2VY-xWHrUu4aWruiDkw_toCoUmjZy1IDp5KReOYtrMp65OU1bLCYsLQrDob2un5c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 67A6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:28:13 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 67A6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
16159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 15:13:31 GMT
view
ad.doubleclick.net/pcs/ Frame 67A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstHsFLrdAqsEmPLpSZMQA_-lh1ElNWlXpxkCL_gQrrRMNC1y5zwzblsNBcaBnKuw4x6IVf3r_Qa8mn986VZ8pAOa1_SernuGzNCk8YRykdCqBNBTzBxIm1bEqA0KwG83StrtKyMbMaAhwr2T8tWlwqwXALxyUjZmltOiZ_OqdcQZKEWVD3y8Oh8Ksxhz57H9zt_VWi52bU6Uz_jVxfBvCurPW_ExPwnhxMwSp5KYo5B_rYmY_rC_knXBZjW8MoUR4E_LM4wEJwmN9kKlnzME7sIYCcmMecNEXVQGv5T7HqjnZdpyAmcMdRv_BmqNRIvE4bXXU2IDE-5FLd2lHmvZvLFvoLvgOW_refsPgPYzAQxlyCF_NG6dJ3wzjQZh54erREcU46hJk5zybL5Rhm3oUumgHhqqD6w6NjkrjsErDXrTaaYFyAbaRHHc1bB6QsDc9s1hkcWrh6217bjIQx6c_H3bamvbuR-8Yc68_fgiZmmrRbWj3HsMww1WAPB6PjHDqyFRPYOx86Or4co8PzdzhoHTBwOm5vCe64-09toC20ID1pWtDk8NRSEq3DVCi5k0jqUN7ZvsPBrHTiWOUV14zaxTSQNQ1nqFUtiywLXskXAyohDzUSmJgjMfuVhOmM7bT_wG0slVjybbsHlHn7idqznD0YXD9MgixsdHBgOqJLoL01c6W8up9dB3q-ryak7DTkXbg2WaPWQ7G5Fii3M6Zc-odxksGhs99ROrB_otn4x_HutSuiPYIXiYC0KskYoJN701WL3NTF5dP_krGvg7am0CBKFxLLkYkFsfimg2J0VMnGdNSoUh5VKZ3OADmXZt-t08SsAulMV8lR5V7-s2PiXu4X5X95pdvRKV8ZHmq1Xv81Vta1V_NTZWPGBzei4YONgBUGlzSD-jNur11Ht_etwBCPDHc4AoSyjWGndnrhOmlNBUfo1KOrP7mGE_HAke2YQtzfXD987zaJ2-gt6dRP40fWR7VbuhpopK81aj-sXg-f3rzkDrh-pWhlSZrQz3VUGD8g3s-hetv_lHmzCfORjJ4brSVRMmazHhMeK88Mia5jj-u7uV-NkRN3VIWDAqdTBZQCtMLBtj7HSeC3nNGxpBonkK6dqHdGaQwXEI1grSnj3WRqgQ21O1oy1ueLKbFDK9_7L5_S6eBcOjtDYLeN_5OsMeufUhH3B0PqzPaECbqVxnQoJLq5IbP0tT1RG9fjFHj7N3SMv9L1fGpNttqqvW1uxTRukFgdTewwItM5DbbH6wlMN5XY34pt7gBjFPclUqX15mDG0RUWLXP2Zs-Uemyr_9s7tl4j545UcxreIPNLXgYTO2HgTOrhfMXlWdfRKma0rqPczjuG_QNNYVGWlLystrRdajkDA4fuR80E_tYpNno93xJAlSUoMI2CIUiu8o1k7McJNrQIVd-hn7H3FE8MrP87jRNwCgI0AYd8b6LDE1rWgBxKYxR9eovZBzw9t6SRyNP8XedSMqdq8R5aFfZNZcTiaYezWP9fpiAGq6JnI&sai=AMfl-YTXyXOln7ypb5nYX4Pe_Ljvu4QZrCy1mrbvyrBnNE3_uCUagto_zubyQWu7THJpmD1lGuq0fNriVMzskZX-e40vKRzUlHvSLogCo_6whcxOKZA4Q8D92hwKzJ6b7ivdR49NX9gnwXAc2kF5CzEf2xZaBaCFn-B3fOlcAwpz3k_3YOEMQ7gj14_4p7M8l45dT1jb5sw3cL7hDOD7MLqdVHa5AVC2yFURnU136ixuu2rss72zsW3UEt0dYPMarrXgnPcd4YuXIfCI_hnUM2fmrN5DOKTmZ9aoS5otWDzGvxjwC4nKuqJbvtNJArWnQcsoUGGswHzUayrFW-RZ4tZXc2ofCnddzL6twVtS8oUkTdq1GFpIvRvyKZ8-a0ByilCEi7cgoe7_GhhtwIwZl5Xnyxe2OSBhCBZgRm5yg1sk&sig=Cg0ArKJSzAecyKhpGvuNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vcGVuaW5ub3ZhdGlvbi5zZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240131.76003&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 67A6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:28:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 67A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3EB4 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
21346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 13:47:04 GMT
etag
48472445140208031
expires
Sat, 03 Feb 2024 13:47:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 67A6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 67A6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dg-1yswfyuKHdKsIs0llHuHR6E6MSv9gLLh-wDKCnB7mGzZ1qHR_NLBhbKxzdKhvIhpawus-NDSQ-RLYT1VwnK0sDO1d-VGuSfwweVPNVlGBSsPZo
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 67A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4YmpiSYdneWiWK-ydVmAbeUgDlfnA1thkQJy8ZwcjawMehm5sU-CAAEOJE8gkv40k0MlpLE7LhXoTGsd78ekNkWqDGA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 67A6 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
14203862484904857531
s0.2mdn.net/simgad/ Frame 67A6 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14203862484904857531
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
3356d32e090e8bbba0880262bc183029fc1b4e21707c7af894a8a6f395fd8e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 17:47:12 GMT
date
Fri, 02 Feb 2024 17:47:12 GMT
x-content-type-options
nosniff
age
6938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79720
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:33:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame 34F5 		645 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNVZ9ass8ewY8NfB69GFmWcGBjCFbbbH9Hxke1BcH5ip5rhtGHQ1JrVL_IMtBLOn-oqtbEjJdk2RC8aC9UKn9uBzBrDQQoAb2-lrQETSPnQ6sb2UEPA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1937257/78037242/ Frame 3A99 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1937257/78037242/skeleton.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.92.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-92-192.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d56db1f8f77b25d9be815d1e078d6779473b23f04145d7cc6bda38df11146417

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3A99 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Origin
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Feb 2024 08:04:02 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 3A99 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
16159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 15:13:31 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 3A99 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:28:13 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3A99 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:28:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 3A99 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2574 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
21346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 13:47:04 GMT
etag
48472445140208031
expires
Sat, 03 Feb 2024 13:47:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 3A99 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A99 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BjG9n1uka9tUIelTupPpYIW05BXXHxUZfpoALz1v9gl4i1d9qhSu4Y2jq1s04hy_VAztTuKUHysLeiqAcVBRNnlHj42Ql3tIVlUoA-NAIuqx3x1G0
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 3A99 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdZr5bGUu0HzJqKproauny5WoSYvHcKqSGgreywhK7hLhefFKtVUiF-C-Rl1RQa_eIPBHWFaun36rnBS3JGy7Ouao7Cg
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3A99 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CA33 		645 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNXJSn665jQFuCOjex67acZ3LQHCqApaGMivuJCsjOOeb1fkFntudujOceNV9vz-CK2bg3GkzfGGoHmhsQGXsaCeAx1q8ZSh7UUhdD368suKWePEkSk
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1937257/78037242/ Frame 0591 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1937257/78037242/skeleton.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.92.192 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-92-192.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7254131d3b01ac94013bd5cb4e111b7e68ed8550cfd4ed95f0193b7b33513ee9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0591 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Origin
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 08:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Feb 2024 08:04:02 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 0591 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
16159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 15:13:31 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 0591 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:28:13 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0591 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:28:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 0591 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9A6E 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
21346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 13:47:04 GMT
etag
48472445140208031
expires
Sat, 03 Feb 2024 13:47:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 0591 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0591 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcH16eHjsd-JTUcb-lAluDLLNobPSBbUy1G5U0fTvNQaPic8F3_90ruEMNzvM1Phm-gCbzGSm9S8sriI6fSgHU-B53oE6ybXd3hduVlx2FZ5Obftg
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 0591 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4kA6Bg5Qc1BO0G7DTMa1VzdukNILHmT9YcU9F1DJvWBPNkDU0BkludLGgY7lBFe5M7goQ0wA12NHgUaxKfhoTIDvp8A
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0591 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F4AB 		668 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD6ThCFlYCqAhjejryFAjAB&v=APEucNU5bco0oJ5Fjvj5XW92bfvC5gQyhVsJWcL_blr-BENc7hFeG0md6eNcnrkRzTxF71kPSty2XQGVL9stWgTxauQW2qmv1PJv2jnc0DTw8wYL8zrXfiM
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:42:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dvbm.js
cdn.doubleverify.com/ Frame E8A8 		421 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.59.80.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-80-130.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
4bbd30439575c4c1ec03fe85c7a3ccb592b6d67e52a6ba7d57d35846577f3822

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 19:42:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2024 16:03:33 GMT
Server
UploadServer
ETag
"65e2cd34decec24874dc209f3313cb2f"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103337
Expires
Fri, 02 Feb 2024 19:57:50 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame E8A8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:28:13 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame E8A8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 15:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
16159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 15:13:31 GMT
view
ad.doubleclick.net/pcs/ Frame E8A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssFbJHE65Xq32k5yrPoxBXcpMyGXke2cJDuTaZsE1PrHr4DFX2HdB2g3j-VH1fQkjt7AfKXoqy5N8R5y7YzEG-jiE0Fmc3Odc9yAmAL0jgmdxFRll36sVzAZqItGMVt4iJWWWVBh0UFSZIytXCCotKxZUm0op3rRT4UuI1piWP58ufifI3Nj3kcEt3S4BMzBDAYJ8cgvbKXXi3KBX2iHpyELPx6NhdiJ-YiN7Kv5zLyafHRf1wQB1KKRzHrMbfrtDZeTrJ_okpQRoZ1K1S8MmvFMK_H24wvXTAEbKVP_Lf6xbEJ7GmfldPG6cLvo2LoqshHPiTkGZ-71SdQV16YlUGj_Lnujsd58SXTQkCRLYFzL15xtCjnth5IBMpJESZS4YqeYFdSJxiPAZ0ulq6NyffoBYbi2BgIosMZT88kaCE1MoRtP02QbUd2V4gZ5D5-Ed16bpMjHv5cz_SptYytVwnFTnhuQXWp3Oj0964A_1purHzzRdvnxlW1vBY5jGWJsrl8BOJLr5jM-6-7Np7agL0YeHqN7A_kblaz2Mu0QxuzS0gf_4JRI52xoqTQpZzP13f6lkrX77ffbdSCsa_EAqfTUEefLVDtrbFXLTgMS25TwfCvVxPBRhA01ZZLLEI3B1WY8v8QLSISO5KFMJP_tAw67VScBOi1Sp5VmukUdg2mo97PWXfH3_ZkKQML8Uny5C3IXm5ARx9B0j925DeJv-oHpmlP7ibOo0szLVwFh5DSmJPrCOwFsVTbwGpdycjGeR5HkYK-SSkUTREGvp31rcbfSoLLaA_HLswJJc9mGqOfHfFFtn-WkTWCIEjVh5Y62NCPFFnRpoau51W1tTsQjO2SoW8qr21FrH7KYxKoAlY3n1l39ergQwSjfcCXdx7B_uX6H6QFOxYNPgIvtga8OAayEOJo3SMvDqUo0SftwpfNHn823yopAnpN1COIyHtWSctJe1ERZl0BBfzYxdgfd8f-axNmOy-7RFBm659I9ab6aAqRZaAitdaED_ZR8AcG56g0fFpkZ9TZResUTAuDUjnGPT_jrWDXMUFEB-QzTQJQMCrPpEGiHCKnQeFq4a2txRIqUbyskj-sCyf2tDcfiqq30svO69tyr-zteBcraB5lTZaWkkIw2WqDJg09KKLFHxHXQN1zycsriWI9v_V41NioFctt6yP-Abct6UOluyojwpawAoO6W62UC_DhkWTanniQtASSoQtHGlZvKjIsZCQ-e9dA9VNU7u7LfznezTotMN3tf2JEIxk2Ykyr7hiRb2NtrSfwW9hKcZ--TuNRLgpSMeZZbOcik0zjFZ6qnFY2pFw-dUeGEewmMaDsKMm-IVl91GciOVCM_3MfmCdaLTMVoWS2M0lOXwZc5f_qNnNHo5kg-N9XyXo4agmq4r7atmeAlCoOaDp4JPDTPqhtEwupCfzKVVyrrx5CR9i9xorW1jttkg&sai=AMfl-YTupcE5-05_BbFn8pTHAL-4hZB7J798R8M5rA8yI8rSDgIVpEdmzeabihvJpH3UTUJBM7iDODFm2tTKCTpOowexZnS3317F7BaTvr7YVraYyMm3U1RMWswBeRlWpkCU3Ubu9KwzQLrWdKuGddfD44Et7dp3imAzyF8hi0-Q19RVA2GvBEN6wLtOuafj77w4HH10SlAAgzKSZwsbch5L5ZcOMESMXy-wdHsi560xXKaFDtQVK_ymBKX4L8SC7bc7DA1JwxHUtCu1gIR-dYZ0z2UVarz8KyIrtgR3r6ec8Cl5e37y9eOODD6AUl9xaUlKvIT-nTn1Zgdl0kqWTesF_rm35caOPAQS5_4bvF1_AfGfJ-5PhotIYVPJ1dXQfTg1MNBNa2sftsPzii12AKsm4tbVHd2OxxexolHZbtjgZIavnDNc7D0&sig=Cg0ArKJSzNJqXtbly9PkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaGVsbC5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240131.86864&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E8A8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:28:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E8A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C5F3 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
21346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 13:47:04 GMT
etag
48472445140208031
expires
Sat, 03 Feb 2024 13:47:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame E8A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E8A8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CW5OE-HUmfMFXKavVYAXdzTsVsmJJyy7MXbHA632cGTnZSw-4qM-jjnWLSnlBCSRAOZ4-fh__6rIUUAwpqTJdNIufJeHjBGhQKSWd4KBr38g-g4f8
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame E8A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM-atCHd4V1BNTG9MuWG9vL4MdRB7B9ZOlIgHIrbCdEawOWExG09eMgq2d3mi03SGOv42D_Hbz14pIThLISCb42LAIvQ
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E8A8 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
sffe /
Resource Hash
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66348
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706704584918460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:50 GMT
9612714770704033996
s0.2mdn.net/simgad/ Frame E8A8 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9612714770704033996
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
67aec9700707c3544b7dda80da75449107e6b0daf7890bb4365d2a1f70f9a65c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 17:34:45 GMT
date
Fri, 02 Feb 2024 17:34:45 GMT
x-content-type-options
nosniff
age
7685
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91282
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:38:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
css2
fonts.googleapis.com/ Frame 435F 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:52:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 19:42:50 GMT
css
fonts.googleapis.com/ Frame 9EFA 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Feb 2024 17:52:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Feb 2024 19:42:50 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 9EFA 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:10:21 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 9EFA 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 09:10:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Jan 2025 09:10:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame 9EFA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 20:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
84865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 20:08:25 GMT
l
www.google.com/ads/measurement/ Frame 9EFA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGyKueW9owKgQGNwliv67b3SAwe3A-SABjbIMGFQsxSBuadO4Pezh82oJk1mRMnyAZNXGoonJMUkVUSKrClZo-9CtQ3A
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9EFA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
3288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 01 Feb 2025 18:48:02 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 435F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9451
x-xss-protection
0
server
cafe
etag
11136001603933606047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 19:20:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B259 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5542042845662&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B259 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5542042845662&version=m202401290101&ct=76&x=1&cor=8666589886419761000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B259 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCydL12uA38w-jySkwG0ADVhYKETZ63wkV2d5OaK4tpRMNI_5WN-1OjNYvOahW96M9MhW-7TnX2hX5e8wxNzhP5lR76dhkJZ9IghkZlkCeJpviixIj5BXxjNqTQuK6OPzMi9qwXl8AEko0GFK9hKIIhbBH6wxwcedt_ZRwjRBbufMHopo&cry=1&dbm_d=AKAmf-AAx4VSqR_WGkMmE0Qnwec0jfAtX19UTsui04qgasVF7-8WR_FAT58R6i4jxg8su-w0rIl73AfXs3ohYMjlYeoH4ubt2PRloBpd11mNZZlHbKcEb8qaShMrHTGiUjwSA7U2xBX69wil8G-3_ljxuwstbUh4qDw_LUBsQC2ea_x0VGXYucw047qUJeGhXTejEP1j2etLbbt2fQ5C3CXHFn87mOD3HMl0zR0RUjLYhCr7ovrvAraLYVe-FnSIZWXzkNNMKLEuXrjoNix4FqO4VoWUMqEBr8heMYOPvTsRi6jb7ByAaUSLt-UUZQPoSKkm9yj7KwyzTxcw_cmFoSEz3W5yO1SkxMmTSZGEhiOFufsd8D8nPX-QZHkvPOOlM_Zteu7lhPMLydmHGMxbr_kWAXBjP_SAYqSbRn4wrT4I8_V67YfEw4fyO9cblCukHoWy4d4S0siJalW9aumEu1PiCN-Yd_qjYY9pAaDaP5I4ZFDfjJgOE3WtFG23029zadFI-MXPZuzL_acd1W3rpM2gmMvZfDgGrMv8hL2gQL-fJJTr8oEtZsJAwNQ88i_g6GDwdmEIluCmZNRZZZdQ91tyEpCLjhFf-A3GwWOU26CJZUzaynSbVZmaoswxhIP3gWZWZ9mqG0j1-0AAGCPNR7EGQDidcC8VBIesRS1KreahHttFF0Aa45YZ45TFAK33kNVf39ZGkmI80zDxc5GCjZqtvWSNrw4sSNPQasqDUKXuSZfe2rNgvnZ2gyDs3QK0zGsLtCz4dveUoYs7uL_kgqcit0ifRKSCQtkqTXdT7KSiO85T1plUVZWRUK6g3iv8nTwTELZA0P_LxUiodNlBqVo3yiqcRYIPlFFUmg7y8Myg6AoK4Huo8uyvYAjaG5d6zxBna7v4RuPYcrEfRMBGd4hptdckhVDQ7NyNTIluvfBh5VjQPdNq50ttvjIjB396tdYOz-0sL7mSKOOfvO6m4j_UY8eNxlBwMxYlw8a9rwBsasHMkjPa4kTI3U_gNR0U37b37tsQ4eOG3CN1YSOYaAWt-s5agg1yZ2stcsJnfDoXtnPJJD4XvHYmq4lkhK9iltAdbtvg9b3mo7Vrinjw6R_uEQEAseizlz6QIClkHrhWIYAd_NEgkubZqPK6Hvs2uegs6WSgJ5g9pVkDgvpseh-b3vNSwE8OT11ixhjNsrl12zILMy_MVL2Jt16YcohE4v0_H-41dmqlDS5coxI28cuPIdu4uzFb6lqZJ_znEDdvzDeCebHO13blw2JjPrIBloNQrTWVaLllezSflYvDYe8LSz9ixzn9-slVb1uu9rg86KPsMpMUope5jS60-pwgQYA04GRnkJUBgHckpX1f1fhPnnn-nMRIv8lU70FfwejOIRWgOshcrhV1rzktgCMblfHI5qwzJ-G0uf7CPmGT_2eKJ_Kft35zMFLJqItVADRSlM7avZ4d8oC9jZgJCzXtTNOFuIsBBfAjWzpHzxohSvixpZo7Db8C_yHJD5LvqkdcCXnK_BlSdZHoDiuZeVHbGwbGRnduKPszvqL2oo0R3smDnb8KriMtMPq28YNPDjDrvvSr7ybHBMSW8sGDQb9LnrS-_EkJPQJrmG7LMRjEruVFQrqFUVaRFBOxBIawkCM2Ln4yFT71rDhiXcAk0Hqq3VjlUS6pV81JiCvXHiw9Ze8L7Tdq8kYbaeO3dwPGFUvz3DKh3xdqLcAb4SsvvnMegnCNHgPVfvTYzSKroe4SsZmhB2DCpcQKB4JkOeTveZl-pCB3rmk1WcljXJh20Ow0-X6-M2Al2tWmmZ08H_L6vmf3NWmKrDA-9z2Kb9l_D4jJ2DSAtgfKxgau_kqTdF1rQ3h0nGWIhOq80u-z9KwOFpmsaU77iRvn5KlSzU2CwXQkOLAFV0hZ4qtnCAgL5fvSfaG-9pyhHBMD-vAjAurK9Zc44w2hjgsmVpzkm8RRPNFSj4R7FLPnRDbQzYYT_Nj4ALPh6L7ptgboL-zKtq3UzBCMDDiTyNFPJ0DN28-S4D_rxghKb-qkpccWb9hU5Q66mGJKDskGnTQeaKe5T1Uxqdc5aX96NBS6rGDit6w6qhy37PGhp4PNYjG9u0m6ebfXWCgO-cMM3JvItnh-XaDU2Ra2NkC8LoEekwVxPAP4UQqjW-6pr_vNRtjPu1kuKDpPaZEAdf774YVo3q89mkcHJ9hC6aZA-95ELFIvREgFA0mVAWEdxoeIQX4zCM-HrFFODCgAazVm8fgwGVKHVe3qpKx-gmUxlKP6YuvAhJQqDn8-Mry3BhWcQWZ0mBgKLvcb8qr0_T7X7wXgkLZ_nHCuYxuUr0-PhARU770_ZdjY2j04SCKr_PZwmSfbzBKQYsvT4-6JWMYTiO9GhARry5KNifbkx5Jr-N7RDzwXEHBk-14gTUHq2BWXyeqiEyPYA-GBInLB5K4klbBdC5mVgJtsa8qQd3YS4Gqm2_Fedn6VwrKDp7RVr9yheGFzRkNWN0rA-MsMJG3JPkFeRRKQshycoydguFer-xqkRy-VL6MnuFZUwxyOr9lAkDpjdtQ-Lt1GnZnBMiJXP_mLGFuib8ydSgzHie_mJCQWPp4vYq1DUaHajvpopEphFfdVo6aQmfX1T-Meg6sasexRKXzoRuVA19La5_fw9NBVARbtjHe2xA4a5vImn00gvlUpe04J66iZUnDMITW6KXF-9_Y9qWF8lUhpxV_ZLLDD1HIjxFgF9LLSbi3qnIbkao_1oUX2fqDHC4Nq-GJ0-1nDHl65psOEcURHWLK8ywbdavkQAhjqrxbLaN3fv9UWWX5XptAZ1kgVQDcuePp6AsetzaUMRtaPa0MZLl6bLnRBO7XxDZ-V_4vAxR0Q0QcPRrZTngy5ZnECx4xoyEc-SqVOelWMvQWKc_il0aURBQ8of9SOc5fZeKRBKkuYZiisi2_I_MpK0NKQNjIuRBIyVudyaVss8pwMnWW1P2zj-qhu-e9QtTEUDJk7HPhpvX3DrV68j234br-yrW3BEIN7N9eAntb6hEcl_Eyve65KaSQhZGue-PzTUNdI3a2I7XTiYbED-zc7jctkCmYqcQa69amHJhHtEFP7WY8j4gjH1VOocFwgxVyGYEUWE69SWED6fvho0RBz_QC29fQxtDEDgFBM0J2KAH1T1yJuIdwHPYFkS4ZM1gK9PYPULLG89WKPYjM&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.gridoto.com%2F&ds=l&xdt=1&iif=1&cor=8666589886419761000&adk=3047537734&idt=89&cac=0&dtd=68
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
a86a94a29d4f3803653b06c22db18504637b56c218fb3873e54bc90bfcb67913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12220
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74BA 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8787244597548&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74BA 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8787244597548&version=m202401290101&ct=76&x=1&cor=17296646576531872000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 74BA 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bee7-lhMjLTOR5BGfZfMmJZw8bbImVN5GXopcYLeYZB_gmkceqRP3bmHwS70DTjK-LI3QCfrt_6RJbKP94W6-vz1unQZMHRc238HWUvysR8rTPc4zvhYLbfgC86gwlBdvJrLi7l2gnC6d-aFLa0By2csbY9HUsrhoDQZ9E2Cl7FoG2eCpcSepfWOhs2ArINPB5e_VdlXwGrjy3mZicLRgoQQ4WFw&cry=1&dbm_d=AKAmf-BcuXR8hFYb3aECgXHsEOmsQNafalI22HpqPct_DBa2KupJn97mV4WckMEFxWmH7SJ28e_VIVIHpqZl49RWyo1WmYjWGO_4Lpg_N6xJzrdYS76Y0ZpQv-XjRYa4tyOL4FGCKetdXJsGLPU_txuBu9Fo2Q8FRnirSgBf6Sd8azpqqiti3rJwJZeXELfarblVI0hWFa0ye87cEmn1PeLBHh9YH5GMng42FmAMQuKhuUUndHNebDytqxauwKmrpV7EqlVDmoN3vd-Dt6yZlHZdI4SfypRFteoTJsmq8KdnEJAIGxJWpmiw1JeaxRuAdYF_GzONsDMszC_J_x5cNjDPZPhNsJ4YVcJrLWPmIPPQ_kRJ_ZIGp7W8eum0JJKfWCEs8WmBEMeY2q1B9SqMykuzxPC0BDLeN7g4RudlKM2rkotyl3mFDFBMcvBvJ8pIIZ0BemiN4_wHkjjJ8AXWcZbojNIuAzpCNSRSZCF41Fbuup1QnHXFrm4kF1boZt0o85SyLl0_5Qvn7iwyZjtvTjsqGA5tFM3jbbrerKPOuvZ8kAxk2llePcg7cthBDOjuRyJ7dTHVzLnhAHOGyfpQQLWxEUUCbdD4mgyvSjs2ezE_yWIFtrJoQltqerGnV7lcNEPddb39gTG6lMI6as7ErkZpv86GzdsRMlGZ0aWybGRTL1tety-L5CVqwi54b_ntwPj78-tNL4mEEjkQ0Zslnh8m3l4kwMzkVum72oNHlE7stGbzM0Jjmp_LwSeZLa0tVCk1x8XuhdOJ3UWQ1oHhbQoG6NDXKKwmzosRvrJXvUkWUR1BPLEME1Gh2jaUnhb1iUCc5oSafeGRqilloBI0FL9tuVNgkA4S615xTUY8pIaWfq00m2ANMrKzjRFcLM88gvQuQgoiIzKxy_Yhgrwtx8UkDuAt1r1lWPIBHJfQWQ4Qe3khSfqJZtMWintKsr6P9j8HOGH2wCHHXdIrQy66kg6QHiYB9lEQanK44aithGbfa1jBx0OyZJ0-3Fy73HF1ut9XM3oFMNos3AwTyLVw_D2Kbe7Wn3d8TpsFwLdW1R82OvC5Sj97h0pgrbaXZiUzifflMsrltFM1UFDIPp32ZClLBZPGjp-K2FR08-kwGH15W0O9jWV0qU0f4Hq251wQOnrA2FGhdnzRAmXRO-PIxRvLHx_JXTUr5XgBmMqJ4XPRoReZS8az_Jqk8AArjX_35FMWumiBtSelRlN3iGZxbkJVQLC23fBzbYMx_cfXZ9no8LG8FrJckKWLXsAS_kpgr_mfT679i4yJNzASp-Zcb2XBJ8DhYvtocDNTp23YLI5WxOa1bnE1VvAekQhMHP5eFf_hxmnKT1QN1HMWXR2u0X_avhzZtOvHjum3DF7W7CLvlt2ZplF7cklF1d-NwVCpQQuH4Yy-pB8OA0R7p9ngw0v78R3hl3vb48Let1MbsEgQKBHAzY5rQOnBQR5t5QGiElZtGdM-1apj9dGJmAFs4PLAb5QEj6pCiI6_pHOGw4Fo7FTaRgZ_Uhl-y9xG51mHZHd1xRyoP3EA-l7ktL04eqZATBOH7ivMh5PNoRET3lffTekSpoaxY8r0iueB8vBaTlq_iRKBdmYG4PQtaoJsOl7pQpRkGNWcEajg1gSF2mv6k0xFdEKNG6sTewBXF3ZvPtc6iZCp7XXAi9lcLyWTeA-_p1mvyan1uyR5SBA6qeYX4tdB996UOKYP2sZwLBRA6mbJfTQCYo8o983mSMEVwnDevsrTCf3vM5VVuYkz0EeNka7dQepzGSPtD5G3rOaoaRvmZUB36JGa_E6Ay4jn22xVT5Qsf_BYmJ_VGI_oeLEVJ-t3eT7o6Nawt7u9G0VTKvuJcJFNM7uZr1snOBV3w3OHEyyXc7oJONC4xo7x9y80k4pFjTZfa3pvYDwway9xleAI5fDwPVZs4S5RV3dfQ2Sc7BDUCSoIptf8tcDjnUT7zCQAQ0bUVUQdkyk2nWVVtloSKzXAIVvyWoprXM9OYwtPvhW3tLhIYihMn2psrCG29sjHHYrbpZNe8-vkPePo6Mzmvo-LCssYz1x4WvR4Xq_9jnU3ZqMZjz0i2VrMztrF6xqmz5e_lUzilOIyETtq4VcC3BJ6cFuie4yEbMSgNkOXu81r7usGa5g8CcLOZrbihh3Hlzd3_MiTiCp9lncI1iGLg_sxlMrZNZzmBZGCYCO5pKpx5XVjBtwe8J37CcjBoV5QnZAd4gqtVV4cfloJ4hukuh3wYNltxu4Rkl5ooEEC9KsCwh6RoDeXxLFysy0pcCJgYFpsCiZTgD3njmI60DzMT8j8hOUkFw9PhyHgSAVLZD78G5nZ6KeQYRcOdNqqwwjHWbNFOZd_4oFe6DB0hvQeh1fje-tY5zBGZa6UCA5rHSrechHnRfMxtf_exCn86fjTpg0Jl9gZqZWeo0Op-3M1X4_XF_OPM_Pg-dztUmAJzK8jkXXQj0j6gazXX7pf3CDOu1ydZOOfSXcOzgI2KNVxHhQeE9hF3V7MWqJKNI6JIfVM1wqnt_Otd_8uGZVfe75c0nTRKoMorWoYfUNuJE8YgBy4KErKvcyGMGnA5kDBkkgAKKm-F-uNo4Qp1v-LaQwLxOPJ4A7EFOz2w1IU4c7TDbyFj3JzYspKEGOqdr5syiRaTRKG-kRUPkj5CsBVcAvQWMRHWs_pqb4_XlvZWc2_W0FekrsNSy7epUqX0_uNKb7FOSOEbiWw6nhw94khc6Gm1DvNkasXw7lZ68Io5loLSOBNiSo3Zv0nIMzGM1dztlTvfml4Svx9WNWuXJ9hEctPVTWGMn06FRlZ2mkNy6VF0MhZPOv_s_Ys36_7Q1cf7xE0EkolqfS6rNj-c4u6cBTesWax4r8XZ40u6JMn89yp5tPl3eWc36C_P89J5BOW_46RFUBERZAWbD1PrXMUNMPT9XlnJDUoQ0ApVeglI4YEHFwS2coOPk52qkrrLZKYSedVyMGGP1_Z7fOU5HMxPBhxbct3k5FYtrYT-e8eOamIgbRJycFQYPWFRT0beqv70KkVDVNHqv5ko6h5vxjjzY-1A8kmecUJnVXuAD6gWvezF9pt_qdRxUDydlCZg9moRl700751iRQ9ZCrFgfsL1wxiHn-DYBZPIvBLdMS-O5alIufClgfMabZmUZySh-IQMxv0X9xRK04tU4lal763E6OOSfPZ2JE-HgpDOMjXFTLzXUiWjGeZ1y18T4x7aHjyAAToftwyiQ&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.gridoto.com%2F&ds=l&xdt=1&iif=1&cor=17296646576531872000&adk=2857193499&idt=121&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
bc72c07030ee5f7c0c5c77f606d1ea8a8dbdabf04d10c3d89f881e72f480e5da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3EB4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBy5qRakqiQ4m4xexRZxDFE&google_cver=1&google_push=AXcoOmRH4TGJZzdJNbL6eUKuIItXiIx2nRlnbaEC5uGpyuTQQ2zEhg72_88Wboa78gsc6zvOmzrU5Pe9zgxJ-90rrcfWUFa6OiFkwE...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214D46727CC94913944F8A12CD6C569C&google_push=AXcoOmRH4TGJZzdJNbL6eUKuIItXiIx2nRlnbaEC5uGpyuTQQ2zEhg72_88Wboa78gsc6zvOmzrU5Pe9zgxJ-90...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214D46727CC94913944F8A12CD6C569C&google_push=AXcoOmRH4TGJZzdJNbL6eUKuIItXiIx2nRlnbaEC5uGpyuTQQ2zEhg72_88Wboa78gsc6zvOmzrU5Pe9zgxJ-90rrcfWUFa6OiFkwE6rB_GXD2wiIbPVWsZMUzOv2QvdOcB8l5tlfMK537VIHbOXZsaOa2A
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 02 Feb 2024 19:42:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=214D46727CC94913944F8A12CD6C569C&google_push=AXcoOmRH4TGJZzdJNbL6eUKuIItXiIx2nRlnbaEC5uGpyuTQQ2zEhg72_88Wboa78gsc6zvOmzrU5Pe9zgxJ-90rrcfWUFa6OiFkwE6rB_GXD2wiIbPVWsZMUzOv2QvdOcB8l5tlfMK537VIHbOXZsaOa2A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 01 Feb 2024 19:42:51 GMT
pixel
cm.g.doubleclick.net/ Frame 3EB4
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESENSt4Df0ELCNIOSzl3uLwXI&google_cver=1&google_push=AXcoOmT1JmyNDT8cM_ZIi5l7pNx6HoWqX7AbTc1wx7xSfy_iiyZ-pgqnPejQXG7cbB_9f26_U2l0jUezKCS5X9kOM...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT1JmyNDT8cM_ZIi5l7pNx6HoWqX7AbTc1wx7xSfy_iiyZ-pgqnPejQXG7cbB_9f26_U2l0jUezKCS5X9kOMooszPhzKwB9rvtgZ_cRzkIO3qeLnT3lwcb6fz9E-uI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT1JmyNDT8cM_ZIi5l7pNx6HoWqX7AbTc1wx7xSfy_iiyZ-pgqnPejQXG7cbB_9f26_U2l0jUezKCS5X9kOMooszPhzKwB9rvtgZ_cRzkIO3qeLnT3lwcb6fz9E-uIHLVEts78jAbih6k1AN-3UJw&google_hm=Ac9OIWvEOkS_jKEiaVSv0Mg
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmT1JmyNDT8cM_ZIi5l7pNx6HoWqX7AbTc1wx7xSfy_iiyZ-pgqnPejQXG7cbB_9f26_U2l0jUezKCS5X9kOMooszPhzKwB9rvtgZ_cRzkIO3qeLnT3lwcb6fz9E-uIHLVEts78jAbih6k1AN-3UJw&google_hm=Ac9OIWvEOkS_jKEiaVSv0Mg
Date
Fri, 02 Feb 2024 19:42:51 GMT
Server
Apache
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 3EB4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDyaw1Xm1I1gSQG8KejHV6I&google_cver=1&google_push=AXcoOmQNO5qaCbq2SypJj5ou6cGi1HX4iikrTBnYaYnEuggA_6zNe6QqeNUDtq8WV3Lz8Lag1V7lPBUm5aIt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNO5qaCbq2SypJj5ou6cGi1HX4iikrTBnYaYnEuggA_6zNe6QqeNUDtq8WV3Lz8Lag1V7lPBUm5aItCoDBONz7k65T40ObciRLRpFApO6Bc3rNzee2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNO5qaCbq2SypJj5ou6cGi1HX4iikrTBnYaYnEuggA_6zNe6QqeNUDtq8WV3Lz8Lag1V7lPBUm5aItCoDBONz7k65T40ObciRLRpFApO6Bc3rNzee2Y8jsarrPRdP6lBoHExJRtKXDeOftgR_ydew
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNO5qaCbq2SypJj5ou6cGi1HX4iikrTBnYaYnEuggA_6zNe6QqeNUDtq8WV3Lz8Lag1V7lPBUm5aItCoDBONz7k65T40ObciRLRpFApO6Bc3rNzee2Y8jsarrPRdP6lBoHExJRtKXDeOftgR_ydew
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 3EB4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3...
  • https://sync.targeting.unrulymedia.com/csync/RX-ffaaab61-b90f-4690-9247-ae7cbc87c761-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRYH-psBZ0mXcCd8P7tk...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg8JKVyBuVvgv0k0tLdDE&google_hm=BP-qq2G5D0aQkkeufLyHx2E
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYH-psBZ0mXcCd8P7tkTIUgdQHpwoMx79-0-Ey4NKtqnZpnctAbpHamBmpJQ2CsUqPoFgC_Ob0s7atRDuwKKPuSPG9Raqc517lZ7rzEBwuVtTGfIjSCxspA1PbkX3KZJwg8JKVyBuVvgv0k0tLdDE&google_hm=BP-qq2G5D0aQkkeufLyHx2E
date
Fri, 02 Feb 2024 19:42:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXffaaab61b90f46909247ae7cbc87c761004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 3EB4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAmV3TUmv_AVj-cGzMfMos8&google_cver=1&google_push=AXcoOmR05OoNFCAKpBBAOpoC_8CtdfINZxuIsdufh3brifkeiGWdV0SOH7pRFGt0GwPUDqIE_JBh84nMchnQIR65B5H9TxuTw-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR05OoNFCAKpBBAOpoC_8CtdfINZxuIsdufh3brifkeiGWdV0SO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR05OoNFCAKpBBAOpoC_8CtdfINZxuIsdufh3brifkeiGWdV0SOH7pRFGt0GwPUDqIE_JBh84nMchnQIR65B5H9TxuTw-AmDv27N8mZBlMnB3lGw08NVW6VD17MHXc8CuupgduVNR9q1aj-Hk5mIHQ
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR05OoNFCAKpBBAOpoC_8CtdfINZxuIsdufh3brifkeiGWdV0SOH7pRFGt0GwPUDqIE_JBh84nMchnQIR65B5H9TxuTw-AmDv27N8mZBlMnB3lGw08NVW6VD17MHXc8CuupgduVNR9q1aj-Hk5mIHQ
date
Fri, 02 Feb 2024 19:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sspsync
cksync.yahoo.co.jp/ Frame 3EB4 		35 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOz6x9KbWrONAW11n6ITQ1o&google_cver=1&google_push=AXcoOmReJAF8grF-y8yjEL6NfxVZ1f6ovgUO9izLrNLV5AAmcorG2ZGD_vpQ1ty2gu-iEh8Iuwh3W_HtIe3CVSSmB4ZsMxwWzsP7ygIcBjm3HEtaewgT0UGWLSf5iFFgHNCZe2Wh4QcPJvgbb6HOrRkTLORy
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.217.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
server
nghttpx
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 3EB4
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMETQsI6Fgkb937V52sxRp4&google_cver=1&google_push=AXcoOmS1-2JrhCJG7Tk6n1AXS1l-unD3Rn_o4bD_SUkQ_Y46JTev4BISzTsffDz_weV...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS1-2JrhCJG7Tk6n1AXS1l-unD3Rn_o4bD_SUkQ_Y46JTev4BISzTsffDz_weVAz47eZ9YfROY6FASIR8_wSd3Iecg9xilDbi0hl6_vN0Av6dhWaB_oQ1Gye_Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS1-2JrhCJG7Tk6n1AXS1l-unD3Rn_o4bD_SUkQ_Y46JTev4BISzTsffDz_weVAz47eZ9YfROY6FASIR8_wSd3Iecg9xilDbi0hl6_vN0Av6dhWaB_oQ1Gye_YNKm6hP5inoMmiI21ftTKkmtPnJpo6
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
5090e5ef
date
Fri, 02 Feb 2024 19:42:52 GMT
x-bytefaas-request-id
202402021942523186995FAB9C897F8B85
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2402021942523186995FAB9C897F8B85-1CBB861B3396524F-00
x-cache
TCP_MISS from a23-206-171-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=2, origin; dur=67
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202402021942523186995FAB9C897F8B85
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmS1-2JrhCJG7Tk6n1AXS1l-unD3Rn_o4bD_SUkQ_Y46JTev4BISzTsffDz_weVAz47eZ9YfROY6FASIR8_wSd3Iecg9xilDbi0hl6_vN0Av6dhWaB_oQ1Gye_YNKm6hP5inoMmiI21ftTKkmtPnJpo6
x-bytefaas-execution-duration
5.55
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
016074c3edb39a4a66aae6250196f2f40bd32aa3d977b8b03528c74bc2ea9f3e926fcb3b61a2d3dff5083683dd423293dab313922a182d0f25780ebdfbe691aa00dfa99c1fa1802ee300507110287badd95f4f18b3d8ca0e180341298b8c268364
x-origin-response-time
68,23.206.171.4
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 02 Feb 2024 19:42:52 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3EB4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMEVMEmRaJ5ueMOZ11ZeEabj3UB4J9lOH9BhxVDmlW8M3u2speblJ0JQQmFGD2bhnBMS4EHBw
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_cver=1&google_push=AXcoOmTZ0Opybka7sxYaO-CNWrXfnL4u8U5LAM8M33IHYH63xb8aM9p...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=1eb31baba56f21f3&is_secure=true&networkId=14000&version=1&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_cver=1&google_push=AXcoOmTZ0Opy...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAL3wSFLpNF8QNvRHO5AAAAAAA&expiration=1706989372&google_cver=1&is_secure=true&google_gid=CAESEEDiSUZKeVB2aXGLT_arV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAL3wSFLpNF8QNvRHO5AAAAAAA&expiration=1706989372&google_cver=1&is_secure=true&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_push=AXcoOmTZ0Opybka7sxYaO-CNWrXfnL4u8U5LAM8M33IHYH63xb8aM9pVi9iFBWXYY5yQlD0n3WXZoLNYz0-iY5D55QHHCKcDtx0a57WdbexifJnTD79ueQNb37H59bwvmPbu-HxyduhsaKvQeMmJWffauA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAL3wSFLpNF8QNvRHO5AAAAAAA&expiration=1706989372&google_cver=1&is_secure=true&google_gid=CAESEEDiSUZKeVB2aXGLT_arVlE&google_push=AXcoOmTZ0Opybka7sxYaO-CNWrXfnL4u8U5LAM8M33IHYH63xb8aM9pVi9iFBWXYY5yQlD0n3WXZoLNYz0-iY5D55QHHCKcDtx0a57WdbexifJnTD79ueQNb37H59bwvmPbu-HxyduhsaKvQeMmJWffauA
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEB1whl69dVRz17VxjM-v0m8&google_cver=1&google_push=AXcoOmRhRiaDSQa8okFW9rxPcQZ7lAJ97IcvGScKyw4320F7Xnc-KvO13GP91j-xoBf03FC0fwL2IRGhn_p1qEZAlg...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZmN2Y3NGYtMWMzMi00N2U1LWI2MjQtZTMzNTA0NzdhOGQ1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16f7f74f-1c32-47e5-b624-e3350477a8d5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZmN2Y3NGYtMWMzMi00N2U1LWI2MjQtZTMzNTA0NzdhOGQ1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16f7f74f-1c32-47e5-b624-e3350477a8d5
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MTZmN2Y3NGYtMWMzMi00N2U1LWI2MjQtZTMzNTA0NzdhOGQ1&google_push&gdpr=0&gdpr_consent=&ttd_tdid=16f7f74f-1c32-47e5-b624-e3350477a8d5
date
Fri, 02 Feb 2024 19:42:50 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEMUfrl5XEFAPOCFKFPgJ_fM&google_cver=1&google_push=AXcoOmQ-n-hZvRS9x3QUmUo0G-0SOJFSjmtYMxLuWDz8FQL2-YukyuupjDXGAUf5cHe9e3HFQ6vgvMY...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ-n-hZvRS9x3QUmUo0G-0SOJFSjmtYMxLuWDz8FQL2-YukyuupjDXGAUf5cHe9e3HFQ6vgvMY-OHyF7jEIbyS6A8spRT6iSixAie-1JMY_5vVQFwONetjY9yC8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ-n-hZvRS9x3QUmUo0G-0SOJFSjmtYMxLuWDz8FQL2-YukyuupjDXGAUf5cHe9e3HFQ6vgvMY-OHyF7jEIbyS6A8spRT6iSixAie-1JMY_5vVQFwONetjY9yC8MMnUsapATdGjl1FO8sHK0RHNPA&google_hm=5WTvFVFQSSiTdr2ku4_4sxk
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQ-n-hZvRS9x3QUmUo0G-0SOJFSjmtYMxLuWDz8FQL2-YukyuupjDXGAUf5cHe9e3HFQ6vgvMY-OHyF7jEIbyS6A8spRT6iSixAie-1JMY_5vVQFwONetjY9yC8MMnUsapATdGjl1FO8sHK0RHNPA&google_hm=5WTvFVFQSSiTdr2ku4_4sxk
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n6Cgpbotb...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n6CgpbotbkZZ71MyOI&google_hm=AUF2J1lBUSh_ks8AEDxkMWc4V8A
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
via
1.1 d0945be30f5a4a7ae05683911a5fea2c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
MRS52-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmS0ObW9QpjlGMGgoe22N_LYLEMarYUPQQ9T68GUwKiEZ2EzBJirT3H3h4ykVktGtAww5XifeAhsplXfSRaQ9tMw7H_UElnLOC8zK-Pvk0_o0lZoF48zRFaEc9Y6tZNGn_7x4n6CgpbotbkZZ71MyOI&google_hm=AUF2J1lBUSh_ks8AEDxkMWc4V8A
cache-control
no-cache
content-length
0
x-amz-cf-id
OvGmqT2K8haNK3AxRQVulFSVENixENS5oGlwoL2ilm2RfWxNVICp_w==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBTxeGqxOCH5uENqN8PzsNg&google_cver=1&google_push=AXcoOmSWzl82cvad4vJtP1giJCpbUwsbFSeRGZgRjCTEnmt-EE_XgO4z6Lz8U9AUDncBCWuszcb78LLfTnY7fBu...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmSWzl82cvad4vJtP1giJCpbUwsbFSeRGZgRjCTEnmt-EE_XgO4z6Lz8U9AUDncBCWuszcb78LLfTnY7fB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmSWzl82cvad4vJtP1giJCpbUwsbFSeRGZgRjCTEnmt-EE_XgO4z6Lz8U9AUDncBCWuszcb78LLfTnY7fBubAO39KaA50-92kJaebx_ZalNW1dCl6mxyiZMfJrivc_QidGS23Borz4tny1_gXrfQhtY
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmSWzl82cvad4vJtP1giJCpbUwsbFSeRGZgRjCTEnmt-EE_XgO4z6Lz8U9AUDncBCWuszcb78LLfTnY7fBubAO39KaA50-92kJaebx_ZalNW1dCl6mxyiZMfJrivc_QidGS23Borz4tny1_gXrfQhtY
Date
Fri, 02 Feb 2024 19:42:50 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEonsx3aCXCsFDde8oYW8LE&google_cver=1&google_push=AXcoOmRouWtTFummy8-a1aB2ptVff--FsMSS1kqgf-cmiW_Jq6kQPzHa180Y_BK9T8CWQMXxBCGI5C...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRouWtTFummy8-a1aB2ptVff--FsMSS1kqgf-cmiW_Jq6kQPzHa180Y_BK9T8CWQMXxBCGI5CxSLEYjyjZffqK09-Ca6SOd4GoXFZLyOQPvTLugzC6hB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRouWtTFummy8-a1aB2ptVff--FsMSS1kqgf-cmiW_Jq6kQPzHa180Y_BK9T8CWQMXxBCGI5CxSLEYjyjZffqK09-Ca6SOd4GoXFZLyOQPvTLugzC6hB-wyHrAfoupnTXeWTnzH4uHRShqowOrs5BU&google_hm=MTI5MzA2ODEwMDUwMjIwODIxMg%3D%3D
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRouWtTFummy8-a1aB2ptVff--FsMSS1kqgf-cmiW_Jq6kQPzHa180Y_BK9T8CWQMXxBCGI5CxSLEYjyjZffqK09-Ca6SOd4GoXFZLyOQPvTLugzC6hB-wyHrAfoupnTXeWTnzH4uHRShqowOrs5BU&google_hm=MTI5MzA2ODEwMDUwMjIwODIxMg%3D%3D
date
Fri, 02 Feb 2024 19:42:50 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2574
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAobOn_gA...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4b9169ae-0d08-470c-8eaf-2dc6350960fe&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4b9169ae-0d08-470c-8eaf-2dc6350960fe&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=4b9169ae-0d08-470c-8eaf-2dc6350960fe&%%GOOGLE_PUSH_PAIR%%
Date
Fri, 02 Feb 2024 19:42:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2574 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT_FFySJUR7YREZvkGr5m-WMnYCvhujmfm0j8xS5zwUXx1WQUtgTNRInbDv4RdjPoIGsACuA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDfr_wbBh4E1Aw_BK0RlST0&google_cver=1&google_push=AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVko...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4b9169ae-0d08-470c-8eaf-2dc6350960fe
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=4b9169ae-0d08-470c-8eaf-2dc6350960fe
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=910a9142-6d3b-4094-b7c8-7b7a5768c438&user_group=1&ssp=google&bsw_param=4b9169ae-0d08-470c-8eaf-2dc6350960fe
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVkoeWSdZnLrlic9t39TqnKZd61eb09LzWtSrVbZ7haHxH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVkoeWSdZnLrlic9t39TqnKZd61eb09LzWtSrVbZ7haHxHWKYNLBL-WuqTiVcaJrYQ&google_hm=S5Fprg0IRwyOry3GNQlg_g==
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVkoeWSdZnLrlic9t39TqnKZd61eb09LzWtSrVbZ7haHxHWKYNLBL-WuqTiVcaJrYQ&google_hm=S5Fprg0IRwyOry3GNQlg_g==
Date
Fri, 02 Feb 2024 19:42:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKqYn_Ch4V6prk_MRREqZ6o&google_cver=1&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8Kd...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKqYn_Ch4V6prk_MRREqZ6o&google_cver=1&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jI...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0OTM4NjMwMTk5NzAzNzk1MQ&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0OTM4NjMwMTk5NzAzNzk1MQ&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8KdUVwBubdFCztPNTbhN6hkfB0VkfV1yKlsKatUePy5bAyJF3xeIYivLrmRn57pZSzuG0mPXlnm-Q
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE0OTM4NjMwMTk5NzAzNzk1MQ&google_push=AXcoOmT29fY4UTyvGGW6VxtrEuVe115cpE4Chm2zkXE8x_gMP-mydiYguTAbpC3V76h6z6UW1jIwA8KdUVwBubdFCztPNTbhN6hkfB0VkfV1yKlsKatUePy5bAyJF3xeIYivLrmRn57pZSzuG0mPXlnm-Q
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEBTxeGqxOCH5uENqN8PzsNg&google_cver=1&google_push=AXcoOmRJQAkCrptTMsd_Ob-_bVaW4ldmiGNsQwPm_ZKxD7QUw9xiqIYVlUUNcVNzBdTSgJXkeiJBF07v79Htk21...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmRJQAkCrptTMsd_Ob-_bVaW4ldmiGNsQwPm_ZKxD7QUw9xiqIYVlUUNcVNzBdTSgJXkeiJBF07v79Htk2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmRJQAkCrptTMsd_Ob-_bVaW4ldmiGNsQwPm_ZKxD7QUw9xiqIYVlUUNcVNzBdTSgJXkeiJBF07v79Htk21Cmf5TOZnKUUtu8jWzN1fSbMLC5RsVpipexsu1Aj6I3G7If-kAQmJanA9YJxrwO02x3mI
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Gse9uLF_ULZD0OAuMZAa13RWmxk&google_push=AXcoOmRJQAkCrptTMsd_Ob-_bVaW4ldmiGNsQwPm_ZKxD7QUw9xiqIYVlUUNcVNzBdTSgJXkeiJBF07v79Htk21Cmf5TOZnKUUtu8jWzN1fSbMLC5RsVpipexsu1Aj6I3G7If-kAQmJanA9YJxrwO02x3mI
Date
Fri, 02 Feb 2024 19:42:50 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESENSt4Df0ELCNIOSzl3uLwXI&google_cver=1&google_push=AXcoOmQCSP9g6HR_o-1i4ltEOB7UHjUYdbKTPK5uNb8Z5b7H2Uo0mnxQIvyQUIKq3Yf4B9a_BRPdExQ6RfVyB4Com...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQCSP9g6HR_o-1i4ltEOB7UHjUYdbKTPK5uNb8Z5b7H2Uo0mnxQIvyQUIKq3Yf4B9a_BRPdExQ6RfVyB4ComOxJGf8biNTYHLn1uMz3gR9e3Do_fXpenW89yNJjfaJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQCSP9g6HR_o-1i4ltEOB7UHjUYdbKTPK5uNb8Z5b7H2Uo0mnxQIvyQUIKq3Yf4B9a_BRPdExQ6RfVyB4ComOxJGf8biNTYHLn1uMz3gR9e3Do_fXpenW89yNJjfaJLEq8mDxEEBUbdfXFzDjsR1P4&google_hm=AfFYcBcXxUPQv3pSXXm_C7o
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQCSP9g6HR_o-1i4ltEOB7UHjUYdbKTPK5uNb8Z5b7H2Uo0mnxQIvyQUIKq3Yf4B9a_BRPdExQ6RfVyB4ComOxJGf8biNTYHLn1uMz3gR9e3Do_fXpenW89yNJjfaJLEq8mDxEEBUbdfXFzDjsR1P4&google_hm=AfFYcBcXxUPQv3pSXXm_C7o
Date
Fri, 02 Feb 2024 19:42:51 GMT
Server
Apache
Connection
keep-alive
Content-Length
286
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5Jzk...
  • https://sync.targeting.unrulymedia.com/csync/RX-ffaaab61-b90f-4690-9247-ae7cbc87c761-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQWQLa6lcCM2qqURTGdF...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22LNxAv3AAhjtcT4i3WpA&google_hm=BP-qq2G5D0aQkkeufLyHx2E
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWQLa6lcCM2qqURTGdFFSgsBdQ8r3MAUHsFbbJkKm3Wo7sgBSX82-227zm8RsuwK345CDax_m5QDDOZbxIUByTIqBe6ujoGSfGNQOW5agUzyNCPhgJQhLHgNu5JzkRv22LNxAv3AAhjtcT4i3WpA&google_hm=BP-qq2G5D0aQkkeufLyHx2E
date
Fri, 02 Feb 2024 19:42:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXffaaab61b90f46909247ae7cbc87c761004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEonsx3aCXCsFDde8oYW8LE&google_cver=1&google_push=AXcoOmTqEuS-DAwdYOPKDaiXcczCYtzAw3G-DYHBPjlBAFW4e8CyIIPM9dqamnqltezTlAJwBz_yCM...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTqEuS-DAwdYOPKDaiXcczCYtzAw3G-DYHBPjlBAFW4e8CyIIPM9dqamnqltezTlAJwBz_yCM6K10Csz8sq_VTm0MXBLOKdjc0Kqjg3ePe0GPyh7wE7a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTqEuS-DAwdYOPKDaiXcczCYtzAw3G-DYHBPjlBAFW4e8CyIIPM9dqamnqltezTlAJwBz_yCM6K10Csz8sq_VTm0MXBLOKdjc0Kqjg3ePe0GPyh7wE7amRDV9cFRp4TQq5xG9mOXpbdgD6kJDdaag&google_hm=MTI5MzA2ODEwMDUwMjIwODIxMg%3D%3D
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTqEuS-DAwdYOPKDaiXcczCYtzAw3G-DYHBPjlBAFW4e8CyIIPM9dqamnqltezTlAJwBz_yCM6K10Csz8sq_VTm0MXBLOKdjc0Kqjg3ePe0GPyh7wE7amRDV9cFRp4TQq5xG9mOXpbdgD6kJDdaag&google_hm=MTI5MzA2ODEwMDUwMjIwODIxMg%3D%3D
date
Fri, 02 Feb 2024 19:42:51 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9A6E
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEN41saE2m_Uom2IWy5LJnlg&google_cver=1&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo0...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyN...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-af9c7lXCdjM5tg91Lylcecz1vvaO6banjveOYWXxrg&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6O...
  • https://cm.g.doubleclick.net/pixel?google_hm=C00B38s3wDjr1M5EQKv_&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo01hD5ekk5JVwMoJX...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9A6E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KM6INib9zY16Nyq8VTwc8PQDrjQrl5aScQREU6aIU4Dp5ZIWiZVEvheSvAA4LHNgjkC_0ChA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame C5F3
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESECfWED4621eB1X73jerM2yw&google_cver=1&google_push=AXcoOmTQzDXyo9i8lQFQrQzp6ejuCwGdYBFRUabq3xtN-Dx5O0Ivk6_Yej_PBKUWXroVUwCeEUSQ4LudGFtyHHA01L4nPy4VkMQx17uQ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTQzDXyo9i8lQFQrQzp6ejuCwGdYBFRUabq3xtN-Dx5O0Ivk6_Yej_PBKUWXroVUwCeEUSQ4LudGFtyHHA01L4nPy4VkMQx17uQ-U-KZyuh2_Cgug_DFzbVUgO4lXzjkS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTQzDXyo9i8lQFQrQzp6ejuCwGdYBFRUabq3xtN-Dx5O0Ivk6_Yej_PBKUWXroVUwCeEUSQ4LudGFtyHHA01L4nPy4VkMQx17uQ-U-KZyuh2_Cgug_DFzbVUgO4lXzjkSed6qcdlZIICD-Ue0Zqng&google_hm=NThkSmdwMDBSQkRFODAwNlJ4d0I
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Fri, 02 Feb 2024 19:42:51 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTQzDXyo9i8lQFQrQzp6ejuCwGdYBFRUabq3xtN-Dx5O0Ivk6_Yej_PBKUWXroVUwCeEUSQ4LudGFtyHHA01L4nPy4VkMQx17uQ-U-KZyuh2_Cgug_DFzbVUgO4lXzjkSed6qcdlZIICD-Ue0Zqng&google_hm=NThkSmdwMDBSQkRFODAwNlJ4d0I
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame C5F3
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEPjPxJqH2lGDM7xkX5Oz4To&google_cver=1&google_push=AXcoOmQaq_fNyf4wDPXRP5DQpvM7wt5wL08VCNpyy8vfxslUiVRZpJbghS_5sIrt1lZBVXRlAU_oxqm7G5hVGXs...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg1Njg4OTI0NzM&google_push=AXcoOmQaq_fNyf4wDPXRP5DQpvM7wt5wL08VCNpyy8vfxslUiVRZpJbghS_5sIrt1lZBVXRlAU_oxqm7G5hVGXsJWRh7q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg1Njg4OTI0NzM&google_push=AXcoOmQaq_fNyf4wDPXRP5DQpvM7wt5wL08VCNpyy8vfxslUiVRZpJbghS_5sIrt1lZBVXRlAU_oxqm7G5hVGXsJWRh7q_kWLFwj3chOSt8ncNRuKWbyjz7u1mNA2helAKPmpaW6nrIRiVUNYF4Zi8NPLEU
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTg1Njg4OTI0NzM&google_push=AXcoOmQaq_fNyf4wDPXRP5DQpvM7wt5wL08VCNpyy8vfxslUiVRZpJbghS_5sIrt1lZBVXRlAU_oxqm7G5hVGXsJWRh7q_kWLFwj3chOSt8ncNRuKWbyjz7u1mNA2helAKPmpaW6nrIRiVUNYF4Zi8NPLEU
Date
Fri, 02 Feb 2024 19:42:51 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C5F3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENP6Pi_wopeFpsW7fjt_9Lc&google_cver=1&google_push=AXcoOmTJHN1goCyTG39WJe24NxYI7VLFxfH02M5tCmsXGSL8HQzpB-7b2B-4NIfCQO9mA551JFj...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM1MVlCUTQtMTAtSTFFNg==&google_push=AXcoOmTJHN1goCyTG39WJe24NxYI7VLFxfH02M5tCmsXGSL8HQzpB-7b2B-4NIfCQO9mA551JFjO8MjpGARfPsE8lKgwaw6amLYWQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM1MVlCUTQtMTAtSTFFNg==&google_push=AXcoOmTJHN1goCyTG39WJe24NxYI7VLFxfH02M5tCmsXGSL8HQzpB-7b2B-4NIfCQO9mA551JFjO8MjpGARfPsE8lKgwaw6amLYWQod7GP176sQeAl23j9o53U2aimSFfGwzg4vtZ0NmNAO8vI1OPxQ1DA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFM1MVlCUTQtMTAtSTFFNg==&google_push=AXcoOmTJHN1goCyTG39WJe24NxYI7VLFxfH02M5tCmsXGSL8HQzpB-7b2B-4NIfCQO9mA551JFjO8MjpGARfPsE8lKgwaw6amLYWQod7GP176sQeAl23j9o53U2aimSFfGwzg4vtZ0NmNAO8vI1OPxQ1DA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
sync
dsp.adkernel.com/ Frame C5F3 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESENxGOWtsqwp8jJK9JuXP7WE&google_cver=1&google_push=AXcoOmS2syDB-4MzL5qnt8DEvIi6qgw0MZarfe_rljuQ8k8UBShW6oYqpoL7wWY_5ahrXlBJfSgVCmG9fITpGg216lJlN6b013dAFjFEX86xNSGiiHZoX4o6LSPMOCikOdINujs0ILezgGiEYXmgsmC7jwA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 19:42:52 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame C5F3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAmV3TUmv_AVj-cGzMfMos8&google_cver=1&google_push=AXcoOmR8HiMNP-bS8nkMJW17qa7w-SKWGAmarfnU876gviRx7qcJg5ThF6FdFnpLbt0Zt7Ksz1B_e7FRR7RQJclB7sOCAJ1BGZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR8HiMNP-bS8nkMJW17qa7w-SKWGAmarfnU876gviRx7qcJg5Th...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR8HiMNP-bS8nkMJW17qa7w-SKWGAmarfnU876gviRx7qcJg5ThF6FdFnpLbt0Zt7Ksz1B_e7FRR7RQJclB7sOCAJ1BGZZhrhhncr6zSYMWNun7hLs5DkFE2R0nF1hH54cV0LCB4ZjTicekuY2hUA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjgzMTk0NTg4MTY4MDQ1NDgzOTg0Ng%3D%3D&google_push=AXcoOmR8HiMNP-bS8nkMJW17qa7w-SKWGAmarfnU876gviRx7qcJg5ThF6FdFnpLbt0Zt7Ksz1B_e7FRR7RQJclB7sOCAJ1BGZZhrhhncr6zSYMWNun7hLs5DkFE2R0nF1hH54cV0LCB4ZjTicekuY2hUA
date
Fri, 02 Feb 2024 19:42:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame C5F3
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEFue5xbpBa27GGFsGeaJmWI&google_cver=1&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQT...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQTUeJGDwnxhXWPvgW9-8XoFRtPp5NdsBv4-1C7Muy1f87S8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQTUeJGDwnxhXWPvgW9-8XoFRtPp5NdsBv4-1C7Muy1f87S8ybfTOzOrOyncQpR-zytwXyrj1DB0GISas&google_hm=WmIxRnVzQ281czhBQUlkWWotTUFBQUFB
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 02 Feb 2024 19:42:50 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEFue5xbpBa27GGFsGeaJmWI&google_cver=1&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQTUeJGDwnxhXWPvgW9-8XoFRtPp5NdsBv4-1C7Muy1f87S8ybfTOzOrOyncQpR-zytwXyrj1DB0GISas","cluster_id":0,"gdpr":false,"ipv4":"116.86.155.25","key":"Zb1FusCo5s8AAIdYj-MAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad418"}
X-SO-Key
Zb1FusCo5s8AAIdYj-MAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad418
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmT_VZnO5uDt31EEmX2zKMVFWCqwYypB0-NOMYy8ZnSX2kQGoW-NwnCMjiyWoxyY7Y0vTdFQTUeJGDwnxhXWPvgW9-8XoFRtPp5NdsBv4-1C7Muy1f87S8ybfTOzOrOyncQpR-zytwXyrj1DB0GISas&google_hm=WmIxRnVzQ281czhBQUlkWWotTUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad418.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-IP
116.86.155.25
pixel
cm.g.doubleclick.net/ Frame C5F3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEMQVy0G2Iv19EL5XKReQ58A&google_cver=1&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOl...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEMQVy0G2Iv19EL5XKReQ58A&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOl...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOliOI-myiA5SLfmq3cgTjt2hA5FTHxITbZp6CD6w8wTQWe8-yPoq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOliOI-myiA5SLfmq3cgTjt2hA5FTHxITbZp6CD6w8wTQWe8-yPoqimrnl22zgGm-x-ZnCl6bUHO4QpLpW&google_hm=WGtoblhEbzRRSWRmRW5ncENvdFM=
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 19:42:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSylsWQgSypC8_X4AZqh5JMPnynKX8mjbdVQbroP3CRQSVhXLHsMARnIXw-vJVt44ZXv8qOliOI-myiA5SLfmq3cgTjt2hA5FTHxITbZp6CD6w8wTQWe8-yPoqimrnl22zgGm-x-ZnCl6bUHO4QpLpW&google_hm=WGtoblhEbzRRSWRmRW5ncENvdFM=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
296
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C5F3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIrtIsir2b2kvnPXMS9scINdxllVeOEZJu1F92eAWxbvHK4UfvhylXV2pjkKrUiAYpRD9PNg
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
AGSKWxU2OAq9ImYBSKM_34a8kloJQ4t7wj0Vde-YFcFR2d9RjM1SbL5gTPPxnm5HmSgZf9vDeDu6EBqF7erRafLIyUuMHled4xz680NCK2i3m74zYw6yZgKfULD2nR9u6JiCn0e7udXY2Q==
fundingchoicesmessages.google.com/el/ 		0
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU2OAq9ImYBSKM_34a8kloJQ4t7wj0Vde-YFcFR2d9RjM1SbL5gTPPxnm5HmSgZf9vDeDu6EBqF7erRafLIyUuMHled4xz680NCK2i3m74zYw6yZgKfULD2nR9u6JiCn0e7udXY2Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMzBBNJKcckvWemtDhs5ORqVfStDxQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ah-UaPfaMGvCMJrdBidBTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-ah-UaPfaMGvCMJrdBidBTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcOzq_rqWTeDHq32PGQHtcSNb"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.gridoto.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 6319
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNW7uDde1re000n-qLizQM5JfONavFjB8t8imboccWu-Cf-EJZ7c4nikHkYWT6AEnYhQPC1Qbs1Gzi_TZYX7Wx9VWm2i7rs4OdlJUqeLIXdVfVSwv3Q
Protocol
H2
Server
50.116.239.135 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6319
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNW7uDde1re000n-qLizQM5JfONavFjB8t8imboccWu-Cf-EJZ7c4nikHkYWT6AEnYhQPC1Qbs1Gzi_TZYX7Wx9VWm2i7rs4OdlJUqeLIXdVfVSwv3Q
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKL3S2d3nrLnjKReBh91J05uFdw1alzWF6bEpa4jAhmx1jaALIhgtlxEAX5eEzg7nBA0JNNqzW6SHDTau%2BnK6XKFFpybJUsGkGyJR%2BW61eCJQhuEtywRyzpeQnVuFISIMTLQtSLmWz0Pqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb74ea9581d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6319
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYxv6q7gEwAQ&v=APEucNW7uDde1re000n-qLizQM5JfONavFjB8t8imboccWu-Cf-EJZ7c4nikHkYWT6AEnYhQPC1Qbs1Gzi_TZYX7Wx9VWm2i7rs4OdlJUqeLIXdVfVSwv3Q
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdX1F53CeXF0W3pWz%2FnOrK9q7EaBSYMjAMxpCQaSpmPd0UKOEd7jljH39%2FP6Ww0jHeK2dAhyOXBikaoKQBHW%2FwEkMebpdH4VHl3cc9g6PcMKFcLJOOCfyMXLV9X2qfdx8WMV65s5q9bfXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb76dbb581d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 5D71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm&gdpr=0
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8oCr7gEwAQ&v=APEucNXIhTAPbIkRgJagtTXH-8wRKzf2QFU7XWeRzVoEav8noGbSdlRainFPXiNpoJZJLw7WPIjE634QXbNEqks0vkfvyqWiBez6IcW7gaSuDvcor9CUP58
Protocol
H2
Server
50.116.239.135 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?gdpr=0&mpuid=CAESENpAPTo8uU7FG_hAmaHpkgc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5D71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8oCr7gEwAQ&v=APEucNXIhTAPbIkRgJagtTXH-8wRKzf2QFU7XWeRzVoEav8noGbSdlRainFPXiNpoJZJLw7WPIjE634QXbNEqks0vkfvyqWiBez6IcW7gaSuDvcor9CUP58
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYrnxKYGlHvCPQ9t9b6sFd%2FvL7LiA2vkMAzjwoGzEBsXpWlbaG82pkgLKqPDwFqCZbji89ePreWUZ6T5X9irw19Dmfjluz%2B851JusPIDsPNuZ6GSdUln3eGJogMpgNTDbwrj8wEg3fV00g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb752ac281d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5D71
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8oCr7gEwAQ&v=APEucNXIhTAPbIkRgJagtTXH-8wRKzf2QFU7XWeRzVoEav8noGbSdlRainFPXiNpoJZJLw7WPIjE634QXbNEqks0vkfvyqWiBez6IcW7gaSuDvcor9CUP58
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqadVZ46AfBS4HazY7ae%2BJiB%2FhhQM2PS71ATnUJ%2FU6nj3Ln%2FNtVrIh8I6IOfC0yYtabDuHZ78Q0Za5CCIPpfoyrqnitfdfwq8qyn4gLBY4EDTLOhl7l7BxFAbBt%2FdQOstkXu5RdQWpintw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb76dbb881d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 49D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXRXRDhqMuWBBiK0OuFAjAB&v=APEucNXZm8byEovHC0HCDl5Wbdfvt4VtdKfuZ2salBK6MZxGvAPMOkw2VY-xWHrUu4aWruiDkw_toCoUmjZy1IDp5KReOYtrMp65OU1bLCYsLQrDob2un5c
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7i%2FwK7ILjLzhBLy%2BjtaF0gGK4n7dT7nQyfCWF8%2BHuspqNvNqIltlqZL2g8gZJOcH014QRECHMq7pKgmpvkKKlJAp3pFk4UwAuyk7jmYA0yYM4FztfHHC3qJTyahvn2TQzYcpQWLjd6wHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb752ac381d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 49D0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXRXRDhqMuWBBiK0OuFAjAB&v=APEucNXZm8byEovHC0HCDl5Wbdfvt4VtdKfuZ2salBK6MZxGvAPMOkw2VY-xWHrUu4aWruiDkw_toCoUmjZy1IDp5KReOYtrMp65OU1bLCYsLQrDob2un5c
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq9rvbKn2gkBNwxCr2%2Buo92ngeOSq4mpeOS%2FP0yM95rnoVOUcgwz%2F9sYedcYdkEZgq%2B2w%2Fab8fs9VA2TeXsOUvGZQ1S4oDh0IWy%2BkKb%2F2UctUYdUQFz8CpbZflSM9bd5bTBXcSpL2oL0Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb76dbb781d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 49D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXRXRDhqMuWBBiK0OuFAjAB&v=APEucNXZm8byEovHC0HCDl5Wbdfvt4VtdKfuZ2salBK6MZxGvAPMOkw2VY-xWHrUu4aWruiDkw_toCoUmjZy1IDp5KReOYtrMp65OU1bLCYsLQrDob2un5c
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
an-x-request-uuid
0bdd855a-0f2d-4b1a-85dd-cf253bdec00c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 49D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXRXRDhqMuWBBiK0OuFAjAB&v=APEucNXZm8byEovHC0HCDl5Wbdfvt4VtdKfuZ2salBK6MZxGvAPMOkw2VY-xWHrUu4aWruiDkw_toCoUmjZy1IDp5KReOYtrMp65OU1bLCYsLQrDob2un5c
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
an-x-request-uuid
6725b39b-7de5-40b5-a183-af786665a8ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 34F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNVZ9ass8ewY8NfB69GFmWcGBjCFbbbH9Hxke1BcH5ip5rhtGHQ1JrVL_IMtBLOn-oqtbEjJdk2RC8aC9UKn9uBzBrDQQoAb2-lrQETSPnQ6sb2UEPA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXhk8ha%2Fd5qye2AnVwhCKHc8lmaig%2BPiOQk%2Fx%2B1nVJArTnrq5F7ANfN9dm1siaJ7o11qvaRto%2Fxkrqe%2FhdGq%2BRsMiTvoMUIrVlr%2B8SfxmNAfjmbDAyOsR%2F7WXIzDZWGkpVJx0vVsDTXE%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb752ac581d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 34F5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNVZ9ass8ewY8NfB69GFmWcGBjCFbbbH9Hxke1BcH5ip5rhtGHQ1JrVL_IMtBLOn-oqtbEjJdk2RC8aC9UKn9uBzBrDQQoAb2-lrQETSPnQ6sb2UEPA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGoBPOOlUKBuMif73lAAMJzXyLTqIARP%2BGgXw%2BpqGMeSFt8q95bEI1Bhww0OH8ymPqmxCrXgU6Y6iVSshYRqbYyegZ%2BFpq6HQXcvSbANY%2B%2FoYPKpaXbwaUj3j4jQoW8zJKvd9rWz44hC2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb76ebd381d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 34F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNVZ9ass8ewY8NfB69GFmWcGBjCFbbbH9Hxke1BcH5ip5rhtGHQ1JrVL_IMtBLOn-oqtbEjJdk2RC8aC9UKn9uBzBrDQQoAb2-lrQETSPnQ6sb2UEPA
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
an-x-request-uuid
02d3a6cc-d3b7-4f50-854c-1a9d254dcc8e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 34F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNVZ9ass8ewY8NfB69GFmWcGBjCFbbbH9Hxke1BcH5ip5rhtGHQ1JrVL_IMtBLOn-oqtbEjJdk2RC8aC9UKn9uBzBrDQQoAb2-lrQETSPnQ6sb2UEPA
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
an-x-request-uuid
104b17df-dd48-4146-a307-d8a9b47d61a3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CA33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNXJSn665jQFuCOjex67acZ3LQHCqApaGMivuJCsjOOeb1fkFntudujOceNV9vz-CK2bg3GkzfGGoHmhsQGXsaCeAx1q8ZSh7UUhdD368suKWePEkSk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWLqhx9kehmzLgLlF23seNFQ8kKu2YeWbzne9QUULUTtQuvCwIxlky5eSBgieQv7IJeCfrB7ch5FNwKvPNwdHGITiZkkt2yRDolvx5AF2DyFsTqEjYFoqqWxABSy3iYr4RHoY%2FyZxgOprg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb752ac681d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CA33
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zb1FuFfX8sMj0aogOxXuuAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNXJSn665jQFuCOjex67acZ3LQHCqApaGMivuJCsjOOeb1fkFntudujOceNV9vz-CK2bg3GkzfGGoHmhsQGXsaCeAx1q8ZSh7UUhdD368suKWePEkSk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7Hp%2FKKnhHQNLhr19FtlKFcLMWRdc%2FeEuDhuQ%2BFeH7R3I77uzZ%2FebJnTk19MFwvzDjNBUAZmTaNP547YOMWKrv3IWq5V%2FV9B15Xs%2BgwWsEbMzXIytOIb8J5yxq0kinIlPS%2Fd7Y3UUoD99w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84f4eb76ebd581d8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH7XLcEJ1WcZ9MLvjkiMWlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame CA33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNXJSn665jQFuCOjex67acZ3LQHCqApaGMivuJCsjOOeb1fkFntudujOceNV9vz-CK2bg3GkzfGGoHmhsQGXsaCeAx1q8ZSh7UUhdD368suKWePEkSk
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
an-x-request-uuid
1da0b5d1-3445-4b1b-97f9-72c6a0e228ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEIpVqjAux-f83WgjNGSGFb8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA33
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO8DEO-WYxjlgr6FAjAB&v=APEucNXJSn665jQFuCOjex67acZ3LQHCqApaGMivuJCsjOOeb1fkFntudujOceNV9vz-CK2bg3GkzfGGoHmhsQGXsaCeAx1q8ZSh7UUhdD368suKWePEkSk
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:50 GMT
an-x-request-uuid
84408d64-e4e3-4a0e-a9b0-d3781305433a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTk0MTAzMzk1ODc3ODc5ODEwMw%3D%3D
x-proxy-origin
116.86.155.25; 116.86.155.25; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F4AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD6ThCFlYCqAhjejryFAjAB&v=APEucNU5bco0oJ5Fjvj5XW92bfvC5gQyhVsJWcL_blr-BENc7hFeG0md6eNcnrkRzTxF71kPSty2XQGVL9stWgTxauQW2qmv1PJv2jnc0DTw8wYL8zrXfiM
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLkCWzPwpaFGnmycmkHuzc&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F4AB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM4NGExMjQtZDc3ZC02ZmE2LTVkYzctY2QyODE1YTgzOWQ5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM4NGExMjQtZDc3ZC02ZmE2LTVkYzctY2QyODE1YTgzOWQ5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD6ThCFlYCqAhjejryFAjAB&v=APEucNU5bco0oJ5Fjvj5XW92bfvC5gQyhVsJWcL_blr-BENc7hFeG0md6eNcnrkRzTxF71kPSty2XQGVL9stWgTxauQW2qmv1PJv2jnc0DTw8wYL8zrXfiM
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 02 Feb 2024 19:42:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzM4NGExMjQtZDc3ZC02ZmE2LTVkYzctY2QyODE1YTgzOWQ5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame F4AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEET0QZGDr_9v-wNcWDJasYE&google_cver=1&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEET0QZGDr_9v-wNcWDJasYE&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD6ThCFlYCqAhjejryFAjAB&v=APEucNU5bco0oJ5Fjvj5XW92bfvC5gQyhVsJWcL_blr-BENc7hFeG0md6eNcnrkRzTxF71kPSty2XQGVL9stWgTxauQW2qmv1PJv2jnc0DTw8wYL8zrXfiM
Protocol
H2
Server
184.26.21.27 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-26-21-27.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 19:42:52 GMT
pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEET0QZGDr_9v-wNcWDJasYE&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F4AB
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmZlZTRjYzAtZjgyNy00YjFmLTkxODMtNGM1MWYyNTA2ZGZk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmZlZTRjYzAtZjgyNy00YjFmLTkxODMtNGM1MWYyNTA2ZGZk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD6ThCFlYCqAhjejryFAjAB&v=APEucNU5bco0oJ5Fjvj5XW92bfvC5gQyhVsJWcL_blr-BENc7hFeG0md6eNcnrkRzTxF71kPSty2XQGVL9stWgTxauQW2qmv1PJv2jnc0DTw8wYL8zrXfiM
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZmZlZTRjYzAtZjgyNy00YjFmLTkxODMtNGM1MWYyNTA2ZGZk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 02 Feb 2024 19:42:52 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 74BA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bee7-lhMjLTOR5BGfZfMmJZw8bbImVN5GXopcYLeYZB_gmkceqRP3bmHwS70DTjK-LI3QCfrt_6RJbKP94W6-vz1unQZMHRc238HWUvysR8rTPc4zvhYLbfgC86gwlBdvJrLi7l2gnC6d-aFLa0By2csbY9HUsrhoDQZ9E2Cl7FoG2eCpcSepfWOhs2ArINPB5e_VdlXwGrjy3mZicLRgoQQ4WFw&cry=1&dbm_d=AKAmf-BcuXR8hFYb3aECgXHsEOmsQNafalI22HpqPct_DBa2KupJn97mV4WckMEFxWmH7SJ28e_VIVIHpqZl49RWyo1WmYjWGO_4Lpg_N6xJzrdYS76Y0ZpQv-XjRYa4tyOL4FGCKetdXJsGLPU_txuBu9Fo2Q8FRnirSgBf6Sd8azpqqiti3rJwJZeXELfarblVI0hWFa0ye87cEmn1PeLBHh9YH5GMng42FmAMQuKhuUUndHNebDytqxauwKmrpV7EqlVDmoN3vd-Dt6yZlHZdI4SfypRFteoTJsmq8KdnEJAIGxJWpmiw1JeaxRuAdYF_GzONsDMszC_J_x5cNjDPZPhNsJ4YVcJrLWPmIPPQ_kRJ_ZIGp7W8eum0JJKfWCEs8WmBEMeY2q1B9SqMykuzxPC0BDLeN7g4RudlKM2rkotyl3mFDFBMcvBvJ8pIIZ0BemiN4_wHkjjJ8AXWcZbojNIuAzpCNSRSZCF41Fbuup1QnHXFrm4kF1boZt0o85SyLl0_5Qvn7iwyZjtvTjsqGA5tFM3jbbrerKPOuvZ8kAxk2llePcg7cthBDOjuRyJ7dTHVzLnhAHOGyfpQQLWxEUUCbdD4mgyvSjs2ezE_yWIFtrJoQltqerGnV7lcNEPddb39gTG6lMI6as7ErkZpv86GzdsRMlGZ0aWybGRTL1tety-L5CVqwi54b_ntwPj78-tNL4mEEjkQ0Zslnh8m3l4kwMzkVum72oNHlE7stGbzM0Jjmp_LwSeZLa0tVCk1x8XuhdOJ3UWQ1oHhbQoG6NDXKKwmzosRvrJXvUkWUR1BPLEME1Gh2jaUnhb1iUCc5oSafeGRqilloBI0FL9tuVNgkA4S615xTUY8pIaWfq00m2ANMrKzjRFcLM88gvQuQgoiIzKxy_Yhgrwtx8UkDuAt1r1lWPIBHJfQWQ4Qe3khSfqJZtMWintKsr6P9j8HOGH2wCHHXdIrQy66kg6QHiYB9lEQanK44aithGbfa1jBx0OyZJ0-3Fy73HF1ut9XM3oFMNos3AwTyLVw_D2Kbe7Wn3d8TpsFwLdW1R82OvC5Sj97h0pgrbaXZiUzifflMsrltFM1UFDIPp32ZClLBZPGjp-K2FR08-kwGH15W0O9jWV0qU0f4Hq251wQOnrA2FGhdnzRAmXRO-PIxRvLHx_JXTUr5XgBmMqJ4XPRoReZS8az_Jqk8AArjX_35FMWumiBtSelRlN3iGZxbkJVQLC23fBzbYMx_cfXZ9no8LG8FrJckKWLXsAS_kpgr_mfT679i4yJNzASp-Zcb2XBJ8DhYvtocDNTp23YLI5WxOa1bnE1VvAekQhMHP5eFf_hxmnKT1QN1HMWXR2u0X_avhzZtOvHjum3DF7W7CLvlt2ZplF7cklF1d-NwVCpQQuH4Yy-pB8OA0R7p9ngw0v78R3hl3vb48Let1MbsEgQKBHAzY5rQOnBQR5t5QGiElZtGdM-1apj9dGJmAFs4PLAb5QEj6pCiI6_pHOGw4Fo7FTaRgZ_Uhl-y9xG51mHZHd1xRyoP3EA-l7ktL04eqZATBOH7ivMh5PNoRET3lffTekSpoaxY8r0iueB8vBaTlq_iRKBdmYG4PQtaoJsOl7pQpRkGNWcEajg1gSF2mv6k0xFdEKNG6sTewBXF3ZvPtc6iZCp7XXAi9lcLyWTeA-_p1mvyan1uyR5SBA6qeYX4tdB996UOKYP2sZwLBRA6mbJfTQCYo8o983mSMEVwnDevsrTCf3vM5VVuYkz0EeNka7dQepzGSPtD5G3rOaoaRvmZUB36JGa_E6Ay4jn22xVT5Qsf_BYmJ_VGI_oeLEVJ-t3eT7o6Nawt7u9G0VTKvuJcJFNM7uZr1snOBV3w3OHEyyXc7oJONC4xo7x9y80k4pFjTZfa3pvYDwway9xleAI5fDwPVZs4S5RV3dfQ2Sc7BDUCSoIptf8tcDjnUT7zCQAQ0bUVUQdkyk2nWVVtloSKzXAIVvyWoprXM9OYwtPvhW3tLhIYihMn2psrCG29sjHHYrbpZNe8-vkPePo6Mzmvo-LCssYz1x4WvR4Xq_9jnU3ZqMZjz0i2VrMztrF6xqmz5e_lUzilOIyETtq4VcC3BJ6cFuie4yEbMSgNkOXu81r7usGa5g8CcLOZrbihh3Hlzd3_MiTiCp9lncI1iGLg_sxlMrZNZzmBZGCYCO5pKpx5XVjBtwe8J37CcjBoV5QnZAd4gqtVV4cfloJ4hukuh3wYNltxu4Rkl5ooEEC9KsCwh6RoDeXxLFysy0pcCJgYFpsCiZTgD3njmI60DzMT8j8hOUkFw9PhyHgSAVLZD78G5nZ6KeQYRcOdNqqwwjHWbNFOZd_4oFe6DB0hvQeh1fje-tY5zBGZa6UCA5rHSrechHnRfMxtf_exCn86fjTpg0Jl9gZqZWeo0Op-3M1X4_XF_OPM_Pg-dztUmAJzK8jkXXQj0j6gazXX7pf3CDOu1ydZOOfSXcOzgI2KNVxHhQeE9hF3V7MWqJKNI6JIfVM1wqnt_Otd_8uGZVfe75c0nTRKoMorWoYfUNuJE8YgBy4KErKvcyGMGnA5kDBkkgAKKm-F-uNo4Qp1v-LaQwLxOPJ4A7EFOz2w1IU4c7TDbyFj3JzYspKEGOqdr5syiRaTRKG-kRUPkj5CsBVcAvQWMRHWs_pqb4_XlvZWc2_W0FekrsNSy7epUqX0_uNKb7FOSOEbiWw6nhw94khc6Gm1DvNkasXw7lZ68Io5loLSOBNiSo3Zv0nIMzGM1dztlTvfml4Svx9WNWuXJ9hEctPVTWGMn06FRlZ2mkNy6VF0MhZPOv_s_Ys36_7Q1cf7xE0EkolqfS6rNj-c4u6cBTesWax4r8XZ40u6JMn89yp5tPl3eWc36C_P89J5BOW_46RFUBERZAWbD1PrXMUNMPT9XlnJDUoQ0ApVeglI4YEHFwS2coOPk52qkrrLZKYSedVyMGGP1_Z7fOU5HMxPBhxbct3k5FYtrYT-e8eOamIgbRJycFQYPWFRT0beqv70KkVDVNHqv5ko6h5vxjjzY-1A8kmecUJnVXuAD6gWvezF9pt_qdRxUDydlCZg9moRl700751iRQ9ZCrFgfsL1wxiHn-DYBZPIvBLdMS-O5alIufClgfMabZmUZySh-IQMxv0X9xRK04tU4lal763E6OOSfPZ2JE-HgpDOMjXFTLzXUiWjGeZ1y18T4x7aHjyAAToftwyiQ&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.gridoto.com%2F&ds=l&xdt=1&iif=1&cor=17296646576531872000&adk=2857193499&idt=121&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:28:07 GMT
bootstrap.js
s2.adform.net/stoat/631/s2.adform.net/ Frame 0B40 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/631/s2.adform.net/bootstrap.js
Requested by
Host: asia.adform.net
URL: https://asia.adform.net/adfscript/?bn=71174490;rtbwp=3587444100755FA7;rtbdata=Ld4lKAHxgaMUd3CeoRYeVHF3MzrDCzY8IjssHNACtQN4nJKVv7XCACxT1DiHl_BGGNB7MXBH_MT-vRgXc2z59XZ0fXcArzbugmf9ZQbJMaU_JjueFJgvkuHiNWfyAnTOikSyMY6XAlzn5NVclBZJ2jNg6XFcyCp3jKUHE1bqjWUt-pIqtUO62_53y_mXxtO7LBN-EO_Zou3k5klQBUJwelXA335yo2UUlvOcRluCLv7M-mKSGNd8_Th35rlg2QnuLvfGGVRulIApifyFOpkPMt_8XFAedtKw0khXRwdaSoE522vNtB8Sk0vLtfFSyyAe4K29f_IEpS8zYEhU4d9DNdJsi4LGDDecIdDbpLtEJtAlRp-VhDF9tcz6YpIY13z9pPLt2tjXjkZk9JUJFwE_MQ2;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/sin1/0/0d60094e-3970-4c2d-b79c-564ecfd253d8/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
74941a7c02b56b93f35f377e0d03f0b222b6785bf8c5b98fd8439680aee24dd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:52 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
HIT, HIT, STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:51:42 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B259 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCydL12uA38w-jySkwG0ADVhYKETZ63wkV2d5OaK4tpRMNI_5WN-1OjNYvOahW96M9MhW-7TnX2hX5e8wxNzhP5lR76dhkJZ9IghkZlkCeJpviixIj5BXxjNqTQuK6OPzMi9qwXl8AEko0GFK9hKIIhbBH6wxwcedt_ZRwjRBbufMHopo&cry=1&dbm_d=AKAmf-AAx4VSqR_WGkMmE0Qnwec0jfAtX19UTsui04qgasVF7-8WR_FAT58R6i4jxg8su-w0rIl73AfXs3ohYMjlYeoH4ubt2PRloBpd11mNZZlHbKcEb8qaShMrHTGiUjwSA7U2xBX69wil8G-3_ljxuwstbUh4qDw_LUBsQC2ea_x0VGXYucw047qUJeGhXTejEP1j2etLbbt2fQ5C3CXHFn87mOD3HMl0zR0RUjLYhCr7ovrvAraLYVe-FnSIZWXzkNNMKLEuXrjoNix4FqO4VoWUMqEBr8heMYOPvTsRi6jb7ByAaUSLt-UUZQPoSKkm9yj7KwyzTxcw_cmFoSEz3W5yO1SkxMmTSZGEhiOFufsd8D8nPX-QZHkvPOOlM_Zteu7lhPMLydmHGMxbr_kWAXBjP_SAYqSbRn4wrT4I8_V67YfEw4fyO9cblCukHoWy4d4S0siJalW9aumEu1PiCN-Yd_qjYY9pAaDaP5I4ZFDfjJgOE3WtFG23029zadFI-MXPZuzL_acd1W3rpM2gmMvZfDgGrMv8hL2gQL-fJJTr8oEtZsJAwNQ88i_g6GDwdmEIluCmZNRZZZdQ91tyEpCLjhFf-A3GwWOU26CJZUzaynSbVZmaoswxhIP3gWZWZ9mqG0j1-0AAGCPNR7EGQDidcC8VBIesRS1KreahHttFF0Aa45YZ45TFAK33kNVf39ZGkmI80zDxc5GCjZqtvWSNrw4sSNPQasqDUKXuSZfe2rNgvnZ2gyDs3QK0zGsLtCz4dveUoYs7uL_kgqcit0ifRKSCQtkqTXdT7KSiO85T1plUVZWRUK6g3iv8nTwTELZA0P_LxUiodNlBqVo3yiqcRYIPlFFUmg7y8Myg6AoK4Huo8uyvYAjaG5d6zxBna7v4RuPYcrEfRMBGd4hptdckhVDQ7NyNTIluvfBh5VjQPdNq50ttvjIjB396tdYOz-0sL7mSKOOfvO6m4j_UY8eNxlBwMxYlw8a9rwBsasHMkjPa4kTI3U_gNR0U37b37tsQ4eOG3CN1YSOYaAWt-s5agg1yZ2stcsJnfDoXtnPJJD4XvHYmq4lkhK9iltAdbtvg9b3mo7Vrinjw6R_uEQEAseizlz6QIClkHrhWIYAd_NEgkubZqPK6Hvs2uegs6WSgJ5g9pVkDgvpseh-b3vNSwE8OT11ixhjNsrl12zILMy_MVL2Jt16YcohE4v0_H-41dmqlDS5coxI28cuPIdu4uzFb6lqZJ_znEDdvzDeCebHO13blw2JjPrIBloNQrTWVaLllezSflYvDYe8LSz9ixzn9-slVb1uu9rg86KPsMpMUope5jS60-pwgQYA04GRnkJUBgHckpX1f1fhPnnn-nMRIv8lU70FfwejOIRWgOshcrhV1rzktgCMblfHI5qwzJ-G0uf7CPmGT_2eKJ_Kft35zMFLJqItVADRSlM7avZ4d8oC9jZgJCzXtTNOFuIsBBfAjWzpHzxohSvixpZo7Db8C_yHJD5LvqkdcCXnK_BlSdZHoDiuZeVHbGwbGRnduKPszvqL2oo0R3smDnb8KriMtMPq28YNPDjDrvvSr7ybHBMSW8sGDQb9LnrS-_EkJPQJrmG7LMRjEruVFQrqFUVaRFBOxBIawkCM2Ln4yFT71rDhiXcAk0Hqq3VjlUS6pV81JiCvXHiw9Ze8L7Tdq8kYbaeO3dwPGFUvz3DKh3xdqLcAb4SsvvnMegnCNHgPVfvTYzSKroe4SsZmhB2DCpcQKB4JkOeTveZl-pCB3rmk1WcljXJh20Ow0-X6-M2Al2tWmmZ08H_L6vmf3NWmKrDA-9z2Kb9l_D4jJ2DSAtgfKxgau_kqTdF1rQ3h0nGWIhOq80u-z9KwOFpmsaU77iRvn5KlSzU2CwXQkOLAFV0hZ4qtnCAgL5fvSfaG-9pyhHBMD-vAjAurK9Zc44w2hjgsmVpzkm8RRPNFSj4R7FLPnRDbQzYYT_Nj4ALPh6L7ptgboL-zKtq3UzBCMDDiTyNFPJ0DN28-S4D_rxghKb-qkpccWb9hU5Q66mGJKDskGnTQeaKe5T1Uxqdc5aX96NBS6rGDit6w6qhy37PGhp4PNYjG9u0m6ebfXWCgO-cMM3JvItnh-XaDU2Ra2NkC8LoEekwVxPAP4UQqjW-6pr_vNRtjPu1kuKDpPaZEAdf774YVo3q89mkcHJ9hC6aZA-95ELFIvREgFA0mVAWEdxoeIQX4zCM-HrFFODCgAazVm8fgwGVKHVe3qpKx-gmUxlKP6YuvAhJQqDn8-Mry3BhWcQWZ0mBgKLvcb8qr0_T7X7wXgkLZ_nHCuYxuUr0-PhARU770_ZdjY2j04SCKr_PZwmSfbzBKQYsvT4-6JWMYTiO9GhARry5KNifbkx5Jr-N7RDzwXEHBk-14gTUHq2BWXyeqiEyPYA-GBInLB5K4klbBdC5mVgJtsa8qQd3YS4Gqm2_Fedn6VwrKDp7RVr9yheGFzRkNWN0rA-MsMJG3JPkFeRRKQshycoydguFer-xqkRy-VL6MnuFZUwxyOr9lAkDpjdtQ-Lt1GnZnBMiJXP_mLGFuib8ydSgzHie_mJCQWPp4vYq1DUaHajvpopEphFfdVo6aQmfX1T-Meg6sasexRKXzoRuVA19La5_fw9NBVARbtjHe2xA4a5vImn00gvlUpe04J66iZUnDMITW6KXF-9_Y9qWF8lUhpxV_ZLLDD1HIjxFgF9LLSbi3qnIbkao_1oUX2fqDHC4Nq-GJ0-1nDHl65psOEcURHWLK8ywbdavkQAhjqrxbLaN3fv9UWWX5XptAZ1kgVQDcuePp6AsetzaUMRtaPa0MZLl6bLnRBO7XxDZ-V_4vAxR0Q0QcPRrZTngy5ZnECx4xoyEc-SqVOelWMvQWKc_il0aURBQ8of9SOc5fZeKRBKkuYZiisi2_I_MpK0NKQNjIuRBIyVudyaVss8pwMnWW1P2zj-qhu-e9QtTEUDJk7HPhpvX3DrV68j234br-yrW3BEIN7N9eAntb6hEcl_Eyve65KaSQhZGue-PzTUNdI3a2I7XTiYbED-zc7jctkCmYqcQa69amHJhHtEFP7WY8j4gjH1VOocFwgxVyGYEUWE69SWED6fvho0RBz_QC29fQxtDEDgFBM0J2KAH1T1yJuIdwHPYFkS4ZM1gK9PYPULLG89WKPYjM&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.gridoto.com%2F&ds=l&xdt=1&iif=1&cor=8666589886419761000&adk=3047537734&idt=89&cac=0&dtd=68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
4484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2025 18:28:07 GMT
index.html
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		76 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
fce796abed785346eed93f0747c488718a711f8aab60d6b0a718770df8563985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
730
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20226
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:30:41 GMT
expires
Sat, 01 Feb 2025 19:30:41 GMT
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 0591 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstjeBWWerHFjaXj-bjDmQC8rxXgR756gFxsySQi4ddUaS-tHk1VYN6EMQsQJO7sTrYLZgBFR5CJjl66-VovCo7uaNlqA9MopfRWPWytuI0KA6QtWNE_gzvYDURSpn0Sxc7ayVu97ADoo4itZvQNQOlfFeFRgQhsWMUwpPQmqGgnO8Fu6nWmrC_7Qg5TFiHFDo6LTo5ieWgkMuDxTZzihHNz88Z-_HQYswiNyb26veuXE1MfCzLemW-hAQD27SYDA62nSyA7aHiouxSA3RQp355SA_iO5ENO3mRSDBvhiH8PNnItSm57MHKLi_UBnujybC8uVsNtULbKIFNPXXqCGomS5wJ2kKbNCs7DOXYCPmkZ8TGkoMD5ra-i6CTFmuNkBUQaN6Wv7tdNxQyV3B8XBolDMcClHsKO-2qsQ_vxQqTi5yZeBZeaRr0j1J6pNWBAbcQaRCe_DqEZRRAI52IHg2p7P8XiF-zQiD1T7ec8rz0wjCuJ8KRnybxUG-jaBOdNpJdhi4q4uFHKx5TLFh7yYAoipX8uHOyy49MN-zQcPV7ovBtT0aib7zOrNQL6uzLHVseuxDDaNngWVkgtKVjUSos7dyRJYpjrMPExcoVF1DcLBkDcauw38tOM_m6mP5fARHRNPz8G99DL0WF8nhUnFrvcgNrvtMU_r2eNlOgLcgtrKq3XpYrukxdJFL6ypUGQ60ayVuSHdiQ-8tTNo3D0mp3UC_cVHT_VuvOkTJUofJbxw8LbRmoANTVtjInsGYnUW1U-11soKlG085WLRtcm4T1ew4HVXCOJPmR0HyuS7v0G11bwAqZ50ErCBYooO5P0x79qb1FJI2IPGRGlJ-RRvt7ipiC_xVQOFl5Peo6jttI7OD9FkcR-hQfjtjBYMgcXMK09KARgqRqZIiJZfUtYhsnBSqlxrDsDN49Zg9aB3e_jl9pSnbgK6lwYUsOnnarX6KI56spbtn3P6MgaBSN2caXi-iUq4Fc2gCDzIaxYEFu2B7RoYQTRwlkfTEcSta-Rzfzg-daAj1n3Ys4hwN20jHpOJJ6eTst2bAqjsbLB2xiE7aBzQeT3VnbOZvOinyHwz-f8_2zJbU6SbNOkOdYOJHJAViwan99FWxTBDt2VHS7kbnT8gr6p1N0T4hfK7P2XRivLZkjVMad5o7lQNZX5wj9GCVZsilXvVGQbFrCHisBkkqCkzHXPOImZ1bEO2u_e-VCm_8-ZpIELEqB31aVe9dnrIA8loqDw7TYVfsd-3B7EhI5AufD_WRt3dPQ9cGP0T_gz5dMOhOWQQhbAUPJ_VRkB9l_BnLdtJC6WoJxMW8nTqXh-US6bdyAXij7Ik4snf07QoUPjwEnXedftaKffWaxofdHXHfZ3lcsvWEH3Jz1m_5W7XDgGZqy_yQ3CWky_t15fTi827pHNziWYUhswtAazbXvu5XBb7All3y2-cMAbDr3Rm-xV9xwlC36v16pyLKH03YDEDK3J_Bo&sai=AMfl-YRkEUb5D1f2fyEl06RT2pf_e9WV4quxAp2s4jGh_rqcNz6cK4d9_PC4Lay8Xqu9SrXVTtPYWe_donVjUFlzkje_EJdu4U2zHSGPXpAxijgMzTMfqqjU-Z3STw-5cg_JTnjc1TgtUEh6X-rAAuP0xRuLjuv8pmqx-5PPA1i7iMXY-ReOJZYQ9lTL8qz0x3iBH2Fp-i7IrAnvEpBgOK9AJ3hr5i3Vl8NtHYoVojr3WdBWm2s7OV3SLqaeIImxqYMzJIS7cb_zjyRtRetnwL05gPx0vSnFlr4WSDM3I7jy8_VjlDjLuOsgko3213YpWGC17VXPb9FTG-h3CN6nJMkMVgjOId-cMHetZ1fqTLYvnZUrqvPufDiHtqA54h781o59mQh_WHzoLMnTM8yoPYkrceRS3BOtRN20tFrDnA&sig=Cg0ArKJSzP7Bvf3ez-X_EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXRpYmFuay5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=908&cbvp=1&cstd=905&cisv=r20240131.15771&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 02 Feb 2024 19:42:51 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:51 GMT
truncated
/ Frame 67A6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea2cd32350b83d4b793d5235b2bd920edefc2a5f67a92154c1379874cad65134

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3A99 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b69c396d7f3e90a7d9c557a8aa2dce50db29c018fe1867046630fc86658fa18a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0591 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0156e9de2dc4aa6709952330b7052b7aae571d7332f082ccbae987b8c6853de8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		76 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
fce796abed785346eed93f0747c488718a711f8aab60d6b0a718770df8563985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
730
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20226
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 19:30:41 GMT
expires
Sat, 01 Feb 2025 19:30:41 GMT
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 3A99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvVohB_5XhVpzQEGTR_vLwpa0Wfnu7OzXUd4Q3liHQfu-4HwoqciQhO_64O0iedtoHxbGvikpVCld-kEAV2vcuBDEdG10kDlAQS8NvxlgPASMYKZ_LtvVoKtmlfUQ-z4weD05MP17ci8iftzEKUH4qGLT6NT5AERgGgOxwFgIK9e5fyP8_EiKdV6F7d3sancBqo9id6SfV2JBkiQw_EsSk1HA7kdLmkYduJ4LJ7v_0VWiZnu9vM8ItscSL9MqHYY1p_p_FWS5umVuQdNyDdznZrSmL7KGEcbj6zPjKoCi21lHq4GB2JAPTdLXetYZsPx5lld0WSnBZr4NOfUxLhtLC2skWCYs0El42zObR1zdWBFGcQ8Aiu5mc9XHfAl2vo8w34z4lpqQBabs54Jj24P6RFlcgYA4WnsOzuCGLqcaItGwXVAfcnoua4qIg4FSl36V6Dbqo2Y01hU5ly3CdDVTpAHBzEyvZfp0BVGrS_rdTqrQ7p3AChhZpPn24_uHdnzuIZ2TQxDHOZdN2j7go1ZRTSnu26i0e-NVzVvXkMMc3ZwGPO2EzbxZxxpjipoleaB_Bm1vHRtBI0qq0Y1lMOPhDepLDQG-8Oqyqa5-LAAIckHB1TRsZQFVuxG0rkfGbVdSODM4e5JVCTS4HRxI2eq5orEWj_8C8LmxBgv_NhDKtj5HIq4r0RM8CuoDlH9rQZDRzubEmFTpF5-0U_yXrEgAhkePtJ8bjADKVqnlcinNa3uMkwPdjVSLC0eMO1AQ0DCsMYJq2saEpcp2CTyX7tLw00jjTOOCVYavgp_5l7sBxhgGxtQyOOc1L9xVRE98QgsVMy-tYY4FLVC1ErS8uV3O2AguND2AdpxvhdGd0KiMBL5l4S93lZ4WmpMzRFkpr9Q7Cdeu5JhJDV9WLTuahSklUS0jKlCzUtE9y2sR_boAdE0Ma_JpTKlu8QKwoOaNRepOQjvrSOb0OFWu9pxXepzR2Mj97uhXfftYjN3PYNrx-A2yShsa70XuDhn0VV_wceOE8tby553jKQtewKqVUE5R9dZEJRGkdzk2N1Ik-u75LfKHwzGpbAZbH8YsYz4JYJF-ArcN9SUtzkyZJfN5zY0aMuWYwh_EyrpPCKBo73VHOeWttwiiC0OV3EPlKEuth5wrqrK-jUbO7NAiu27L9g4oals_pX9FV7inqfXuzSQTvllFqxE2YvDnMtMgYU_MD9-0zfj6t4jMW5XS3sXKx5ovJOqEJenOoW-YOrYZ1y_XWheB1TUCr3bwygd-qUixraa-3RxC90Jkfvmo2RV2KUPNEbJW-O3cVUt_jEA7FK_dlmGVHUDaeJNwaaj8Hk5Hh4Rju9FuDTvSETR_Y21hnMPFThId_idgy2mGCSaZim3E5rOqiZLdNlZ4B27ae6UHFsKGZPiQI_KCQB6c0GAWuzSow0n0yQIW3V_pNhTcXdK9ZthRIApKgtJP3axm9JNDFcb-nu_avhbMEUZnc&sai=AMfl-YTSYg_ToDOjXJBnSWIsmT9pQyTyplGuySm8zyjQYDHMIjUkvBXYmkZrucprnR2J3ePLqMQFSGhojzm-ILsqSxwzR-093Ek3eVqMuBaN7w7wtKhXX6l4ctiHCu-PqGjuopyVOwS_v-gkSuNJra-CzwOp7DBe0RfnFCXlvIYsP0EA9xqVQndhWUspyDy4CmlTX-19uu0bnFixAktz58YaZlcbghT3pLk391xFnjnfhiMqyTksfQwENJxJILnhrjMcPv8IA-tENxvGTcPaSH2sCYsW5x9n6UI-u-T44GNKDl676PrhjTDx3n1-vksTGILuroMNVVcgs7EsgFVlfn-5KKkywC9mkCJKM0A60ZDmIAGJAdhw0fRoz-x8I9sozaj6FnS-drlPPKrONdmGTGkMwgeolMNwONVY2dlpjw&sig=Cg0ArKJSzHGpicRJNECwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXRpYmFuay5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1085&cbvp=1&cstd=1083&cisv=r20240131.45704&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 02 Feb 2024 19:42:51 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 02 Feb 2024 19:42:51 GMT
truncated
/ Frame E8A8 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c382289ab4ca6d2aeb4d2c5fa3e4c668d0ffa5e938dce88ffb80cc96a48f43a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
adj
bid.g.doubleclick.net/xbbe/creative/ Frame B259
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9k...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi...
53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
06f57812419d63e8a1ec11176dc671244a7dec2364b6f18f30bfc4861e1b80a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21523
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
server
nginx
x-server-name
app05.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 76C8 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-62.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3228756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
x7FXOiOVFnuyJ5UpVHG0KqizqUTZ-SV4IcK1Kw_kU85G5QIQ4oKhSg==
dt
dt.adsafeprotected.com/ Frame B259 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=bc3b56db-b679-5288-ace1-caf014b50877&tv=%7Bc:37RrR0,pingTime:-3,time:70,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B259 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=bc3b56db-b679-5288-ace1-caf014b50877&tv=%7Bc:37RrR2,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&tpiLookup=ao:www.gridoto.com*&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B259 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=bc3b56db-b679-5288-ace1-caf014b50877&tv=%7Bc:37RrRc,pingTime:-2,time:82,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1510,beZ:1511,mfA:1515,cmA:1516,inA:1517,inZ:1521,prA:1521,prZ:1536,si:1543,poA:1545,poZ:1573,cmZ:1573,mfZ:1573,loA:1581,loZ:1585,ltA:1591,ltZ:1591%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:33,sinceFw:46,readyFired:false%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C0CC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 18:25:11 GMT
expires
Sat, 01 Feb 2025 18:25:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7F52 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 18:25:11 GMT
expires
Sat, 01 Feb 2025 18:25:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2355 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 18:25:11 GMT
expires
Sat, 01 Feb 2025 18:25:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame B259 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=bc3b56db-b679-5288-ace1-caf014b50877&tv=%7Bc:37RrRQ,time:122,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B113~0%5D,as:%5B113~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4C86 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 18:25:11 GMT
expires
Sat, 01 Feb 2025 18:25:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 67A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstHsFLrdAqsEmPLpSZMQA_-lh1ElNWlXpxkCL_gQrrRMNC1y5zwzblsNBcaBnKuw4x6IVf3r_Qa8mn986VZ8pAOa1_SernuGzNCk8YRykdCqBNBTzBxIm1bEqA0KwG83StrtKyMbMaAhwr2T8tWlwqwXALxyUjZmltOiZ_OqdcQZKEWVD3y8Oh8Ksxhz57H9zt_VWi52bU6Uz_jVxfBvCurPW_ExPwnhxMwSp5KYo5B_rYmY_rC_knXBZjW8MoUR4E_LM4wEJwmN9kKlnzME7sIYCcmMecNEXVQGv5T7HqjnZdpyAmcMdRv_BmqNRIvE4bXXU2IDE-5FLd2lHmvZvLFvoLvgOW_refsPgPYzAQxlyCF_NG6dJ3wzjQZh54erREcU46hJk5zybL5Rhm3oUumgHhqqD6w6NjkrjsErDXrTaaYFyAbaRHHc1bB6QsDc9s1hkcWrh6217bjIQx6c_H3bamvbuR-8Yc68_fgiZmmrRbWj3HsMww1WAPB6PjHDqyFRPYOx86Or4co8PzdzhoHTBwOm5vCe64-09toC20ID1pWtDk8NRSEq3DVCi5k0jqUN7ZvsPBrHTiWOUV14zaxTSQNQ1nqFUtiywLXskXAyohDzUSmJgjMfuVhOmM7bT_wG0slVjybbsHlHn7idqznD0YXD9MgixsdHBgOqJLoL01c6W8up9dB3q-ryak7DTkXbg2WaPWQ7G5Fii3M6Zc-odxksGhs99ROrB_otn4x_HutSuiPYIXiYC0KskYoJN701WL3NTF5dP_krGvg7am0CBKFxLLkYkFsfimg2J0VMnGdNSoUh5VKZ3OADmXZt-t08SsAulMV8lR5V7-s2PiXu4X5X95pdvRKV8ZHmq1Xv81Vta1V_NTZWPGBzei4YONgBUGlzSD-jNur11Ht_etwBCPDHc4AoSyjWGndnrhOmlNBUfo1KOrP7mGE_HAke2YQtzfXD987zaJ2-gt6dRP40fWR7VbuhpopK81aj-sXg-f3rzkDrh-pWhlSZrQz3VUGD8g3s-hetv_lHmzCfORjJ4brSVRMmazHhMeK88Mia5jj-u7uV-NkRN3VIWDAqdTBZQCtMLBtj7HSeC3nNGxpBonkK6dqHdGaQwXEI1grSnj3WRqgQ21O1oy1ueLKbFDK9_7L5_S6eBcOjtDYLeN_5OsMeufUhH3B0PqzPaECbqVxnQoJLq5IbP0tT1RG9fjFHj7N3SMv9L1fGpNttqqvW1uxTRukFgdTewwItM5DbbH6wlMN5XY34pt7gBjFPclUqX15mDG0RUWLXP2Zs-Uemyr_9s7tl4j545UcxreIPNLXgYTO2HgTOrhfMXlWdfRKma0rqPczjuG_QNNYVGWlLystrRdajkDA4fuR80E_tYpNno93xJAlSUoMI2CIUiu8o1k7McJNrQIVd-hn7H3FE8MrP87jRNwCgI0AYd8b6LDE1rWgBxKYxR9eovZBzw9t6SRyNP8XedSMqdq8R5aFfZNZcTiaYezWP9fpiAGq6JnI&sai=AMfl-YTXyXOln7ypb5nYX4Pe_Ljvu4QZrCy1mrbvyrBnNE3_uCUagto_zubyQWu7THJpmD1lGuq0fNriVMzskZX-e40vKRzUlHvSLogCo_6whcxOKZA4Q8D92hwKzJ6b7ivdR49NX9gnwXAc2kF5CzEf2xZaBaCFn-B3fOlcAwpz3k_3YOEMQ7gj14_4p7M8l45dT1jb5sw3cL7hDOD7MLqdVHa5AVC2yFURnU136ixuu2rss72zsW3UEt0dYPMarrXgnPcd4YuXIfCI_hnUM2fmrN5DOKTmZ9aoS5otWDzGvxjwC4nKuqJbvtNJArWnQcsoUGGswHzUayrFW-RZ4tZXc2ofCnddzL6twVtS8oUkTdq1GFpIvRvyKZ8-a0ByilCEi7cgoe7_GhhtwIwZl5Xnyxe2OSBhCBZgRm5yg1sk&sig=Cg0ArKJSzAecyKhpGvuNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vcGVuaW5ub3ZhdGlvbi5zZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1296&vt=11&dtpt=1294&dett=2&cstd=0&cisv=r20240131.76003&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:42:51 GMT
view
ad.doubleclick.net/pcs/ Frame E8A8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssFbJHE65Xq32k5yrPoxBXcpMyGXke2cJDuTaZsE1PrHr4DFX2HdB2g3j-VH1fQkjt7AfKXoqy5N8R5y7YzEG-jiE0Fmc3Odc9yAmAL0jgmdxFRll36sVzAZqItGMVt4iJWWWVBh0UFSZIytXCCotKxZUm0op3rRT4UuI1piWP58ufifI3Nj3kcEt3S4BMzBDAYJ8cgvbKXXi3KBX2iHpyELPx6NhdiJ-YiN7Kv5zLyafHRf1wQB1KKRzHrMbfrtDZeTrJ_okpQRoZ1K1S8MmvFMK_H24wvXTAEbKVP_Lf6xbEJ7GmfldPG6cLvo2LoqshHPiTkGZ-71SdQV16YlUGj_Lnujsd58SXTQkCRLYFzL15xtCjnth5IBMpJESZS4YqeYFdSJxiPAZ0ulq6NyffoBYbi2BgIosMZT88kaCE1MoRtP02QbUd2V4gZ5D5-Ed16bpMjHv5cz_SptYytVwnFTnhuQXWp3Oj0964A_1purHzzRdvnxlW1vBY5jGWJsrl8BOJLr5jM-6-7Np7agL0YeHqN7A_kblaz2Mu0QxuzS0gf_4JRI52xoqTQpZzP13f6lkrX77ffbdSCsa_EAqfTUEefLVDtrbFXLTgMS25TwfCvVxPBRhA01ZZLLEI3B1WY8v8QLSISO5KFMJP_tAw67VScBOi1Sp5VmukUdg2mo97PWXfH3_ZkKQML8Uny5C3IXm5ARx9B0j925DeJv-oHpmlP7ibOo0szLVwFh5DSmJPrCOwFsVTbwGpdycjGeR5HkYK-SSkUTREGvp31rcbfSoLLaA_HLswJJc9mGqOfHfFFtn-WkTWCIEjVh5Y62NCPFFnRpoau51W1tTsQjO2SoW8qr21FrH7KYxKoAlY3n1l39ergQwSjfcCXdx7B_uX6H6QFOxYNPgIvtga8OAayEOJo3SMvDqUo0SftwpfNHn823yopAnpN1COIyHtWSctJe1ERZl0BBfzYxdgfd8f-axNmOy-7RFBm659I9ab6aAqRZaAitdaED_ZR8AcG56g0fFpkZ9TZResUTAuDUjnGPT_jrWDXMUFEB-QzTQJQMCrPpEGiHCKnQeFq4a2txRIqUbyskj-sCyf2tDcfiqq30svO69tyr-zteBcraB5lTZaWkkIw2WqDJg09KKLFHxHXQN1zycsriWI9v_V41NioFctt6yP-Abct6UOluyojwpawAoO6W62UC_DhkWTanniQtASSoQtHGlZvKjIsZCQ-e9dA9VNU7u7LfznezTotMN3tf2JEIxk2Ykyr7hiRb2NtrSfwW9hKcZ--TuNRLgpSMeZZbOcik0zjFZ6qnFY2pFw-dUeGEewmMaDsKMm-IVl91GciOVCM_3MfmCdaLTMVoWS2M0lOXwZc5f_qNnNHo5kg-N9XyXo4agmq4r7atmeAlCoOaDp4JPDTPqhtEwupCfzKVVyrrx5CR9i9xorW1jttkg&sai=AMfl-YTupcE5-05_BbFn8pTHAL-4hZB7J798R8M5rA8yI8rSDgIVpEdmzeabihvJpH3UTUJBM7iDODFm2tTKCTpOowexZnS3317F7BaTvr7YVraYyMm3U1RMWswBeRlWpkCU3Ubu9KwzQLrWdKuGddfD44Et7dp3imAzyF8hi0-Q19RVA2GvBEN6wLtOuafj77w4HH10SlAAgzKSZwsbch5L5ZcOMESMXy-wdHsi560xXKaFDtQVK_ymBKX4L8SC7bc7DA1JwxHUtCu1gIR-dYZ0z2UVarz8KyIrtgR3r6ec8Cl5e37y9eOODD6AUl9xaUlKvIT-nTn1Zgdl0kqWTesF_rm35caOPAQS5_4bvF1_AfGfJ-5PhotIYVPJ1dXQfTg1MNBNa2sftsPzii12AKsm4tbVHd2OxxexolHZbtjgZIavnDNc7D0&sig=Cg0ArKJSzNJqXtbly9PkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zaGVsbC5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1309&vt=11&dtpt=1307&dett=2&cstd=0&cisv=r20240131.86864&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:42:51 GMT
csi
csi.gstatic.com/ Frame 9EFA 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ls51yhy3&c=5648275649491&slotId=2824137824745.5&qqid=CJOTh4m1jYQDFRtBnQkdcN8Ezg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa03s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EFA 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C1-KWuEW9ZZPXO5uC9fwP8L6T8AyUmMPbc8vWgfK6EcCNtwEQASAAYL8FggEXY2EtcHViLTc3ODQwMzQwNjEyNTMwMjDIAQXgAgCoAwHIAwKqBKoCT9AGKU0tbCXpwsmXEo8YyHoHBc-eTtMFO0Q5IbTl8XKEVwBb8qiBHEf9T2SfXFgKXZhV5xN4MbnxOeFsFFApzScbn23Dv5hMQLMQUfa0Lvz-pJrz726NTUmc9OtIAzXbLq-WExX-YAs3X5d6hTQ_79T9fmknRAS64ZN_EBoO5oO4UugZUIEUV-k65_GDTtwOwXjU8UvWK_DxQ3TojaNYth0MIFi9XxCBInmlxaGRTtFynlzbPTNj_kHh8HtraafLDcgh42rqcTBeTPn5i4bHcqmoyQ9PkyB96kMJF0c_Zjkt4EzEsaW43DE7RWt-1UWQXy0aen8-oPWjKdcNrgNF9bAbnPskXitl9mcEKQSwbRSaIkM7uDCT_K01RDMPKfiK1GgtgfjTebXN4eAEAYAGvaXRuu3Su5kgoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJ6FhIm1jYQD-gsCCAGADAHiDRMI8fGEibWNhAMVG0GdCR1w3wTO0BUBgBcB&eventType=clickstring&clientTime=1706902971492&ai=C1-KWuEW9ZZPXO5uC9fwP8L6T8AyUmMPbc8vWgfK6EcCNtwEQASAAYL8FggEXY2EtcHViLTc3ODQwMzQwNjEyNTMwMjDIAQXgAgCoAwHIAwKqBKoCT9AGKU0tbCXpwsmXEo8YyHoHBc-eTtMFO0Q5IbTl8XKEVwBb8qiBHEf9T2SfXFgKXZhV5xN4MbnxOeFsFFApzScbn23Dv5hMQLMQUfa0Lvz-pJrz726NTUmc9OtIAzXbLq-WExX-YAs3X5d6hTQ_79T9fmknRAS64ZN_EBoO5oO4UugZUIEUV-k65_GDTtwOwXjU8UvWK_DxQ3TojaNYth0MIFi9XxCBInmlxaGRTtFynlzbPTNj_kHh8HtraafLDcgh42rqcTBeTPn5i4bHcqmoyQ9PkyB96kMJF0c_Zjkt4EzEsaW43DE7RWt-1UWQXy0aen8-oPWjKdcNrgNF9bAbnPskXitl9mcEKQSwbRSaIkM7uDCT_K01RDMPKfiK1GgtgfjTebXN4eAEAYAGvaXRuu3Su5kgoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJ6FhIm1jYQD-gsCCAGADAHiDRMI8fGEibWNhAMVG0GdCR1w3wTO0BUBgBcB
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9EFA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ls51yhyd&c=5648275649491&slotId=2824137824745.5&qqid=CJOTh4m1jYQDFRtBnQkdcN8Ezg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.20y&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icdi=200x200&vmfc=1&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa03s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
o4A9F8jfMD9LXJfGHzQc3GIecCgQRksAuqbSPA
p16-ttam-va.ibyteimg.com/list/300x300/tos-alisg-p-0051c001-sg/ Frame 9EFA 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16-ttam-va.ibyteimg.com/list/300x300/tos-alisg-p-0051c001-sg/o4A9F8jfMD9LXJfGHzQc3GIecCgQRksAuqbSPA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.190.187 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-190-187.deploy.static.akamaitechnologies.com
Software
TLB / ImageX
Resource Hash
da00f15984494a6ffee94be8243e040c31e15730408eb7f57886155f55f91a70

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:52 GMT
x-crop-loc
(0,396)-(1080,1476)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-tt-trace-id
00-24013104035957940208211C8A65FE5E-547BE3506DF4027A-00
nw-session-id
2024013103463706216A7CA7687B354856k25nl21df
x-powered-by
ImageX
x-cache
TCP_MEM_HIT from a23-47-190-183.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=1
x-length
47975
content-length
47975
last-modified
Wed, 31 Jan 2024 03:46:39 GMT
server
TLB
x-tt-logid
2024013103463706216A7CA7687B354856
x-response-date
Wed, 31 Jan 2024 03:46:39 GMT
x-imagex-extra
{"algo.succ":"crop","enc":{"h":300,"nq":95,"q":95,"w":300}}
content-type
image/jpeg
access-control-allow-origin
*
nw-session-trace
2024-01-31T03:46:39.980281172Z 1899
x-request-ip
fdbd:dc61:c:51::153
x-origin-response-time
20,23.222.242.133
x-response-cinfo
fdbd:dc61:c:51::153
imagex-fmt
jpeg2jpeg
x-response-cache
edge_hit
timing-allow-origin
*
x-tt-trace-host
015ac20224d4832211a55636f5aa30556c65891c6f884b2e071ee40f4ce0d33fe650c4b29c83ecf97be20e782eb62caf5d173dc301cfe491e5a346bd1f678623a41b559562716ae2770e5f21baa6ce950a0ca12f263eac46bdbaa54f28be843a10312b8fea9a587864ba581db5f824a831ef9382de96bc9dd0d7bf3404a04dbae3
cache-control
max-age=31305815
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1D6D 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
21347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 13:47:04 GMT
etag
48472445140208031
expires
Sat, 03 Feb 2024 13:47:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
toutiao.mp4
v16-ad.byteoversea.com/36120cf0846ed669055e00300022ad0c/65bd6ff8/video/tos/alisg/tos-alisg-ve-2061-sg/oYe1DEgVQulghFAlIB72mQFHDuCPsBf7juCUJO/ Frame 9EFA 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v16-ad.byteoversea.com/36120cf0846ed669055e00300022ad0c/65bd6ff8/video/tos/alisg/tos-alisg-ve-2061-sg/oYe1DEgVQulghFAlIB72mQFHDuCPsBf7juCUJO/toutiao.mp4
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.190.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-190-8.deploy.static.akamaitechnologies.com
Software
Byte-nginx /
Resource Hash

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

X-Akamai-Request-ID
2a3b5c47
Date
Fri, 02 Feb 2024 19:42:51 GMT
X-Expires-MS
1706799887262
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
X-Cache
TCP_HIT from a23-47-190-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
X-Bdcdn-Cache-Status
TCP_MISS
Content-Range
bytes 0-4120049/4120050
X-Parent-Response-Time
527,23.46.16.55
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0
Content-Length
4120050
X-Storagegw-Request-Id
02170679988607600000000000000000000ffff0aeeae269c97ec
Last-Modified
Thu, 01 Feb 2024 15:01:41 GMT
Server
Byte-nginx
ETag
"a44ea1834bc0a486f4123dfbc24be776"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
X-Storagegw-Response-Time
Thu, 01 Feb 2024 15:04:46 GMT
x-request-ip
10.240.249.196
X-Origin-Response-Time
307,23.67.74.149
x-response-cinfo
10.236.11.212
Accept-Ranges
bytes
x-response-cache
miss
Cache-Control
max-age=2592000
verify.js
rtb0.doubleverify.com/ Frame E8A8 		450 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?ctx=20953885&cmp=31227244&sid=5129415&plc=386330975&crt=209483721&advid=8417622&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=970x90&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=120.0.6099.224&brh=2&vavbkt=&lvvn=28&fcifrms=17&winh=90&winw=970&chro=1&noc=4&wouh=1200&wouw=1600&htmlmsging=1&refD=1&scah=1200&scaw=1600&jsver=5323&uid=1706902971660865&srcurlD=0&ttfrms=47&num=6&dvp_isOnHead=0&flvr=1&ver=5323&jsCallback=__verify_callback_1706902971660865&jsTagObjCallback=__tagObject_callback_1706902971660865&ssl=1&prndr=1&m1=13&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1540967965178.2214&ee_dp_sukv=1540967965178.2214&dvp_tukv=43937446446.60464&ee_dp_tukv=43937446446.60464&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=0.5&dvpx_strhd=0.5&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8C%3A5%40E%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8C%3A5%40E%40%5D4%40%3ETar9EEADTbpTauTau7b7h_3abg_3hda2b62h6hhbd545hf5h7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&referrer=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
58127ef3cee572aff575009598114aafe3077ffb68287828a87f3d3b56f3e05f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Feb 2024 19:42:54 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
02/01/2024 19:42:54
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 69F3 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 07:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Feb 2024 07:32:23 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A51B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 18:25:11 GMT
expires
Sat, 01 Feb 2025 18:25:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8779 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
4660
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Feb 2024 18:25:11 GMT
expires
Sat, 01 Feb 2025 18:25:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 2659 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 07:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Feb 2024 07:32:23 GMT
4.js
static.adsafeprotected.com/ Frame 3A99
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1937257/78037242/4.js?adContainerId=brand_safety_uEW9ZY_XO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZY_XO5uC9fwP8L6T8Aw&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZY_XO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZY_XO5uC9fwP8L6T8Aw&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZY_XO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZY_XO5uC9fwP8L6T8Aw&true_pb=
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
52.84.45.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-62.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:06:41 GMT
x-amz-version-id
zbjmrmX9La72mdzfuK7odzxCP3od.Y1E
content-encoding
gzip
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
182173
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 31 Jan 2024 17:06:39 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
X65rA0QUpHVf2VS1dH8tAfQLwPhwoz-TluYUkH7AI0ggzoeqa-R8sw==

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
app01.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZY_XO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZY_XO5uC9fwP8L6T8Aw&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6F3B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-62.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3228756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
k-iodkfKr4DLlTE_efX0FN8BVySbyQQrlS27j73K0KKGeMAi81VXiw==
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 74BA
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMm...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4...
53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
8e6eb64e7415016ab12b6fcf5167acd2470176db5312c06913a13ffe8b34ac8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21533
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
app05.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0780 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-62.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3228756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
mGRLgoP-Mmd1fybYTvidIA9I8iz9y5UaUAMwA_ppxAgfUNaLL4uEcg==
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37Rs3j,pingTime:-3,time:221,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:70%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:221,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B210~0%5D,as:%5B210~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YV0k+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:71%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37Rs3l,pingTime:-6,time:223,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:223,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B211~0%5D,as:%5B211~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YV0k+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:71%7D&tpiLookup=ao:www.gridoto.com*&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 74BA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=cbf2f895-ce6e-8277-8ee8-e0eed86f33ea&tv=%7Bc:37Rs3P,pingTime:-3,time:137,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:137,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YV0k+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 74BA 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=cbf2f895-ce6e-8277-8ee8-e0eed86f33ea&tv=%7Bc:37Rs3R,pingTime:-6,time:139,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YV0k+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&tpiLookup=ao:www.gridoto.com*&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
4.js
static.adsafeprotected.com/ Frame 0591
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1937257/78037242/4.js?adContainerId=brand_safety_uEW9ZZDXO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZZDXO5uC9fwP8L6T8Aw&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZZDXO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZZDXO5uC9fwP8L6T8Aw&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZZDXO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZZDXO5uC9fwP8L6T8Aw&true_pb=
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
52.84.45.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-62.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:06:41 GMT
x-amz-version-id
zbjmrmX9La72mdzfuK7odzxCP3od.Y1E
content-encoding
gzip
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
182174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 31 Jan 2024 17:06:39 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
WpdNwLRz6DQrqjqBXO1cM_jhMbFiV5PVbECP-k-CipUFbGsvznVa4g==

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
app01.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_uEW9ZZDXO5uC9fwP8L6T8Aw&cbFunctionName=goog_wrapCb_uEW9ZZDXO5uC9fwP8L6T8Aw&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8657 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-62.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 579cfbd9c011d359d737aee6a310afc2.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3228756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TVPK3-wQsy2nwbEM0D-yCWOip-v7ByAh3RbvAYZrTha6askUyYzhfQ==
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37Rs5f,pingTime:-2,time:341,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:279,mdZ:2024,beA:2033,beZ:2035,mfA:2039,cmA:2041,inA:2042,inZ:2048,prA:2048,prZ:2096,si:2104,poA:2105,poZ:2128,cmZ:2128,mfZ:2128,loA:2256,loZ:2258,ltA:2374,ltZ:2374%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:70%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:341,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B329~0%5D,as:%5B329~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:71,sinceFw:269,readyFired:true%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 74BA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=cbf2f895-ce6e-8277-8ee8-e0eed86f33ea&tv=%7Bc:37Rs5o,pingTime:-2,time:234,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2227,beZ:2229,mfA:2234,cmA:2236,inA:2236,inZ:2241,prA:2241,prZ:2252,si:2259,poA:2261,poZ:2288,cmZ:2288,mfZ:2288,loA:2366,loZ:2370,ltA:2460,ltZ:2460%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:234,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B223~0%5D,as:%5B223~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:33,sinceFw:199,readyFired:false%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37Rs5w,pingTime:-3,time:96,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B86~0%5D,as:%5B86~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YV4y+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,rmeas:1,rend:0,renddet:na,siq:36%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37Rs5y,pingTime:-6,time:98,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:98,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B87~0%5D,as:%5B87~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YV4y+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,rmeas:1,rend:0,renddet:na,siq:36%7D&tpiLookup=ao:www.gridoto.com*&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 0591 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyle8geqVF6D6Eao_mV0Je1B0niAG1amDDsOdJ93T25-ydjka97y8VGrm2cfDvOxBdSU7LbcZ7WQ8EtTJjJIG7zrnez6xFYFxeiMLZAqE4Ob0GUY3D-d41FHiYOHROTAu4Cnqx6xXQk_mNI1Ji9oQPi6L_&sai=AMfl-YR7hyH8yaKqJsIqlbfstXaiTWNLBac5CkfhUjbCmdRbAi9qSvsZwls4TWpd7qT4xNhMbZq3pUVwB8uFObrPgYWoCA2jsT_ZRUt8_ku9CKt3ZuJh8nBe5qCiGw8&sig=Cg0ArKJSzBODJYzxLPYjEAE&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&id=lidar2&mcvt=1034&p=666,1350,1266,1510&mtos=0,1034,1034,1034,1034&tos=0,1034,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=3008935663&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=283577100&rst=1706902969834&rpt=1337&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame C0CC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:34:39 GMT
i.match
s.tribalfusion.com/z/ Frame 1D6D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKScS8XKRlt2xBoL60p4k7k&google_cver=1&google_push=AXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKScS8XKRlt2xBoL60p4k7k&google_cver=1&google_push=AXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4o...
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKScS8XKRlt2xBoL60p4k7k&google_cver=1&google_push=AXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84f4eb861b8140e4-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
74
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKScS8XKRlt2xBoL60p4k7k&google_cver=1&google_push=AXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQFyLVheg8EWAcl7cDOtn7Bo3i9GBDa-YXACYMB42H5la2sr0kAQ0MMMfDjs9jF_lrKQQd8-Zl8lP1B7YW88sIVnKnkO4orw1Nj2fydfWLt_kHZvCXDoimmg4iMRVtZV6LNU4IblEOx_t92jidrDGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84f4eb815f6840e4-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D6D
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmRhPADH1r7IOsicuKhfWITRyitadh2G-iQaXhZClRQyi5M2d1vtj4Klj4FfN8DAQ18GokGVEnYrpUZqCVAnAOuEA09P8MgjGh6PBOEoVdZiNVYNX5Z-wpaGoU-GZssMU-qHb_hBAsATZa...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRhPADH1r7IOsicuKhfWITRyitadh2G-iQaXhZClRQyi5M2d1vtj4Klj4FfN8DAQ18GokGVEnYrpUZqCVAnAOuEA09P8MgjGh6PBOEoVdZiNVYNX5Z-wpaGoU-GZssMU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRhPADH1r7IOsicuKhfWITRyitadh2G-iQaXhZClRQyi5M2d1vtj4Klj4FfN8DAQ18GokGVEnYrpUZqCVAnAOuEA09P8MgjGh6PBOEoVdZiNVYNX5Z-wpaGoU-GZssMU-qHb_hBAsATZa0dqBq2anI&google_hm=AVvBkFz6RoCbks8AEDxkMWc4d8A
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
via
1.1 d0945be30f5a4a7ae05683911a5fea2c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
MRS52-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRhPADH1r7IOsicuKhfWITRyitadh2G-iQaXhZClRQyi5M2d1vtj4Klj4FfN8DAQ18GokGVEnYrpUZqCVAnAOuEA09P8MgjGh6PBOEoVdZiNVYNX5Z-wpaGoU-GZssMU-qHb_hBAsATZa0dqBq2anI&google_hm=AVvBkFz6RoCbks8AEDxkMWc4d8A
cache-control
no-cache
content-length
0
x-amz-cf-id
Cm9F3VQA24kLJgva3Wz7uFiAjzVedLlE53l8NOSKXlcQCVstvW7mdA==
expires
-1
sync
gdn.socdm.com/rtb/ Frame 1D6D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1&google_push=AXcoOmR3TMn6lvVQPNUoOqgliqxwM-1hMq0aLWNir1-5E_UpBf6t_X35tQwPxhP_PHhwL...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WmIxRnVzQ281czhBQUlkWWotTUFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Server
124.146.153.152 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 02 Feb 2024 19:42:54 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"116.86.155.25","key":"Zb1FusCo5s8AAIdYj-MAAAAA","privacy_sensitive":false,"uid":"Zb1FusCo5s8AAIdYj-MAAAAA","upstream_id":"m-ad418"}
X-SO-Key
Zb1FusCo5s8AAIdYj-MAAAAA
X-SO-Upstream-ID
m-ad418
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad418.dc4p.scaleout.jp
X-SO-UID
Zb1FusCo5s8AAIdYj-MAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
116.86.155.25
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
m-ng39.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESELTkmqQhGTMEndRuESRA8LI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D6D
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEMtJLXVLqlUnQGOtr8r7nDI&google_cver=1&google_push=AXcoOmTCyAw5ZQr2ZLXYirt2zW1P_FPfzeWFiagR4Nb0ojSyZuYAbyHN9EzbqKvjlqU6QcCR_TKO6TaPl4LjeIKL_pz0dw0627qmCt_FW...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTVkMUZRNnpBc2ktUU1pWHZVVzlaUQ%3D%3D&google_push=AXcoOmTCyAw5ZQr2ZLXYirt2zW1P_FPfzeWFiagR4Nb0ojSyZuYAbyHN9EzbqKvjlqU6QcCR_TKO6TaPl4Lje...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTVkMUZRNnpBc2ktUU1pWHZVVzlaUQ%3D%3D&google_push=AXcoOmTCyAw5ZQr2ZLXYirt2zW1P_FPfzeWFiagR4Nb0ojSyZuYAbyHN9EzbqKvjlqU6QcCR_TKO6TaPl4LjeIKL_pz0dw0627qmCt_FW7sOU-f_ALV9LU1gE1CsHNMihSW7VMLWuSU3h9ngFwsIKxtGJg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 02 Feb 2024 19:42:53 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTVkMUZRNnpBc2ktUU1pWHZVVzlaUQ%3D%3D&google_push=AXcoOmTCyAw5ZQr2ZLXYirt2zW1P_FPfzeWFiagR4Nb0ojSyZuYAbyHN9EzbqKvjlqU6QcCR_TKO6TaPl4LjeIKL_pz0dw0627qmCt_FW7sOU-f_ALV9LU1gE1CsHNMihSW7VMLWuSU3h9ngFwsIKxtGJg
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
297
pixel
cm.g.doubleclick.net/ Frame 1D6D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKqYn_Ch4V6prk_MRREqZ6o&google_cver=1&google_push=AXcoOmTHrQSKEX7KmjbhBT07VlhrCZFzh702uI5G_QBekW55X-CMXz6WpF6XMzFAM7jcUrfRnfAOeoN-...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2NjU4NTQzMzM2Njk3OTI1NQ&google_push=AXcoOmTHrQSKEX7KmjbhBT07VlhrCZFzh702uI5G_QBekW55X-CMXz6WpF6XMzFAM7jcUrfRnfAOeo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2NjU4NTQzMzM2Njk3OTI1NQ&google_push=AXcoOmTHrQSKEX7KmjbhBT07VlhrCZFzh702uI5G_QBekW55X-CMXz6WpF6XMzFAM7jcUrfRnfAOeoN-Fj2ioRKZwwmbOJ0BMvv00tsQq8xrE-tpf1_Y0KeU8qup3DUJIEq2UPzUBB3VggwYCgGGcXy_Iaw
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2NjU4NTQzMzM2Njk3OTI1NQ&google_push=AXcoOmTHrQSKEX7KmjbhBT07VlhrCZFzh702uI5G_QBekW55X-CMXz6WpF6XMzFAM7jcUrfRnfAOeoN-Fj2ioRKZwwmbOJ0BMvv00tsQq8xrE-tpf1_Y0KeU8qup3DUJIEq2UPzUBB3VggwYCgGGcXy_Iaw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1D6D
Redirect Chain
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmSmVqoiGRfh6kNzueI8S2nr-RAcd9ErKIexgO4JrsoG-mZwnbUlnz3umHhpCO_X5GE3-8E1QLT-7496jhTr676C8tqJTlQIlkJww8RbqwTkBn-v3wVNLhzfu03sT9jXX_zU6YJD4mtBo6VNGXKDzNs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=QPlv5aBTEiCqsDx-CHvHFg&google_push=AXcoOmSmVqoiGRfh6kNzueI8S2nr-RAcd9ErKIexgO4JrsoG-mZwnbUlnz3umHhpCO_X5GE3-8E1QLT-7496jhTr676C8tqJTlQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=QPlv5aBTEiCqsDx-CHvHFg&google_push=AXcoOmSmVqoiGRfh6kNzueI8S2nr-RAcd9ErKIexgO4JrsoG-mZwnbUlnz3umHhpCO_X5GE3-8E1QLT-7496jhTr676C8tqJTlQIlkJww8RbqwTkBn-v3wVNLhzfu03sT9jXX_zU6YJD4mtBo6VNGXKDzNs
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=QPlv5aBTEiCqsDx-CHvHFg&google_push=AXcoOmSmVqoiGRfh6kNzueI8S2nr-RAcd9ErKIexgO4JrsoG-mZwnbUlnz3umHhpCO_X5GE3-8E1QLT-7496jhTr676C8tqJTlQIlkJww8RbqwTkBn-v3wVNLhzfu03sT9jXX_zU6YJD4mtBo6VNGXKDzNs
date
Fri, 02 Feb 2024 19:42:53 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
spacer.gif
an.yandex.ru/resource/ Frame 1D6D
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEG3V16NQbdI7resira-xhbM?ext-param=AXcoOmS9A5ZIfAK6_YmiGRtsfXUM14CgxBr3E8h3pXtezyMU6Jmgm5q2a4tYU_eTKm4INSPfoSG5LRr2To6cjguSL3QL72wDpKstkeCDyuCyQnEGQl_TLNsd0sc9...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEG3V16NQbdI7resira-xhbM&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 17 Jan 2025 19:42:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1D6D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvoLl8eU4OMwpErGQWznawzCdB94eC4WFzNPpc-uk4OkpTntFZRMGe3joCvX1oI3GQ7uk-Kg
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7F52 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:34:39 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4C86 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:34:39 GMT
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37Rs61,pingTime:-2,time:127,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:280,mdZ:2006,beA:2276,beZ:2277,mfA:2282,cmA:2284,inA:2284,inZ:2293,prA:2293,prZ:2305,si:2312,poA:2313,poZ:2340,cmZ:2340,mfZ:2340,loA:2374,loZ:2378,ltA:2402,ltZ:2402%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:127,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:36,sinceFw:89,readyFired:true%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2355 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:34:39 GMT
view
ad.doubleclick.net/pcs/ Frame 0591 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstjeBWWerHFjaXj-bjDmQC8rxXgR756gFxsySQi4ddUaS-tHk1VYN6EMQsQJO7sTrYLZgBFR5CJjl66-VovCo7uaNlqA9MopfRWPWytuI0KA6QtWNE_gzvYDURSpn0Sxc7ayVu97ADoo4itZvQNQOlfFeFRgQhsWMUwpPQmqGgnO8Fu6nWmrC_7Qg5TFiHFDo6LTo5ieWgkMuDxTZzihHNz88Z-_HQYswiNyb26veuXE1MfCzLemW-hAQD27SYDA62nSyA7aHiouxSA3RQp355SA_iO5ENO3mRSDBvhiH8PNnItSm57MHKLi_UBnujybC8uVsNtULbKIFNPXXqCGomS5wJ2kKbNCs7DOXYCPmkZ8TGkoMD5ra-i6CTFmuNkBUQaN6Wv7tdNxQyV3B8XBolDMcClHsKO-2qsQ_vxQqTi5yZeBZeaRr0j1J6pNWBAbcQaRCe_DqEZRRAI52IHg2p7P8XiF-zQiD1T7ec8rz0wjCuJ8KRnybxUG-jaBOdNpJdhi4q4uFHKx5TLFh7yYAoipX8uHOyy49MN-zQcPV7ovBtT0aib7zOrNQL6uzLHVseuxDDaNngWVkgtKVjUSos7dyRJYpjrMPExcoVF1DcLBkDcauw38tOM_m6mP5fARHRNPz8G99DL0WF8nhUnFrvcgNrvtMU_r2eNlOgLcgtrKq3XpYrukxdJFL6ypUGQ60ayVuSHdiQ-8tTNo3D0mp3UC_cVHT_VuvOkTJUofJbxw8LbRmoANTVtjInsGYnUW1U-11soKlG085WLRtcm4T1ew4HVXCOJPmR0HyuS7v0G11bwAqZ50ErCBYooO5P0x79qb1FJI2IPGRGlJ-RRvt7ipiC_xVQOFl5Peo6jttI7OD9FkcR-hQfjtjBYMgcXMK09KARgqRqZIiJZfUtYhsnBSqlxrDsDN49Zg9aB3e_jl9pSnbgK6lwYUsOnnarX6KI56spbtn3P6MgaBSN2caXi-iUq4Fc2gCDzIaxYEFu2B7RoYQTRwlkfTEcSta-Rzfzg-daAj1n3Ys4hwN20jHpOJJ6eTst2bAqjsbLB2xiE7aBzQeT3VnbOZvOinyHwz-f8_2zJbU6SbNOkOdYOJHJAViwan99FWxTBDt2VHS7kbnT8gr6p1N0T4hfK7P2XRivLZkjVMad5o7lQNZX5wj9GCVZsilXvVGQbFrCHisBkkqCkzHXPOImZ1bEO2u_e-VCm_8-ZpIELEqB31aVe9dnrIA8loqDw7TYVfsd-3B7EhI5AufD_WRt3dPQ9cGP0T_gz5dMOhOWQQhbAUPJ_VRkB9l_BnLdtJC6WoJxMW8nTqXh-US6bdyAXij7Ik4snf07QoUPjwEnXedftaKffWaxofdHXHfZ3lcsvWEH3Jz1m_5W7XDgGZqy_yQ3CWky_t15fTi827pHNziWYUhswtAazbXvu5XBb7All3y2-cMAbDr3Rm-xV9xwlC36v16pyLKH03YDEDK3J_Bo&sai=AMfl-YRkEUb5D1f2fyEl06RT2pf_e9WV4quxAp2s4jGh_rqcNz6cK4d9_PC4Lay8Xqu9SrXVTtPYWe_donVjUFlzkje_EJdu4U2zHSGPXpAxijgMzTMfqqjU-Z3STw-5cg_JTnjc1TgtUEh6X-rAAuP0xRuLjuv8pmqx-5PPA1i7iMXY-ReOJZYQ9lTL8qz0x3iBH2Fp-i7IrAnvEpBgOK9AJ3hr5i3Vl8NtHYoVojr3WdBWm2s7OV3SLqaeIImxqYMzJIS7cb_zjyRtRetnwL05gPx0vSnFlr4WSDM3I7jy8_VjlDjLuOsgko3213YpWGC17VXPb9FTG-h3CN6nJMkMVgjOId-cMHetZ1fqTLYvnZUrqvPufDiHtqA54h781o59mQh_WHzoLMnTM8yoPYkrceRS3BOtRN20tFrDnA&sig=Cg0ArKJSzP7Bvf3ez-X_EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXRpYmFuay5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2120&vt=11&dtpt=1212&dett=3&cstd=905&cisv=r20240131.15771&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:42:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E8A8 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso20ppLKKbNWXzLOkWQQTw3W1K1R4SDAG9-tgstRDcqxvPHGA6HSMdWjwx9X7iR3dlysIPPdZb8jjn-nW17qamTMhtgGETfpCyqjSkbOyYApPFke00lWEj7WNNWiP7V2t37z_IIdF_7n4&sai=AMfl-YQ_itgVO2GqgOONqdFlR69wwgU-fR_o2IiCeygVFZ--6Y335NTpzgct2b4QX7ghyvBGMafnh6V1GCAGg3PYeieWqY7aokpJZvyS5Fdy-iFXPXojU-B1jRhL_0I&sig=Cg0ArKJSzJsh7_HCaVblEAE&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&id=lidar2&mcvt=1019&p=1110,315,1200,1285&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1161391715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=283577100&rst=1706902969846&rpt=1366&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A99 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxPyLd0Y1yTZtiATf5MoLqMx1z2ttDlqflwvmRroMtJ5gPsRXgJGK3Fhj8_tGipwv9YY5mS17urUirVcaG-G-Ah7jpBnmUU0z5l1QqxpDtZCZpm6rFUc_siGAn1BJ_h5rnFWg2aHrNKgnbjSVxRSgEOKUa&sai=AMfl-YRhLZeKS5Kc3b_e9-LG_fxUPLuvMSIOmIxQJ5jFNO8sdm9ZxorDOtOUnQohOac8ijBGJwZ-E6tw3p-SNCho7b58dmVu4vPKlB1g9-qgQVgs9ngSvaVR8QFuT8U&sig=Cg0ArKJSzOyfGdJ1UHW7EAE&cid=CAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAE&id=lidar2&mcvt=1021&p=666,209,706,250&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1329966283&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=283577100&rst=1706902969815&rpt=1318&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 8779 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:34:39 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame A51B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:34:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Feb 2025 17:34:39 GMT
view
ad.doubleclick.net/pcs/ Frame 3A99 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvVohB_5XhVpzQEGTR_vLwpa0Wfnu7OzXUd4Q3liHQfu-4HwoqciQhO_64O0iedtoHxbGvikpVCld-kEAV2vcuBDEdG10kDlAQS8NvxlgPASMYKZ_LtvVoKtmlfUQ-z4weD05MP17ci8iftzEKUH4qGLT6NT5AERgGgOxwFgIK9e5fyP8_EiKdV6F7d3sancBqo9id6SfV2JBkiQw_EsSk1HA7kdLmkYduJ4LJ7v_0VWiZnu9vM8ItscSL9MqHYY1p_p_FWS5umVuQdNyDdznZrSmL7KGEcbj6zPjKoCi21lHq4GB2JAPTdLXetYZsPx5lld0WSnBZr4NOfUxLhtLC2skWCYs0El42zObR1zdWBFGcQ8Aiu5mc9XHfAl2vo8w34z4lpqQBabs54Jj24P6RFlcgYA4WnsOzuCGLqcaItGwXVAfcnoua4qIg4FSl36V6Dbqo2Y01hU5ly3CdDVTpAHBzEyvZfp0BVGrS_rdTqrQ7p3AChhZpPn24_uHdnzuIZ2TQxDHOZdN2j7go1ZRTSnu26i0e-NVzVvXkMMc3ZwGPO2EzbxZxxpjipoleaB_Bm1vHRtBI0qq0Y1lMOPhDepLDQG-8Oqyqa5-LAAIckHB1TRsZQFVuxG0rkfGbVdSODM4e5JVCTS4HRxI2eq5orEWj_8C8LmxBgv_NhDKtj5HIq4r0RM8CuoDlH9rQZDRzubEmFTpF5-0U_yXrEgAhkePtJ8bjADKVqnlcinNa3uMkwPdjVSLC0eMO1AQ0DCsMYJq2saEpcp2CTyX7tLw00jjTOOCVYavgp_5l7sBxhgGxtQyOOc1L9xVRE98QgsVMy-tYY4FLVC1ErS8uV3O2AguND2AdpxvhdGd0KiMBL5l4S93lZ4WmpMzRFkpr9Q7Cdeu5JhJDV9WLTuahSklUS0jKlCzUtE9y2sR_boAdE0Ma_JpTKlu8QKwoOaNRepOQjvrSOb0OFWu9pxXepzR2Mj97uhXfftYjN3PYNrx-A2yShsa70XuDhn0VV_wceOE8tby553jKQtewKqVUE5R9dZEJRGkdzk2N1Ik-u75LfKHwzGpbAZbH8YsYz4JYJF-ArcN9SUtzkyZJfN5zY0aMuWYwh_EyrpPCKBo73VHOeWttwiiC0OV3EPlKEuth5wrqrK-jUbO7NAiu27L9g4oals_pX9FV7inqfXuzSQTvllFqxE2YvDnMtMgYU_MD9-0zfj6t4jMW5XS3sXKx5ovJOqEJenOoW-YOrYZ1y_XWheB1TUCr3bwygd-qUixraa-3RxC90Jkfvmo2RV2KUPNEbJW-O3cVUt_jEA7FK_dlmGVHUDaeJNwaaj8Hk5Hh4Rju9FuDTvSETR_Y21hnMPFThId_idgy2mGCSaZim3E5rOqiZLdNlZ4B27ae6UHFsKGZPiQI_KCQB6c0GAWuzSow0n0yQIW3V_pNhTcXdK9ZthRIApKgtJP3axm9JNDFcb-nu_avhbMEUZnc&sai=AMfl-YTSYg_ToDOjXJBnSWIsmT9pQyTyplGuySm8zyjQYDHMIjUkvBXYmkZrucprnR2J3ePLqMQFSGhojzm-ILsqSxwzR-093Ek3eVqMuBaN7w7wtKhXX6l4ctiHCu-PqGjuopyVOwS_v-gkSuNJra-CzwOp7DBe0RfnFCXlvIYsP0EA9xqVQndhWUspyDy4CmlTX-19uu0bnFixAktz58YaZlcbghT3pLk391xFnjnfhiMqyTksfQwENJxJILnhrjMcPv8IA-tENxvGTcPaSH2sCYsW5x9n6UI-u-T44GNKDl676PrhjTDx3n1-vksTGILuroMNVVcgs7EsgFVlfn-5KKkywC9mkCJKM0A60ZDmIAGJAdhw0fRoz-x8I9sozaj6FnS-drlPPKrONdmGTGkMwgeolMNwONVY2dlpjw&sig=Cg0ArKJSzHGpicRJNECwEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jaXRpYmFuay5jb20uc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2150&vt=11&dtpt=1065&dett=3&cstd=1083&cisv=r20240131.45704&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:42:52 GMT
0-logo.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/0-logo.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
cb8fad6a2b1ca6ae6e5f80aab607ffc7c4c001a672badb3c757b3cb9a60ebd38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4632
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Feb 2025 19:42:52 GMT
0-flowers.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/0-flowers.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
b2bde2cfb587ff65fd8894cd2784e2cfc3a4e69d3b703bc14814ef19818ef033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:30:43 GMT
date
Fri, 02 Feb 2024 19:30:43 GMT
x-content-type-options
nosniff
age
729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-cta.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/3-cta.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
badb9fc3b8f529c75d741beb9705b5b57490f095103848d70a7120efbc54a4ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:30:43 GMT
date
Fri, 02 Feb 2024 19:30:43 GMT
x-content-type-options
nosniff
age
729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3397
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-tnc.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/3-tnc.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
4f055da525cda4ec2f1eda5a5fc553c1794b8a5a76d745f6ef21c9de97be459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:30:43 GMT
date
Fri, 02 Feb 2024 19:30:43 GMT
x-content-type-options
nosniff
age
729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2627
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-copy.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/3-copy.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
344dc3edbdcce82933ceeb9633b59e6564c4cc1a36fc74c5b4d52656b04302ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7924
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Feb 2025 19:42:52 GMT
2-copy.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/2-copy.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
5359958935941ec9462591cec2b8d1da312896c51d42cb8df61546b71aba33db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6968
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Feb 2025 19:42:52 GMT
1-copy.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/1-copy.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
22727b0e420336026bdbd8db9a200762e7e157f9cc5538747c4c1be1fc80d398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6442
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Feb 2025 19:42:52 GMT
1-kv.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 2659 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/1-kv.png
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
23064e3e3d8b8e15a80160f76f48ff440dcb8dce30584816801761de43221a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105487
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 01 Feb 2025 19:42:52 GMT
0-logo.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/0-logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
cb8fad6a2b1ca6ae6e5f80aab607ffc7c4c001a672badb3c757b3cb9a60ebd38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:42:52 GMT
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4632
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0-flowers.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/0-flowers.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
b2bde2cfb587ff65fd8894cd2784e2cfc3a4e69d3b703bc14814ef19818ef033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:30:43 GMT
date
Fri, 02 Feb 2024 19:30:43 GMT
x-content-type-options
nosniff
age
729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-cta.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/3-cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
badb9fc3b8f529c75d741beb9705b5b57490f095103848d70a7120efbc54a4ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:30:43 GMT
date
Fri, 02 Feb 2024 19:30:43 GMT
x-content-type-options
nosniff
age
729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3397
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-tnc.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/3-tnc.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
4f055da525cda4ec2f1eda5a5fc553c1794b8a5a76d745f6ef21c9de97be459d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:30:43 GMT
date
Fri, 02 Feb 2024 19:30:43 GMT
x-content-type-options
nosniff
age
729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2627
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-copy.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/3-copy.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
344dc3edbdcce82933ceeb9633b59e6564c4cc1a36fc74c5b4d52656b04302ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:42:52 GMT
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7924
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-copy.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/2-copy.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
5359958935941ec9462591cec2b8d1da312896c51d42cb8df61546b71aba33db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:42:52 GMT
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6968
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-copy.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/1-copy.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
22727b0e420336026bdbd8db9a200762e7e157f9cc5538747c4c1be1fc80d398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:42:52 GMT
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6442
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-kv.png
s0.2mdn.net/sadbundle/17149662913064656487/160x600/ Frame 69F3 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/1-kv.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f148.1e100.net
Software
sffe /
Resource Hash
23064e3e3d8b8e15a80160f76f48ff440dcb8dce30584816801761de43221a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17149662913064656487/160x600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 01 Feb 2025 19:42:52 GMT
date
Fri, 02 Feb 2024 19:42:52 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105487
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 10:28:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37Rs6P,time:439,type:e,im:%7Bpci:%7Btdr:341%7D%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B428~0%5D,as:%5B428~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:71%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 74BA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=cbf2f895-ce6e-8277-8ee8-e0eed86f33ea&tv=%7Bc:37Rs6R,time:325,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:325,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B314~0%5D,as:%5B314~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:52 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37Rs6S,time:180,type:e,im:%7Bpci:%7Btdr:104%7D%7D,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B169~0%5D,as:%5B169~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:36%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
4249
ads.everesttech.net/ads/mts/24651/ Frame B259 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstLxc4pUxoXsJk9OOxeMQyPxCpAsNexzyDHg7C42VmE76NOIRLI4Tojwpxg2pecJgU3ssxS4tGBSPA6sAX5vI6c2rjpujNzGSfm2NvcBGrHFxMVrKX04AYLnk6hT_I8CR_Q_2fbCNFD-RaOxDIO0Mhh51bdOgUUyvnG-3JJJYtzboxBF10Bf-n5exsWauaPm-nqm_yGAm4oNYFtAZS-wF55NUl_u4Qb5WbqeeefiUxvk8V0ZLybd8wj473LeD0aAjbdnRIO96dDMErQPbgZadyAOB-hib2OYkUIBdZ9tIfQdT61Vi9eAnttvbGLlfGXHFhjBaCOXdLQQ1HumaVUWb65Bq946K2hLBrZwtZLNqH2QdZlKox-8kyZeLlcAMXXTXhvTvAI5Bl8aHiXWUEXeZQKF73-5zxQP1pWrO-zp80pVqLL3J0la9Gosk_Q_cYTu4R_U7hx6s8iXs_4fF2o5opbp1DTIjgkSDH_eSflxpKOcekgrH32GXsaj1J1Rdu18kMk3xfajBHggSaoUT1oFRNJ7mlSyGNLScVptHSzoe6rZpMChk58948jMQ5nbTaEExRdufIxXb1J56si21U5x9hASq0RDQRawIdP8xtKgjuD5pQPU6rIL8OfgqKo8FwPplSpvqZmhlFiss09UgoP9PgmUqfY6AnUSqlFJEUGyg8syC4qHOZsSpp0L7sHEqH9g1_mdAcBKjTDGC5DBjRUroh6Wcjr70kV8BnFRnaLPAcEyysF7HbSVDDD4Nzjh0w-5e0i7Wj23ZkPocEAYc7Y9PnqtVUKfJWiPqj0JIR-VmTm6_F-PgKDTi5G1SKq4D5pUzrVTndMsoKjPxOqULWksiPQM9sHl_sm7kyO5Ir9vB-neq3EKQFnnwh2lismMvw2yF4ZswKUezdG1BOZ0j3VSkM3g6jRJKvlC-ViI1zZOGePIOJBQJi218QRSAedBOBwlVPCaAyeq_RV-62ugXVdC6-GCPhK5ng_TJrzQJA4wAX9kqvfC-b6WOSeo8iaEowtKZVw3Qakz3A6zqVUmZsokxct5E_ary_QBfx5IVmYukwnw23BawHCbuqaelIKskSvT-WjzljY8ikjHNeucapffEVRNTyoJCMf-a97ahkDGt6wLsJ3Imc9aL0h9Fb864efqkUJS9GnnBk---VR6_EbbwL2Rip7wt2G7er3NhEZy-5afStRVFDUF_3KpglteiXTRQMUzmNk6bvTI_WE5EHcTgXyIOG9cIDY31IqU7Zcsdo2yz63DbqgHOW-XG1D8NMOT8jv2XDyeKbJVflSjFxPo2TOz1GEMXTBu1p-ff2jyHF2m2Kf17uXtq0YXfXIw-yBz4QQT3-Lhm_V0I9OVZwAUJTvgLZ1QlLDWlmiDjdfFPFrhAnM7JQG8FQ5hyWOwA&sai=AMfl-YR0ne4BQeC31dCOSWkXYCDqGBVl_NiAVmXPUBQMAjAHTG7YZWhyWpxGpk250XBXyi28VclhPblCx7wjjHN_vhtisJLcoVrN-tQdGdOinJArgzm-A2vQLgrNafPR3wlW61ZG9FzgzOUo7h3vvjxY87PDaSZaqmf2MBhE6qeVikc8H_Y2_97bSY596zcBzIqY9k3WpR7I0vwvKkhJFzLObLKgpgO-V4b6KtCEWa7jK9-fr-GMu0nKdKKf4fhM6KHNB8Fy5CU7aaNycVs&sig=Cg0ArKJSzMRMK7SMMEcwEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056140&DFA_PlacementId=369677253&DFA_AdId=560290187&DFA_CreativeId=168629754&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677253&TC_4=168629754&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677253
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jG18BkTLYQb6-EREEpVldK&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bc3b56db-b679-5288-ace1-caf014b50877,c:37RrQo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:3fbb8be5-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.120.126 -, , ASN (),
Reverse DNS
Software
AMO-jAds/1.1 /
Resource Hash
7a16b7d0e707f96104961395747c7e9a2e6ed3a4e4eccdf92a990060bfeb60b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
AMO-jAds/1.1
p3p
NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
6742
expires
Fri Feb 02 19:42:54 UTC 2024
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame B259 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jG18BkTLYQb6-EREEpVldK&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bc3b56db-b679-5288-ace1-caf014b50877,c:37RrQo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:3fbb8be5-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
8089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11928
x-xss-protection
0
server
cafe
etag
10551285868935850944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:28:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame B259 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jG18BkTLYQb6-EREEpVldK&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bc3b56db-b679-5288-ace1-caf014b50877,c:37RrQo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:3fbb8be5-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
12334
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:17:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B259 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssnjZBH2aD4UzmoXZzMNmMQUNwlHOpuiZLX9xowGT1uN7YxAp7xsCmBTBR38kdTiZaVXBqP5-dLWtM8oeGvuqvnqROWQ4AbjwdyGjTVLN4xyl2LlgbL83OypbgtPReOnZST5btq8aoV-rlIW7BBAElEyObWvhDFTkY4eGdMgVF9Js_0otVJOA&sai=AMfl-YT1OWKFtS9kwyiK7za4Gikw8BZ6ksRft3PluihDccn_OusXrl4pOSeVgT3GhIt6hYRdjCgZsEe4PyX92kqcuFAysHdKC2PiJ37Bl81zVDkv7iJIxnRXFLbZkiopOg&sig=Cg0ArKJSzNk0Cl2FUk7tEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240131.90075&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176526/xbbe/creative/adj?p=APEucNWWFdImJVRB6L1QHuZal5CDqLxhhASVan1Gq26KSuxdz6hHjqk&d=CpkBAKAmf-BhuUAwQofXMGCaVn39t9qRA2Uk-dPdhQH3PlY7gsiqVhvLdI_4z9kPSpIk1VCQkTkpNjey_Mhzfp9Gi36PKSgGUBbzgdzf-ddQl1Q08LwkcE4QE2BiEm4nTrd7zpln4cXqFbTmM1z1K4b4t6_7l6ID-1Gp8VRZIAloLKGfOn5toN-NTPhhu5YOq5MBkNoSKYEljL0kEvkVAKAmf-BdsI6g69pPRFd5yGQ3YJJ4BJ69JXuL3LofT56m0OPJRZsStVEvKlj1scUm13YDYMC9-JjoACxEoYwuk6vGQJa4IGMHEqOwROwfadPol4Mu5X7eQ0pi1VJQKVfwRfB6E94RsVrsnVadA8316Crg2H01Tz-hN3_m5lLilXchefaUU5Tk1waechBFryLYV20pc2PORwyMu4IyGx-jf77itngRnKwf2aaSxAysVpF6VWd7qa0HHTAvh6szye9S48d0QLAPMexsjLRk-SMLTAZetP3GTL-nDnB-yS0M_TYE3teFBIHw5pma4EvfzqJvdQMJuptG5SHuPmN9CqezdasC1YrWBM0YL4Nrx7e5caDvegtxD2RlYQ3PmPwE4XuBvjR5KFQP9-VdlNVlz1Yk_yNsylnU81D5XH0ehZnMW7Wnld3FV1ZaD8lmA2L9_Wdd-uaAg-63VYq6fVb82jcLFACPv15QatN3IKbc85K2cp7mWWdDZg-jKhN4uqEWA5j55t0zAHlmGLyARGAbHs__2kW84uiOvimpVaYkiihZpNGzWLjlPaflxeshvTyqmDKDM0fsEcpns_OfM6z_dCGO7wspWEwDPZpgIPC0AfTe62WUkhPv-wf2PRv6TZLUlGNU_8BGyt_s6BMRCFLEEZdJPGlUl_UWaPRmQr0tZSUBCNjEuSsLAGyIDgvSRZfHwHaIFDqn9_ynwqUD6TLP1sXlMxmZS0sSRPmZBHuAmrac4vetKij2RmHyIxYU2gmygvU15QBpJQLyFh8JvjmW4PIJV1lIyyuUYSzC2XKVb52iNL26ZFm9VLTjKrISDqO2etXc6Tw5YMJ0fr-0EVB7c2n-qLfpcFFaSMpI_gYTyQ2C0qBaOrd-SKhzg57Cl8eLJXGoX4EU32FQTEqng3TlzNjv8jUP_A739ISB1nsnwfcG8M8pFCeA0AQzbtO1UTAMIKJtK7egZQDIZSZNCE7-X8C7uzksPN8GwNW4C5orn4gZZIQ_i-szLI0gd2KOkX0eZZlNs5EOFC9O9s4D4kk8OxHEoLorCjXTbAAwuFeIz8wazf34qXP159tiJp0LAAjD4ndFyBWK1Q-8s4-oaf1amiAmsCsGvN2WfU9F5vzNqpsiLu0LxTDcXxR2YPagqRSkYt9mGsSdmeguvpqYzQH89sco5ZA_1EC5Mkhi0_GMrXz01hortBghjfaufhhIxlVQB8J3TK2cg_kbtxOM5ogb92JP-_c72T_bbqE6pVWsIl1pfmXYx4TBb_EK2_xvJ4_kRQ-kh4nCGoARhwVgd9iJ94KYZDwYjosOFBPr7VY78n7KyClBDWRZyfYQxKy8FEGSLvQPIAnoU6CkBjKW-AlL1FcE-BNKvu240IiPfSQgkWTCLLfD7ovPdUgkL9XmOHbmTU7fZXV1MCDRzN6-eXKNEhtOHZIf9NLCs6iefGxEIDAsu1hd2HLYH3ylsdE8if85flNodaLuivY9axE_cKMUMI32sdOHpD7j-FCvBZkcJbMMhVPZgEkEHXoC7ejs2rfCSSaJTV8UMDgO5Uewk60xxKHjvhMpSukZwi9rlv3rWozM9rwAvqRL8WwFf8F0-wnNP-DkuV7LT3n6g8mhCZVv-TO37fChoZWbz_KyzLo9XO-3bpPHL11YOGCaR7UUOEAX2iLI1VOrzNMj9KgfW6CiRejTPs9d5kX-_2Z9OoCqcFkdX-n77bIfOk7QXxjnvSfdwxOkx0-uKZz1luJ83L0icvJiK_P7FTbctsCWHtRaScuMTTyi3KfRz-mdNbQVm5qmjIO3dHIJ7w31FjMw5Zt_s7nFc8vQ9CBIMk9Ray7qn3JRbhZWqRF9QD8g7Ssi5WytqlRjsmfGoJi4gfM-QR7nzd28KBKcZHgOO6ySAZIMga-ZfBmKf5FFTbz7sBU2jmCSpTyl1nEJv2MbaJcSnP09tocbEsK_2JgHZ7NyMSAq_t5OFnYFN3HXQkKWjLh_x2hnNEBLZAjkPVV2eT9sRY24B_8W_rMDaEfD6ZKWd_-X6d9dMvzaxbGqOA28NqMlAmJ2VdmRX_o5pMSh_UhCWBfa4ET5ufdvyGS_5DU_E4J10LB2lLAa84VMXmmcOVjxPPZDKAt-IXiilY0LjzgiSNccBsdFF_l021hFm5GkzlBEJ-R48zCBltx3xbA59Z5b1K6-i6ZTxJL6AA_mWFiZ6oM0lj-Mazpn8aHo11iw2rlxCwoYyxOVc-8r8p0OPkm1FOhCMG37NeBD1zEpeBZo3NNlVjXCyNUFDBY5NnV8PQCOUliGSwZce7D7Cv8F7vYeUmnUlH7FmzIE1HdarP3LMaG9DBYtX2kw9DbtjehAiM4Wiq-78wW7WWUS8jUguj-e6Hfo1rg_Ecy3o9sjri85ZnX_u4-zBA01kxjT-2osBfp5i17gy-x8nxrgkDd_N28JGx6zuFtYAq_butWK01uVfus5pOaTTe4AGIG1ftCm9pswW3ntcUsC5kENFqMqNpduKpcdpBj8ANPo3ypiyvtXrBqExbyhbP8EQPbZCC5RZ9lGos83BPQQJjcJezN5-D7xkO1PqUZeg8diA9WUata2vY0aDJcxK8PqeJvPJheNURrDOUdPdH76pHojP72e0nO-bGb9-f5MBkKrbD_A6uVlbZBsSfiRX1Yo8ae5twypWPORIej5ijU65g8KNrWfczUja2w_z4zLzlWKijbg2IoY-jrWJnFDMWgIvs60yXsdeuvOWU3djtqbcO1e-vfKwtqwOQXQ14dfmG_mYMRvumLTpJVH-RkpcvJpxvm7gmqIGkaF_MfwStrB90QNH9DvSUWbSnJFmj-Ttb7CGS73176_tb0TvrisaCmxGoSDquguyAelOBj769lVdaN0DEbNSZYi6TMG1XutTAprX2g7nw6Gk5Xg543qFqj_BBK1xi1G24BWH72FOYcmhnVt9igp42By8UxblYmilwpQho63_u_ldVwWeSIXyNxDts5YwkDwZ-g1lEQcbNoY8mj522GUYbPJQSpWjiHrPK2oHllGjfpvvodB8ykGiSmL0COVNsnyY_HAErJ5borMfX1uyK1Uc73ottF4QMkQyUuiwdQOFd4RBbc2iVtZpx1HYSRXlB_iJRXPpsg32-zr7vTJMiqv8tlJ2m7B9UadU7PCEMDF0e-39bmHKN4Pm8IXZ2efqbCy5fSxgnRG7qiqQa_KAohLgw_CvHo6SVX8gvpfcPFs6WzF0bCSK9vmKcoMEJIS-uFMzryc0hS5cdJnDQeT8qPU1ywcnG4Q7mtAJYcbnS5e-1xpvjmO5WFsfFKaGO9NJIBBdUqrkuqL1mugA7pQyp7rgd1NDkJOKhCCg_7QSfgQnuguAuaDVEzHo0UkoBiCTNdSGad5SBdnKCktTLffnuse6WYTT9m3Cq_ZWunTFA6wjfkWxWEo7OrVILNbYlhCpRex3yaHVbaOGRB6Crxgo9zcIEMK1MoRmbpjVQ7b-RQmEVcAtE4qO3XFjgmUNlpEm9O1awAq5TvG0Bn9TYgZWD8um1Ijnkf9UYKzFmY6vyBMwq-oeC1HHHD4G9dSZoAv-Mmju8RJzL5GH58Rgn7FiifAVitidkooswtZhQD0OU1HIHPBSKx7SoNZUBKjl2Pm75wEwBux6hCLLIB6q8Rh3wX39kurfMzvyTsn-k9Ev-8bLx4Af1U10dwouILpEcQ8ebb4XVa-XRrUTpN-FlyXerV40R-3to5VzJmNWpVg4NVmWOBbCboyaGWdoeZwK7GoT3uEfRpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jG18BkTLYQb6-EREEpVldK&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bc3b56db-b679-5288-ace1-caf014b50877,c:37RrQo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-l68rv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525559-72176526%7C171%7C181%7C191%7C192%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1d2%7C1e%7C1f1%7C1g%7C1h,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:3fbb8be5-c203-11ee-a072-a2bbd1e6ad99,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:42:53 GMT
jx-load-cookie.html
scripts.jixie.media/ Frame 8F09 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jx-load-cookie.html?accountid=bdc4478847af564dde5cd5bdb27fab31
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.87.173.160 , India, ASN6453 (AS6453, US),
Reverse DNS
Software
openresty /
Resource Hash
3b5968101e04a0ca713a6789543d6c4b61cb81aa7c4134f22ef2682ae6249204

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
86400
age
2579089
content-encoding
gzip
content-type
text/html
date
Fri, 02 Feb 2024 19:42:53 GMT
etag
W/"9e5d62e65d2e8329f814e39ef01c0d2e"
last-modified
Fri, 24 Mar 2023 01:10:22 GMT
nginx-hit
1
server
openresty
via
EA-SGP-EDGE7-CACHE15[3],EA-SGP-EDGE7-CACHE9[0,TCP_HIT,2],EA-SGP-GLOBAL1-CACHE10[4],EA-SGP-GLOBAL1-CACHE7[0,TCP_HIT,2]
x-amz-id-2
lrmIz54ZVbyRkN1y9tx8zwKb2z4xMIhVhynX8I/xDv7CyRTM0kSAoKXrPHoGPxknfCxunWfIrKk=
x-amz-request-id
18JEWCN9CDBCVSTG
x-amz-server-side-encryption
AES256
x-amz-version-id
aN2iXujF9PZWLEhdoji4nn9NNDXaBwmd
x-ccdn-cachettl
2592000
x-ccdn-expires
12911
x-hcs-proxy-type
1
/
asia.adform.net/adfserve/ Frame 0B40 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/adfserve/?CC=1&bn=71174490;rtbwp=3587444100755FA7;rtbdata=Ld4lKAHxgaMUd3CeoRYeVHF3MzrDCzY8IjssHNACtQN4nJKVv7XCACxT1DiHl_BGGNB7MXBH_MT-vRgXc2z59XZ0fXcArzbugmf9ZQbJMaU_JjueFJgvkuHiNWfyAnTOikSyMY6XAlzn5NVclBZJ2jNg6XFcyCp3jKUHE1bqjWUt-pIqtUO62_53y_mXxtO7LBN-EO_Zou3k5klQBUJwelXA335yo2UUlvOcRluCLv7M-mKSGNd8_Th35rlg2QnuLvfGGVRulIApifyFOpkPMt_8XFAedtKw0khXRwdaSoE522vNtB8Sk0vLtfFSyyAe4K29f_IEpS8zYEhU4d9DNdJsi4LGDDecIdDbpLtEJtAlRp-VhDF9tcz6YpIY13z9pPLt2tjXjkZk9JUJFwE_MQ2;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2fsin1%2f0%2f0d60094e-3970-4c2d-b79c-564ecfd253d8%2f;js=1;adfxid=1x;1013;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.gridoto.com%2F
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/631/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4cd9f2fd5600da8f4f2c409185b28b56fb7171c1f9c62eb3f4d906db58f1f930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2543
expires
-1
jx-load-cookie.html
partnerrsc.jixie.io/pbs/ Frame 8F09 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=bdc4478847af564dde5cd5bdb27fab31
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jx-load-cookie.html?accountid=bdc4478847af564dde5cd5bdb27fab31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.87.173.171 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
41776fb96ddc3d27fc409e94a0471e6597cedad553e8e68e6c9bc5f32c5c41b4

Request headers

Referer
https://scripts.jixie.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
86400
age
2579115
content-encoding
gzip
content-type
text/html
date
Fri, 02 Feb 2024 19:42:54 GMT
etag
W/"ff3a19426dd0940c645e85b2911fb866"
last-modified
Wed, 11 Oct 2023 07:07:42 GMT
nginx-hit
1
server
openresty
via
EA-SGP-EDGE7-CACHE5[2],EA-SGP-EDGE7-CACHE11[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE13[6],EA-SGP-GLOBAL1-CACHE25[0,TCP_HIT,3]
x-amz-id-2
9lpyTe61lrz2aYedLHZPofjHEcZEpyt9Bilc/P5SXlU2vAEqMWdzaZ+/y5CDVYsvhagCoSQy3xQ=
x-amz-request-id
NPVBSFE3JX5QNBHN
x-amz-server-side-encryption
AES256
x-amz-version-id
DC.HhfFK1SV0SuEE7_BkBmC8LExJ2iW1
x-ccdn-cachettl
2592000
x-ccdn-expires
12904
x-ccdn-req-id-46b1
b5fd1228fe9cee28b416cf9ae1753144
x-hcs-proxy-type
1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C86 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4BHZuEW9ZZHXO5uC9fwP8L6T8AwAAAAAOAHgBAI&bg=!np2lndLNAAa8BdJLnAU7ADQBe5WfOBUxVN44VWceFmoS9aAJBv0piDnE5VEOMwau-eAuR1JQlQZ7wGYaIqP0-MvsoFwvAgAAANxSAAAAA2gBB5kDDLhys-lIl3F8Jvx91KuSYypfAWS4KbRI3awQ1SpTc2TyF3HH5leZ2SubdO1xC2MWd7IqjWEujEQ_pm4S1PJOxa-4WGZ9DHXY0-aUwtzL_gKLU4UboXhKJzQHTWp1BMM4qyr3MpZTIlIzbsqZxjI9dv6HoEJ6G91JEv_EsYrKs-_-SYp7pWA7M5wqZQMr5ZphT6qD3q_9YqMU7ZaQxR3cxjjE6NojAcd3_DE8EdNGUFVA5nintzgSm5LpNfh9fW5yf2nk4QhfnquNZpKDbFuHggJNI9nb8C-iPnc8kPoE1o5Wtvbi7oDHpEHSULOMWgXzN9sbwjY-bDmYL-l3Z8i5_ihVjGyf3XUXC6qxbuUgQjdpO2NViPKY20SWt5UIPlWeeWxwWm_s9p6ZUBpeaPi5Kj_1ozu1lW0Bv1Tn0pTp9BppaDQGfXDINp4gXWAMbxk2AN8gh08yAC4l7IBz4nJR0xcbWYqFiTufTn-973hPo4QM3xPrLPu7KFjSByaSXa76BJMfwssh70OZWKebHt-MEnY8DWT5MBi8YBBbbCK-AhB6ugWguL78lms2cNaehFg3UJVSlMEdsn2Sxk6t5wFgrWc17iRSGiciQiy6Uorf-pEEeOY8xSrUC4F1p0a5Rko_UJXbqG2ZrenvF13A5CvRwrJ65O5J-KWfizEyPqsipo06LUkL16e03mJf1OnrOck1mpTO3xfta8xUW_dsPn_5psw0XRKfC_KV33wM02eJjn-QQxI7O1S4NaJy5Dl2YhzqAacMnJkgVHu2e_yi2uIfST2VOXg1xxD58y3HrCQ6dnQnusEEDHr_6Jc6UoEd6F6L5MQVqEaoIkxC6C5bcQp6tJogFr_4lK-c1Aj6yAcW8mx9rd77wcbCrlfVbT6wEs_-Uv1MyFsPM9_pj1RU6As3nHy9CBW25yt0dIFc5mKaSSwpI6uFbzkbNmzPHfxlPuTlmNGEGuVvL0EGAIBNb0XqgA_AElru-eJqa_Nqve4nV6uo0aqTr8Ql1-RZLiIAUE-s6JDh5qiDy50xd2UInA
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F52 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-z2PuEW9ZY_XO5uC9fwP8L6T8AwAAAAAOAHgBAI&bg=!JySlJGvNAAa8BdJLnAU7ADQBe5WfOLLHtZpRG5IwIImlT-9jUbZs1x_86L4HSyXWRPN330xRJ-dYLTNJiv5asjQ_Dsf2AgAAAPdSAAAAA2gBB5kDDpAYIO9usg7AkcYJHR1uGEXknygyphKtAQVTrwAzfeS7C8i23tPe4BFARcEF2nHRvnDBgj1HY6JnyJJi8mGhe7yEKSR-LX5bha-6SWtUtwaEEFEVeSAzMRt1KRCVADDmluXeQGirGYcFgarRu-FRKrdcGTgDR-QCYaBhLa1EJuS-Lstam4eX6j-LpjRTAnqyti4rUPChlVnkCokbn2safKoyY2DmUY3t0yJgHr5bFWlUe4b4NfIzAK745GSVDT2AwdO5O0EZqOEQwXquoNAg0t5-F-PeHkVoVXdeCN1Kvw_4M3X2Abp8Dj8tzQEDntImved2IVDlz_9Vf2awCL6WyXl63vG1KOa9W6GmEZo_ja3KafDzOymuKCddvDlYAhtqyf2fwHVc7WUzEk7N74z-U1NHKdSO5VcCIt0PdLuVzVB8PSKL02JcESshSjZhgDwKM6QGfutDMm_FXM_c7hCMQRfsxUdmMQAtKy2zx1sTC25LNOC4F4IjncRbNJEdsIcC9gkAeQTs5PobKsNcA984jgd3MfpAQLmYk1KjmJyXMU3gOWMgBy8MGBLpb7NnNg_SgTBiwn3mfymqwz4BpVZ3uDKFwW7PYGCOJi7LbJEskji-d7VcLxh79usv4Pt41ATA7dTuoI1XFw1AhLIl_zX8xKcUocFKC3UhxLmIlSUCeZGMxeeox0JUmDSsc3uQ-rZ9sGJwRhHgCWzVtra3CSyrz-fGv2-WbQIsrLG2DmpcJoT5zaAv5m8_P4LgYQF_Ujwa-xqkAq1eGA9K47K9ynJC3xmh2g0nyBB_Yrgr9IxQc5O1tg589vT8EwUTs-ym93qIEREcSFsccMprrD4eavlcWr4VAeVHSVR3b3THZtNU90t8JeP1JDbpgL4aTYZDJW1RCviT-5_UzjnA5oBS0CFVk4-Y6juVnqvdL-mpmX872W5uH9YzKIirkJ98EY63kb5twBqC2bEIXGI2qhVG2Y8J9Z1HjLnE7H7yzxjRxj15QkI4UNRTiF1_q7xmR4pSav5-OwTwzmPj9ew3MggZgXv2
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2355 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BksFAuEW9ZZDXO5uC9fwP8L6T8AwAAAAAOAHgBAI&bg=!JySlJGvNAAa8BdJLnAU7ADQBe5WfONHnyKcHcKyFPcyAnHIaXfSByTtKaS-611yousnEiGwcv7YhrkmiphoCwAY7w-eoAgAAAPVSAAAABGgBBwoAFanjDOtlzaJ2SSJN9i2ZljjZqdg-4pkDB8g_d8rVXJX5yuKKrq-kcmo9j8_p7EHEhAXxVBgJde24pjZnJVv6vxJE8--0Xk3RpxZ8WuFmALu7xTxhSIY7Jke7qsxTeif3uV9ab7tPuhZ0BbPzJB3ZudsR8__sVThVWba8n7lHX2ER_yTmJHbzFxDFx3mRzcByxIVUkIGdsilkH0HsZFoTZKnIxMVt3fFMhSkp8T6nMuCG5R0CvLs3MuJdBPRn6j2gjF9NAlI9_Dynkdt-SZBzKhI9x2zOWPQc_8LYleALavkGnVYJqwSWp1fnCG6ne-TMKw6N4Hb0Kt-kR_Zr6ng2XN9trBTK7szqzDO2Yo2qJBl_TY-hHbdeNIUt0v-8VX9KdP-K3eRoTIGqP6s102GGs87puenQkrDrXW_x0yw9mLM1hJ0BcyBuK8DCFhkW1kixXuWntBPp58yGVEr1qpB33_gopZe0Hn-jg-9hCcpsuyo2WDM27I7Sot1XQWYJJo7RCUXuVyWXKoYxJZ85Ph8LkAAkqFoJ-Jy3wX6UTb6v8IHL1tiAP1fDBvLBmoHqHape0C13SjkQEyuigXOUM7RJe8PoSoUqsj4CTVY380dEwWAHB8vtlyPwOhfkG9dN_CrNt2CiDDSHHTcLI0-21xEAMzP_NctrVVFUX39YaOm4Th8Qx1odkjWCsi2CcAXwLfwtYUn4FdwqDQkQoccvyC5cHZX89V6cbcweWDhFRAT6XGgWtnkskPAdKX42l_e4AZlHt9cFiB1zG-M3EW_eNjFZTJjspXSUJG3CKSAOiTh7RZ-NpeYQQYuSIt5aQII--R6xD8DOCbr7ojNRO06JkK4ktHNQ43Oqp8A13PCPIqk-aLZxZSnqK9lWCIhYRPnqvKCYmhvR00Hy_YmQorpy1CpkhQ-36vqGb2UskqaCzkKr9CENrfALllkQ3ECNHeaKUSMJiPaMU9rZ48xK7Yt7DXW6oB8BK6IvZztxd0b-Gx9PZ8p-l86j8WN0e1DkLqkbhamjj4K6PWvPWyH8oUvSIx8CSrgrnnkQUNBMBnJssVDyVMs
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4249
ads.everesttech.net/ads/mts/24650/ Frame 74BA 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstMXfADPm0F8J3B9ksW7EQP8YO8q_4qA8DkY8oH6cfmmaKco5KvTL_96beDNuXprrsd3IKpOyi6iVEeXw3V7ABB1C5Jn5pfapLZhj4rsgLYKXulj9AGEW11izhMFjI_EM2rGC574F53EOk9CDCik4uEh-6s1X1KYgAiIBWgN6-a1OqJAtfoV_NbkSLwC7cEW3VNc3kYTRvkwa2DJenHJX39U9S73KpBAoseNaOuW_GnJwCSOuzPBFIl4yGly4i-XoJWbRkMTNxA15vvXMC54GIK1pA8rJaKvoDZPnRrA1VoYYYGDIS-NVKp2qNUtmg4NWVtXFSoVJh1PudUpnqU9EmWb2rPORA-65hU_Kad0rfM5qB2hDEmNHN9Rkp6C4Heo1jzXp_8vEORjq7x5ff-BRFaUauLn4CsWcVFSW_5RKlmZuYJnkLMDQGc2Ar-8HG4Pg8Uikgo1OkUmjMLZdgZNG1okjaWZQ2FpT1WRBGBjobyssfGF3T98NpOHa6NIddrfkzb1DPBI95tArfNEf-PZ7vpmStHMdyMLtppzKxBbgcZ20NODCkzJMAUlY8b464ptayfhMr2Del5NUw4AblZe0zKH9xxmy5zytD92GDB5laVz-J1hribflHY7W5yJUxKUm-6bK_SCjZvKCWs7Rd7nXK--9ZHdTyIWcpYL5w0XRRzDx6EsZuo8rvAZW_e4ssMVCdQtPcAZrXvdI5Gi-WxbcB3fi-lEwZGo_AIEHBpIsxHaqc-JDVYd1Q4zOL1pVmcPDPmpH-7I7vOyrC_TV2cmG_mo2IeCL0A8FP-nRFVXLwXqJO5oV7MnVPz1vIjTagVM3CM-tuiy3-yW3mQkMMdQLp1o3ogguD7K68FO3KdzrzVLqbKbzLvODgeqzdSvi2O0x8qwRD3ZGC3XojnkFW2lXnAGF8eHywqHwqwo0YBDdw1htwU0HEzApNTBGpupqyiqD4MioZsp0xwp6Hu69lrX4PHiLw6L3xpSkBmWz9Ua-2slL9kWEEn4X24htnTUd-7vPQpdFe-k5RUJsQND37uCOUvkB8S9e_87xKCQ5iE13sySXGr1ma76PCG0vUXjH6Xt2CuUDWyFl4z_EocOZNtsLGnOKBTYX4OXWCL-O2ZxS3AhziB1voPMlC20MC8-N2AWY7bJBloje3r8VQ4sJULmTB2P4lLPhUalk0Hv6HhZZ-eAI-_6oZtOzixE3i3SdpAUzvTQEDi0Nmq8ofIi_lZx4XN2eXEijDI9b0I1406LhTr-fJU2PFaK8Tt7c5jNdxKGgSgUHDFdzI1MtykdRuQ2NA9xsivj7BArqRCkRGq9MVGPxpREms9i1PFQXEiSm76VpIIZpz22Ldrrq8HXHmG1KTl7h6ZkHw9jH20flYU9FYqY-DoucN-lTDSunFJ1Fn2fvQ&sai=AMfl-YS-58h38qeI4StKd-TDY4tQC0AYVKQbAzvg0fsrhnO0G9i9G1wim0nN3BUT4ZaBvIpwycyB2hUDRVny6r0aQpjoMrWbw0YNZ1KbgGm7dO8aCk4IInRcFDJHQDcjyC1-bU2g_VXISkHBW7_ztDXtUmz8uTG5WviflmG4A-U9YCx14k3PbyCB8lBDtpsdbA6wuVhmgb2Lbm3roCoFwjKP3Ck3Oae9xz7dVf-3cxj9ixo8EShAjTm7bJxuWWiSmF0xnnn3MwDy79TIUAw&sig=Cg0ArKJSzGZUmsh8QhotEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056140&DFA_PlacementId=369677010&DFA_AdId=560437852&DFA_CreativeId=168248057&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677010&TC_4=168248057&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560437852$dcmrenderingid|168136051$dcmsiteid|6958819$dcmplacementid|369677010$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677010
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-ehTRD0KrZe8kybktf-wN&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cbf2f895-ce6e-8277-8ee8-e0eed86f33ea,c:37Rs28,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-nv7hv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u39YV2c+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:32,oid:3fc88441-c203-11ee-bb43-eaac29bfea6b,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.120.126 -, , ASN (),
Reverse DNS
Software
AMO-jAds/1.1 /
Resource Hash
81b32949b21807f00f7769135c4b8b482c0dc4bb9b84f5a7472b5c70ee7d3a9c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:55 GMT
server
AMO-jAds/1.1
p3p
NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
6747
expires
Fri Feb 02 19:42:55 UTC 2024
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame 74BA 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-ehTRD0KrZe8kybktf-wN&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cbf2f895-ce6e-8277-8ee8-e0eed86f33ea,c:37Rs28,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-nv7hv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u39YV2c+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:32,oid:3fc88441-c203-11ee-bb43-eaac29bfea6b,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 17:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
8089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11928
x-xss-protection
0
server
cafe
etag
10551285868935850944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 17:28:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/ Frame 74BA 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-ehTRD0KrZe8kybktf-wN&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cbf2f895-ce6e-8277-8ee8-e0eed86f33ea,c:37Rs28,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-nv7hv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u39YV2c+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:32,oid:3fc88441-c203-11ee-bb43-eaac29bfea6b,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 16:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
12334
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:17:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 74BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss44j5Sc7eY63ko0iLR-PIwUMmikzB3iDeyMH4TxF2dBI5hfctcxBfRn55OMrcygigPziCs29YabCJX3HMCCmZJFLb8uXz0Nc7ZZXU_YwheZV0yvdEoVIAeNQkFL7QmV5Wy71lQM2zqHV9O2DchtDxWOl0ZYA7pxQsnE5iHBTxJD8OXMj5ljA&sai=AMfl-YR9mo0jOV4MeWM0M4nCyoUjVZoGDomvN2jTPzVT9bc9KPsCpug1KcByZpmfabvez1QwPhk3cjrvjTRwlhbJfjYKMctZKoFbjFu-m4ohjEY9grYtEBOmkl1gnNCRog&sig=Cg0ArKJSzDyo-iD5JN7EEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240131.93279&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525559/72176522/xbbe/creative/adj?p=APEucNUbLTznWAv9sT3JVOKrJpJg07YEJ5qc0TR3KHey6EpJ5XnnZ38&d=CrkBAKAmf-D9gyANHiZHJRNttcyI0kYvnny7PViwK5wkuw9nWMnufN0kEBKalMmjdXU8FMVy2nXr26ol5X9zwUHj4grdJMfX--5bXFwTZCoY6Kn0GNFxrIQPo6aaZ3sbnB14wY5QjCZfbmGxHh0d-cri-f5k14IVhXbfdQ1TgulExV2CUJQu6wq8U9NmxfEI8dQNTwqtojzm4HwcP6L1awBDUvcW7Qg1tIVfRDYoenSdJMaTlpIENS-xIXoSiRYAoCZ_4MNFxO_Z3azGiz7dFvs1fwDriVqDajRY0KPkeS9qFGF78t3m0uBiwJvdv1ZOS6rfH3aTvh5ebyymN6H4pfYSSC8b3z0_ZP9JBYuw5aoBdM-U-7vF5KQ6cZFTeDYCgjnSqd3OiIZU9GXP04XOFERxguxTSJR701APuKhkqrOz5oAFlwonK1E-nJuneC_d1LUATfNlN7EeL9ju3ET5SXWAAASGGgi1jYHHL_RSaKJgL-nfNErGVCw7sX938jaZnd8RwC0dfgOYQ9UoIkFq75gmWZkk6B-bV8PKTj403B9Z0JHdpOxzl5yJccqWaBE-a-jlP8qaVgzMsoAKyBwAYz9dBfaqu0KqxbQOkYNnLxitC9ToMNLjiy0fKg4J2DRqug0FP8GT7lGI7qYubqqaxXcBRqrRJOIiikpbbcfvYwWsMq3kq2S0Am22PyXkVNNXAj7exLqi4IKgstYbAzTMVNK2tlIhc4bfOYQ1H8mMfTwp86ewGBLH9QB9tew8x3fX9hqEVn33KmeeP5t0Fv0aJi5r37R8z4GvP_rvnwkLPdIixZm1_f5dMmk0tlBFaE8v_E42CokJdN1qDVXE0G9lebxYaXNBQuvXwtMt3IUNTcOrqHURGXwBjnjgPSs26OsugD_-sVwEdiAOYTuIL7kaJqBgfc34_jusO9FXQmyUNgIY0D4b9EI4hcN7A_C35YPoKnAttFMBzMPlr8SrITXGjTQ4_ffK3H19jPwJ-QumI0iii8lS9bk02WTKgkNAnZQJN6vpl--0_gjIm_rWuyqn8m0-eMZSRcvwkXPreGW4-RRVNafJ5UK3wnrlzUj-vh7EbQVmq7v2PAlnwu-Rhy-Ngt1zaD7pvXKv9FixpwuDfyN3CtEQPVFVAzxhw4U6p3hrDTcQpK9G8mtEgB7pTL184N4WyKC9IIuw8E5yZNQuP7FxK-7zHAXlWc6Qdxmq9szkoBEAD1nCNNwo5PnTL6avcZvSleFMYk3LFY17rdcQ4Uz18DoJ1u59_TBzlC7yuJt8-iTzED5LHV0Ee9nGXE9eav2s9N2dslQWuWGnYJRReLLpNmDeBP3ec-LZKGUxWzaGTx2K6ZSUFibn7BRoyq0ZFc29BJzSyI-_VWEje6MAKxBonj-TEx-_DrpExZ_x1gyX0O3IDWCQkp1t_HC7DpUwHatB12OlWZ0yI_zv__MiU8p0JxNOcGjmhg5uEY8-xc8HoT2Nx2YsFgSODFNMQkPVMczwEh_EXuMv2ShCEBXKOkY52AkYd3gYao793yoGEy7Lm58l_UVUAC67eyEEAMr6rQRhBYwzg1JPtP4rhuOjBmsUDyJk9h_jc2FOnuD1Mz3PwCcOaakb8v-ahXxrOkoxjMWtzAe2jRgYMHvamxm-AQsLCol7E-qjBMgv-kSj37NifVFhOboNHBBtf65wDxWXhBFwQh8wl_A_P1MFH3psN3BSTT2h61p-CwSWQdfy2qaMHaAfcteJ9Y4wjycvS5ouyUM20awx1FRsblcCNhaXoCDejXqBQw5kwb2osbP_dc8vDGiTA8Vq03sOpjEfqGk4zlW0eH8i617mNQ_fJDTOkm0nqYLbF3XFQ58mA1HBTtd_pkvdvg3uiB_0SGQpRTSPr5yWz-05xjm4pwb8sePkbAxLUPnU5GyQttT_2Zp3xZzw_Js_oHN9QkTwx_bvLtB4-1Lpc_q3XDHv4A44k5Ji5A8hXezWj8C1RY7ZW3VJ_NhjnwvJCk8JvEodM4yQiDAT1csETpBGpWkU_10tFv9Br8IydayycZ_y-xW4JtT23oIoLWOMmJq1L7wBZW3Oa40yhnbU5WtiTntKcuYOKht2ua2RuRgFM_czFWqCNNYWHQ4zEv2eaHBbLNFP9kWTJLvFj1nKTdGJQnA6w82p0Nu6yZNMoocy8nMCZvZvzD0eY3cgAFT0zVaAMtBhccZ0rywF5lVRfeWO8UfMOWW8hc0__di-GnvSHH9JhAqG_pGJOwNi2mIC0T0EWZKIWpa044NTursNEN9VdI-e-_fI2JF6KAQU1Rn7KfN04QtjcX_fJcXFJQNArOIcvUGfXFgcIyqbo2UODYDOXeNP7ZNTJ0QuXh-RAEyjf7aC9YzENzihYjri5o_vHa8AJPnIc-4kTPPx6y1VpQEMV052ZWdJzlnr1RxmRbgNrecCuJKS20_Ow9z4Vi1Li1TSlrf1z5-hEL28PeQhWIepkUH49jfGoMDbrex0MdvIn9cpmh4aupPsO0kUQgDO4GZTGQCnQ8ueIN9YkP3sVcNBNoFJXrgN3HQiTProrWyWFVJftZBmhf3GiuyHq3OvTKPZ1E9fZQu2i_RjsKhiSPOEAQDFZU8MjiDcm9mp3EvmePSPh316CO3b-qhXOgOCWa8neXoAqYpjFZq46SG3hFMwlESfbgK-sOmzmTA9kpgh1Aa_GKK9j7MqMqaLtepxmkGD5EDsJY8_nHVFEyuEeGqwSJFaUYOat96lCe6m_AU8EYWH8FlmZxg_FR1V1MxXGAcuHuk8oU_IjI2WSdVK9tnVEtl0HnWOpkEHdTVgfpj4iI6z6iL4M0-e4BSo9y2Xf5A6DNizmNcqY62e1soM09GMlEytyzWK5vMDByHU2JlT6JSwQH-xttfCuqAyMGjgRKCS6Sdg_gA8ByxuYoWgTWas1uUUqAT7MNO5vMIwfyK6Gc2yMFgaTzVfG-sw-PpJpTi5b7YwvOJdIR1sPwwMz_C6NCU1qQGXRSPNrVAg-MT3RhOdbSOmvolCTr87X9t6v6FpE7GLglkv3VWUMjPaJIDuZREQr6fZH4-BtyJg4xsbL8nUCgxmXKSke1SzxAPtS4IKRhFSZujq6aovnM9q-bB2Osai2eAfzSTVvkqsuk2L_ZBKvw_enNN1r_khKWOoCgRhCQU6YZ1hSyiRhB3PwvOq0AgfDDJk5TUIEsUt22-OvzS18XEP_uOewMo8kasas6LL629geRv5j6nX3ZwEAvYn8Qe5InlLd4X-1Wd8Iqe3_VyVnEXD6huX3YceNi_65-rT7ceq2vGUaTvwBA9Ra__B_qP-0ik6YpueddvdHZqpiAJuZ9FCdBcHfZsUWc8KbfEDx4mG673LXPlGEF7skC1bp_a3I7EIJ7wpD5EslxFaF_s2sDr3Iqto6bAboD3t9OrN85RP9Xy6RBiP6YHon6qhDgw7XiK0Qg1KnTKUCOX6qo6EdzI3993fSD93dvbTXG__DDdUK3Vp2Vj3j9GV7Xtqd6KnN11aojz9ocLZ1ctCP1fw3pvTy-4XI-WXr9Lf5oNEWtM6xMC4QHrn1AnIKeGIM9tDlrOIV1f62LlNSxpTYChngtRT1V3cgFy36YtCH5txIVRpcF332lzX6CfgqH3PX2ez5x-_RJIzutOpj0J_qnN91Yyh5j0fUis3g07xQIu5Ki5HIJHMwmijCmUwohViyAQKHNCW8avG_CAV-K520JBILZtEttVekd42mKiNV_GDd66pwtUr8MKiIT6f_8dnZ_VU_H8W9lh0xz4m2ueCKfvo4cYEzWiL6Dh7PbEeGPjaO7SYGykOHsi-FjrPxTM5VjzMiE_K5U51SRUWG4Qh7lFm7HFzsF-VXDFCeXogqcFLFlZGi9E9XsOFvhlj8_VB3mZiHzKXljFWu6MuzifIJ0E05VIu4oNBBf0oOzYhi0zd-t2TJ8XBH3pVi8Q8rzmoToZk5DrNyW5p9xRfjjaB0kDOJnVp_-FyPsF91GE4wZ-kMdQIhZB_F8QnuI1Lx_v6Yyg30YZbWmCTSqKWtN03X9ZcBBpBCAQSOwAvHhf_voulBw1ONUhNGdE7ff8F2p_oHjaPa7pp0yQRX4nCnZHS4wljLitBYN51LgbyUz-QNQHcTPnyGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013025038&ias_pubId=pub-7784034061253020&ias_chanId=1&ias_placementId=20262206047&bidurl=https://www.gridoto.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-ehTRD0KrZe8kybktf-wN&adsafe_url=https%3A%2F%2Fwww.gridoto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gridoto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cbf2f895-ce6e-8277-8ee8-e0eed86f33ea,c:37Rs28,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-958df59c8-nv7hv,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u39YV2c+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:32,oid:3fc88441-c203-11ee-bb43-eaac29bfea6b,v:19.8.478,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 02 Feb 2024 19:42:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C0CC 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5taUuEW9ZY3XO5uC9fwP8L6T8AwAAAAAOAHgBAI&bg=!MjGlMX7NAAa8BdJLnAU7ADQBe5WfOGiYEJcBseiPfYPq_MTMsRxy9JGkvTRyD9neqOFurSzzY9EWsrCm27zz_sQK9EWgAgAAAQVSAAAAA2gBB5kDCiSRG7IBwDVljcF9qThH7SzT8mMkG8Fr62Hwv08qsFfstsSxJtYsojiILpIXc7i-FJt2PhnA8jDP93HM0FwEV6dYb6VU_hUkvbndFdbyGkDjD3Q9NZScszS09xoEpy2JInLwuH0qYQBPMccEif4qKCFVfjuK2F_4okvqApDf9hbzyt5CcMhfgZieuhovONHARptB3lFkecDy46WXj9eYT8Ct1J864e-_AYWHe-wQjsDYwJD-JObq9gW211Kp2SzAPpIsIg-BpPm4gv1FXMiItlDTrzBlaZnEekq-cRnjSDDySt989M9DGhzQJp6r9AASJ0LCG9nL0HUdAOi1lxm-bgFN7R-5VFS3CXuB6376JplBcErwbJrcvBbqmKhl9XRxmACCnN_ke0mLfnj5lu3XVWYFDUpSYkStbWgxT65bJS2ZUZ2fD9lqAO62Kr_W7-St_4c55zyZTT7fu4GJPKBMVyvA0CHSEUDNS5SJ_0I-ve8tOJ4l3TJt09d-rIZC4YgcjIll7mxV9Uf_IeqkEqHa80o0HKKWeekX2KvhZW_mcZu6M078bdrQ3xSg86qiULWvSrisfW2C7VDp-d38xqe8uhhLE_0F3cE3sfzosGwC_WJ0T1UUJuU89GxbP181gxw8zIOoCoECAMjizjhKPX4XutLlNRWSWEsQT4BQw3tmm5Q5PsrmqtkWSxbnBzlGoqLQJ4vwbygfrNCEQxWT3qClZA9rVoCqvwfCNDDHDujkQ1B0PrrGg50VJvWB9df0UQweAGX3iHEVLAcvRUpiBCCvw1hv14RlofAiz7gbxw8aBmwaxN6FmgUqv8H6dwFpRfMSbKBSDPOj8pGYlWXDqUrf-BsFYkHAYj52wSznVESzXJJ_CNBkbSXgvTFTvb984y75fbck3jlpfPQ0_hdpCHy2DAeIFqmlpk6jUDW1tvydM_56swACn0pyJoEc0UmNzd4_P3JOCIo6xVK6kFik8bsRrdjGWPgOxOnizFZAuh802l-9aTjMq5_wsmnpcZ85NVQoepgIefTZdYVjBZo
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8779 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-MOiukW9ZY6_Ktayz7sP0_uUkAEAAAAAOAHgBAI&bg=!4-Cl4K_NAAa8BdJLnAU7ADQBe5WfOE4_iGjpdfb3NZT5RslYhvX1kvMaGsUiWKSDj_EYYWBJrBXd2vkNCojJiw_-sfqLAgAAAQJSAAAABGgBBwoAYbtFqSZI9T9J-JpoGfi6Vae_m4HEITIsJVUN283kxxoJjXa_YulX-aEUc-iBi-mJAvcvIX4u5XzU8yF8mSAiGxQ5XFWBGUG-v0tKeCkdOEn7irOEqNbxY4uEYfVz3UljESGZAwfhPZrUnYTy8cpz5bwLpKBucKx1ixXnnL3FeSLlja9mKdMaRAvw7QKdehLzJ3hj40hKyHpyyjmNsj7BKcmRw-vNbeUm56vXblnQl95RRRy8WSS6BKSxZqLAeOzCLnwstG_wu2Ab8WG7xDSuNgVVYCR3jw4t1_MiFQ8-sGE3Oz6PD9dBE0RylbWtNLgz6dZKz_JZVw1gJUIWBtxjE27Pp_PrZ-JcLGin5nkR48wEXa0-QQYX8y95njzahK2w1JSpItENQE43gTIm_OjeakxJOmPPqwyMttG-PWo5GA38bDcHI_RnIZT3FjGmHOKASXUIm8y7bHBIt7d-w1fwuHbyl0zLahnKeQuPtprjQhaqLd21JGmIWAhWjOAUSHGFXGUiDcFCGHzGF6FQPNZeOVJCwMlZKR-UHNNmJGKdIS1VJNdTI2VeDdwtqWPGWYBjS3rXvgp-Sbw-oMNeouIBt5vGYjrYff_-yBpQa0vDcGVqHcx1p4g_gf7wVVS0Dtbup_cGnjP9AtRP8EZb_8mkXOrwfabxeqLz8-FCGLdaqYCNd3vUsNYOo5CIGw4C90S_82yvliD4VAMNlO6vg7ldJFthusxnCqr7uEzSKm3tvfVcgQ_HqQG_CeFIgiQq4-VrbS_rozU1Uhwu7vMKjVLXoFM72-Tcx3gwgX-aYM9_LpphU94qfnVC9fXdWSWX08Xl5zEdJ7rumBXvmHktROUP7lEw7PEj2elK52hHQYX6TqJTQDCoH2SiaZo5GkH_AGIcXwx0KeL626NmKllW4XvfsWimzUhWJc7cnjWJztkgBAphrqejIOrTP2R5l3tL8ffdG0e75FzGZLlIFJMhHMBflhOgSNBx6a2V4rpAiTq-1VswEG7OvQqBSZy1ZqWhs4wnJxD-FJhdr1l6P2K8twuOcx8BkVhpIm-7mKtpZ0SH7qcl1LZzDTH_K-vxmyi2OGZ4MBuvD87JImV8sa9IYeaJy59ofM7D7Ga_lk0OCZe7bK4bied-weAoKBdKczenu-2FOYDxehUbMjWDem5d
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A51B 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BpLUvukW9ZZq2KrOhssUPrpGIsAcAAAAAOAHgBAI&bg=!GhmlGVbNAAa8BdJLnAU7ADQBe5WfOF--mzoB4abyGSzWngI7jTa6evNJ29C8AMGgx7yHbQB5pRFLknU-oMF0DcMOIKrBAgAAAOVSAAAABGgBBwoAYqJdUXMkWxUDswgIWb3yq0re5u_XkqmO508WvU4seovAc7jt24lRf6JPJj9GaxRXX4wexEcbd9YHrqAnG576tWWY1Rgti6YpUIilBBz6zOH2WQ3TWsQkDiVeB4QAusA4C3m_mQMIzkYL-aVU6jxhDrF3qhykjzG_gKBIhuJVxfhgc3VzRqduLgYEXoGmqYw7gGQODhNmySGg27M0slED0Ma-_JEXZOzmXK1SSrNpurBfufmVmu7uU7VA0hlW5ZzzPNgDDm-8yKo9kc9gEm-LPyCe9Ni6TDvbLdxt9u4FJKUfyyzh5YScBzyU8saiVLRLUHVcRNrBuKdWilaem-CPBDL8MQMu2qbHnXMX-VwCrsS2saTzw9inm-FOXTG34Oo2LdjHpn4NJgcM2N7CGBCP-Qd28HNKXdIb0Ysn0AAAW8R_SKxc9kpuFj2wc7QJJZrPfX6nqwfw5ScIxEna48yATWErhEI9Q_5K8eMaNAzd3njiZnekuiTaHz4dTLziS43r9prsH7vTh7gfeSY6BCokk-zi6OYrfqb9BQFRiUXfCG9N5WraT1cQx2LExgYG2L4LGtsaQHw3Pyr8BZeezl39k6Nuu9Jiw54o0lsNDqSbu5Lhp0IsKTD-LTq8osCLfTccc7_PlS19jJnVjpv7UeAuYuQtLaCOW8UTBpOU1wqFX16OrRuGtA8JMHoIX9oo9AuOG1HCrLmrhh1a5SFLI-DDsW4BH_nfWG45fkDc2nIMcSpOamBIytGg44Bh1O24kQmAzz08TnsS_O46yd4egJtZP0OBpF4ShKSS85nFpFQf7uWDvHxFnKSy5v8tKro62vSvBDRG_MVZ7LbbY3Tn9n5g0EVup5H-9LdVzoNv0ck_7_mgdX9qSjYIkbtseO1IYpZ8H8pS9A4Y47mSv6Tma70lQjw7x0L8R1hJT3I58UPIG_rG6O2FV_iOAiITZBVPnb_MC6Ds7ULDKUynXqkshFqNkL8tDEo9vV5sHDo5xWkaU1WuiesuDf8b3MfdCXm8XxEmOjtSEUa2aND78UZRluV6nJsbHCM3-0VSotigf9f0jmw56_G0gkVGZKVyQ5yMU9IgSsXDZPltuzpqWqmSOVy4chz3tTj34Y3XmLHZpWqiT3O8tVLmgMOugBXczM1ElybVumAD1sGJiaZxlPlfHWs
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 55D4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=au&co=sg
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.gridoto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Feb 2024 19:42:54 GMT
ETag
"20524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 0B40 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a2f33c436f1895985537a107a71d12da966b277a35bd1005d67d83421b43c1a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame B259 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=bc3b56db-b679-5288-ace1-caf014b50877&tv=%7Bc:37Rsui,pingTime:-10,time:2506,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706902973742%7C%7C5c098a1ca1d4308b4ec9d49c0abf3114%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1412de73c6d622859f5acbf2c66b4709%7C%7C7d1c8bd586cf16de6503e6743c0b0495%7C%7Cef572eb3e7eb2588efed14bdb71e52d1%7C%7C0dd93e17d2e8fdb2b3ad10e9cd04b095%7C%7C7c94edd9c5444f63b3d4d61f94e00a93%7C%7C1663701684%7D
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2TX2MX67CX&gtm=45je41v0v881291252z877494712za200&_p=1706902958985&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&cid=266424015.1706902968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1706902968&sct=1&seg=0&dl=https%3A%2F%2Fwww.gridoto.com%2F&dt=GridOto.com%20-%20Simply%20Automotive%20Guide&en=FCP&ep.ArtikellD=&ep.Author=Gridoto.com&ep.AuthorID=&ep.Editor=&ep.EditorID=&ep.TotalWords=&ep.Category=home&ep.PublishedDate=&ep.SiteName=Gridoto&ep.SitelD=22&ep.ArtikelSource=&ep.SubCategory=&ep.ArtikelTag=berita%20otomotif%2Cmodifikasi%2Cmobil%2Cmotor%2Cskutik%2Cmobil%20bekas%2Ctips%20otomotif%2Cmodifikasi%20mobil%2Ckomunitas%20otomotif%2CHarga%20Mobil%20Bekas%2C%20harga%20motor%20bekas%2C%20harga%20parts%20fast%20moving%2C%20motor%20bekas%2C%20modifikasi%20mesin%2C%20mobil%20baru%2C%20motor%20baru%2C%20mobil%20listrik%2C%20servis%20cvt&ep.ArtikelType=Standard&ep.ArtikelTitle=GridOto.com%20-%20Simply%20Automotive%20Guide&ep.UID=e45f698f3680e5dbdbe9973b1709dd51&ep.Lipsus=&ep.metric_name=FCP&ep.metric_id=v3-1706902968753-9478121586928&epn.metric_value=3145.3999938964844&epn.value=3145.3999938964844&epn.metric_delta=3145.3999938964844&_et=667&tfd=16790
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TX2MX67CX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gridoto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37RsuH,time:1919,type:e,im:%7Bimprf:%7Bttecl:3551,ecd:1722,tsecr:3%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:530,o:1389,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1378~0,0~75%5D,as:%5B1378~160.600%5D%7D%7D,%7Bsl:i,t:1389,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:89,obst:0,th:0,reas:,bkn:%7Bpiv:%5B529~75%5D,as:%5B529~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1599,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:71,sis:1797%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Standard
s2.adform.net/stoat/631/s2.adform.net/load/v/0.0.238/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 0B40 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/631/s2.adform.net/load/v/0.0.238/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/631/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a5e0104d6421cf17fc1312b0190e7c5357a59c10dad1d9bbd3b48b1d3aa30985

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:53 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
MISS, MISS, STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:51:45 GMT
csi
csi.gstatic.com/ Frame 9EFA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ls51yhyr&c=5648275649491&slotId=2824137824745.5&qqid=CJOTh4m1jYQDFRtBnQkdcN8Ezg&fb=outstream-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=Infinity&mt=video%2Fmp4&vs=690x388&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.217~vil.30h&ua_e=1&umsem=0&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa03s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37Rsxo,pingTime:-10,time:2086,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706902973742%7C%7C5c098a1ca1d4308b4ec9d49c0abf3114%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1412de73c6d622859f5acbf2c66b4709%7C%7C7d1c8bd586cf16de6503e6743c0b0495%7C%7Cef572eb3e7eb2588efed14bdb71e52d1%7C%7C0dd93e17d2e8fdb2b3ad10e9cd04b095%7C%7C7c94edd9c5444f63b3d4d61f94e00a93%7C%7C1663701684,sca:%7Bspg:bc3b56db-b679-5288-ace1-caf014b50877%7D%7D
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3A99 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=216af7ef-6251-09e0-29d9-01403719e5ad&tv=%7Bc:37RsCi,pingTime:1,time:2390,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:70%7D,%7Bpiv:89,vs:i,r:,t:1389%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1389,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1378~0,0~75%5D,as:%5B1378~160.600%5D%7D%7D,%7Bsl:i,t:1389,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:89,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1789,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b*.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:71,sis:1797%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37RsCG,pingTime:1,time:2152,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:35%7D,%7Bpiv:89,vs:i,r:,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1140~0,0~75%5D,as:%5B1140~160.600%5D%7D%7D,%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:89,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:1433,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:36%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37RsCQ,pingTime:-10,time:2162,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706902973742%7C%7C5c098a1ca1d4308b4ec9d49c0abf3114%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1412de73c6d622859f5acbf2c66b4709%7C%7C7d1c8bd586cf16de6503e6743c0b0495%7C%7Cef572eb3e7eb2588efed14bdb71e52d1%7C%7C0dd93e17d2e8fdb2b3ad10e9cd04b095%7C%7C7c94edd9c5444f63b3d4d61f94e00a93%7C%7C1663701684,sca:%7Bspg:bc3b56db-b679-5288-ace1-caf014b50877%7D%7D
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~ls51ygby&ctx=0&met.9=1.3bk~2.8hd&met.3=112.9kw_1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa03s35-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
asia.adform.net/csimpr/ Frame 0B40 		35 B
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asia.adform.net/csimpr/?bn=71174490&csi=jSG9otZNZKbexxmeYTgHblDzfC4S0Ugd4YcaMXWOq64JDwKV3Zer3KipQpxEDHGtLmwln99W1S7Qj7pqAM9d2mQBbo50IEXs0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/631/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gridoto.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.gridoto.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
62140694.gif
s2.adform.net/Banners/62140694/ Frame 0B40 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/62140694/62140694.gif?bv=2
Requested by
Host: www.gridoto.com
URL: https://www.gridoto.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
00e600385783914fd7fca5a40ee9aedd3eff578235d92813c5cd29976ab7acd0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gridoto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 19:42:54 GMT
last-modified
Fri, 26 Jan 2024 09:14:32 GMT
server
nginx
x-amz-request-id
tx00000f4fb81c88420eae1-0065b37839-32959e94-default
etag
"495d868aa9feb186af1aa5130d85746a"
x-cache-status
HIT, MISS, STALE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103877
dt
dt.adsafeprotected.com/ Frame 74BA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525559&asId=cbf2f895-ce6e-8277-8ee8-e0eed86f33ea&tv=%7Bc:37RsGS,pingTime:-10,time:2558,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706902973742%7C%7C5c098a1ca1d4308b4ec9d49c0abf3114%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1412de73c6d622859f5acbf2c66b4709%7C%7C7d1c8bd586cf16de6503e6743c0b0495%7C%7Cef572eb3e7eb2588efed14bdb71e52d1%7C%7C0dd93e17d2e8fdb2b3ad10e9cd04b095%7C%7C7c94edd9c5444f63b3d4d61f94e00a93%7C%7C1663701684,sca:%7Bspg:bc3b56db-b679-5288-ace1-caf014b50877%7D%7D
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:54 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
visit.js
tps.doubleverify.com/ Frame E8A8 		0
0
dt
dt.adsafeprotected.com/ Frame 0591 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1937257&asId=c095e80c-544b-6118-90a3-76d13630a4bc&tv=%7Bc:37RsJR,time:2597,type:e,im:%7Bimprf:%7Bttecl:4566,ecd:2462,tsecr:71%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1446,o:1151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1140~0,0~75%5D,as:%5B1140~160.600%5D%7D%7D,%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:89,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1446~75%5D,as:%5B1446~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:2051,fm:u39YUQs+11%7C12%7C13%7C14%7C15%7C16%7C17.1525559-72176526%7C171%7C172%7C173%7C18.1525559-72176522%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b.1937257-78037242%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.1937257-78037242%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1e%7C1f11%7C1g%7C1h,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:36,sis:2570%7D&br=c
Requested by
Host: f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
URL: https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.61.116 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-61-116.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Feb 2024 19:42:55 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cookie_sync
prebid.jixie.io/ Frame 8F09 		0
0
rid
match.adsrvr.org/track/ Frame 8F09 		0
0
upkiejson
accounts.tokopedia.com/ Frame 8F09 		127 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.tokopedia.com/upkiejson
Requested by
Host: partnerrsc.jixie.io
URL: https://partnerrsc.jixie.io/pbs/jx-load-cookie.html?accountid=bdc4478847af564dde5cd5bdb27fab31
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.179 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-179.pacnet.net
Software
nginx /
Resource Hash
c39bb49f66ed958238a974591fadfe80b86484238bf211bfb9a6a0b70c6293ec

Request headers

Referer
https://partnerrsc.jixie.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Feb 2024 19:42:55 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://partnerrsc.jixie.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tkp-srv-id
accountsapp-10-41-75-7
x-tkpd-origin-match
origin-accounts.tokopedia.com
content-length
127
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://partnerrsc.jixie.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://partnerrsc.jixie.io
content-length
25
date
Fri, 02 Feb 2024 19:42:54 GMT
server
Kestrel
vary
Origin
usync.js
eus.rubiconproject.com/ Frame 55D4 		0
0
4249
ads.everesttech.net/ads/mts/24651/ Frame B259 		0
0
4249
ads.everesttech.net/ads/mts/24650/ Frame 74BA 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F826%2F6%2F4.gif%3Fpuid%3D05b6ff0a-b225-4307-b401-6c76e4c8902a-65bd45bb-5347%26gdpr%3D0%26gdpr_consent%3D
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_hm=C00B38s3wDjr1M5EQKv_&google_push=AXcoOmQNs0eXOfZ525jMTx3YoNixLhehQirpsiOVEC10OWyNwUlxvJBHtwoFnKx65qPQsR1BieTOsjSdQMbjkTewXr6OmAnPXJZGfGo01hD5ekk5JVwMoJXDDuYwnX9q0wpHBPfjY7BexgdxIzVzQzLjjw&google_nid=inmobi_new_eb
Domain
tps.doubleverify.com
URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=18&ttfrms=47&brid=3&brver=120.0.6099.224&bridua=3&bds=1&tstype=128&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8C%3A5%40E%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8C%3A5%40E%40%5D4%40%3ETar9EEADTbpTauTau7b7h_3abg_3hda2b62h6hhbd545hf5h7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=291&ddur=1481&uid=1706902971660865&jsCallback=dvCallback_1706902971660640&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5323&tgjsver=5323&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Ff3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=17&brh=2&dvp_epl=223&noc=4&nav_pltfrm=Win32&ctx=20953885&cmp=31227244&sid=5129415&plc=386330975&crt=209483721&adsrv=1&advid=8417622&unit=970x90&bsimpid=978855e6b4664f20a6d0ab7fcc37aafe&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1540967965178.2214&ee_dp_sukv=1540967965178.2214&dvp_tukv=43937446446.60464&ee_dp_tukv=43937446446.60464&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1704703883372&jurtd=4084968467
Domain
prebid.jixie.io
URL
https://prebid.jixie.io/cookie_sync
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js
Domain
ads.everesttech.net
URL
https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLxc4pUxoXsJk9OOxeMQyPxCpAsNexzyDHg7C42VmE76NOIRLI4Tojwpxg2pecJgU3ssxS4tGBSPA6sAX5vI6c2rjpujNzGSfm2NvcBGrHFxMVrKX04AYLnk6hT_I8CR_Q_2fbCNFD-RaOxDIO0Mhh51bdOgUUyvnG-3JJJYtzboxBF10Bf-n5exsWauaPm-nqm_yGAm4oNYFtAZS-wF55NUl_u4Qb5WbqeeefiUxvk8V0ZLybd8wj473LeD0aAjbdnRIO96dDMErQPbgZadyAOB-hib2OYkUIBdZ9tIfQdT61Vi9eAnttvbGLlfGXHFhjBaCOXdLQQ1HumaVUWb65Bq946K2hLBrZwtZLNqH2QdZlKox-8kyZeLlcAMXXTXhvTvAI5Bl8aHiXWUEXeZQKF73-5zxQP1pWrO-zp80pVqLL3J0la9Gosk_Q_cYTu4R_U7hx6s8iXs_4fF2o5opbp1DTIjgkSDH_eSflxpKOcekgrH32GXsaj1J1Rdu18kMk3xfajBHggSaoUT1oFRNJ7mlSyGNLScVptHSzoe6rZpMChk58948jMQ5nbTaEExRdufIxXb1J56si21U5x9hASq0RDQRawIdP8xtKgjuD5pQPU6rIL8OfgqKo8FwPplSpvqZmhlFiss09UgoP9PgmUqfY6AnUSqlFJEUGyg8syC4qHOZsSpp0L7sHEqH9g1_mdAcBKjTDGC5DBjRUroh6Wcjr70kV8BnFRnaLPAcEyysF7HbSVDDD4Nzjh0w-5e0i7Wj23ZkPocEAYc7Y9PnqtVUKfJWiPqj0JIR-VmTm6_F-PgKDTi5G1SKq4D5pUzrVTndMsoKjPxOqULWksiPQM9sHl_sm7kyO5Ir9vB-neq3EKQFnnwh2lismMvw2yF4ZswKUezdG1BOZ0j3VSkM3g6jRJKvlC-ViI1zZOGePIOJBQJi218QRSAedBOBwlVPCaAyeq_RV-62ugXVdC6-GCPhK5ng_TJrzQJA4wAX9kqvfC-b6WOSeo8iaEowtKZVw3Qakz3A6zqVUmZsokxct5E_ary_QBfx5IVmYukwnw23BawHCbuqaelIKskSvT-WjzljY8ikjHNeucapffEVRNTyoJCMf-a97ahkDGt6wLsJ3Imc9aL0h9Fb864efqkUJS9GnnBk---VR6_EbbwL2Rip7wt2G7er3NhEZy-5afStRVFDUF_3KpglteiXTRQMUzmNk6bvTI_WE5EHcTgXyIOG9cIDY31IqU7Zcsdo2yz63DbqgHOW-XG1D8NMOT8jv2XDyeKbJVflSjFxPo2TOz1GEMXTBu1p-ff2jyHF2m2Kf17uXtq0YXfXIw-yBz4QQT3-Lhm_V0I9OVZwAUJTvgLZ1QlLDWlmiDjdfFPFrhAnM7JQG8FQ5hyWOwA%26sai%3DAMfl-YR0ne4BQeC31dCOSWkXYCDqGBVl_NiAVmXPUBQMAjAHTG7YZWhyWpxGpk250XBXyi28VclhPblCx7wjjHN_vhtisJLcoVrN-tQdGdOinJArgzm-A2vQLgrNafPR3wlW61ZG9FzgzOUo7h3vvjxY87PDaSZaqmf2MBhE6qeVikc8H_Y2_97bSY596zcBzIqY9k3WpR7I0vwvKkhJFzLObLKgpgO-V4b6KtCEWa7jK9-fr-GMu0nKdKKf4fhM6KHNB8Fy5CU7aaNycVs%26sig%3DCg0ArKJSzMRMK7SMMEcwEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056140&DFA_PlacementId=369677253&DFA_AdId=560290187&DFA_CreativeId=168629754&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677253&TC_4=168629754&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560290187$dcmrenderingid|168311820$dcmsiteid|6958819$dcmplacementid|369677253$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677253&edge=y&html5=y&nr=0.9637051010533344
Domain
ads.everesttech.net
URL
https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstMXfADPm0F8J3B9ksW7EQP8YO8q_4qA8DkY8oH6cfmmaKco5KvTL_96beDNuXprrsd3IKpOyi6iVEeXw3V7ABB1C5Jn5pfapLZhj4rsgLYKXulj9AGEW11izhMFjI_EM2rGC574F53EOk9CDCik4uEh-6s1X1KYgAiIBWgN6-a1OqJAtfoV_NbkSLwC7cEW3VNc3kYTRvkwa2DJenHJX39U9S73KpBAoseNaOuW_GnJwCSOuzPBFIl4yGly4i-XoJWbRkMTNxA15vvXMC54GIK1pA8rJaKvoDZPnRrA1VoYYYGDIS-NVKp2qNUtmg4NWVtXFSoVJh1PudUpnqU9EmWb2rPORA-65hU_Kad0rfM5qB2hDEmNHN9Rkp6C4Heo1jzXp_8vEORjq7x5ff-BRFaUauLn4CsWcVFSW_5RKlmZuYJnkLMDQGc2Ar-8HG4Pg8Uikgo1OkUmjMLZdgZNG1okjaWZQ2FpT1WRBGBjobyssfGF3T98NpOHa6NIddrfkzb1DPBI95tArfNEf-PZ7vpmStHMdyMLtppzKxBbgcZ20NODCkzJMAUlY8b464ptayfhMr2Del5NUw4AblZe0zKH9xxmy5zytD92GDB5laVz-J1hribflHY7W5yJUxKUm-6bK_SCjZvKCWs7Rd7nXK--9ZHdTyIWcpYL5w0XRRzDx6EsZuo8rvAZW_e4ssMVCdQtPcAZrXvdI5Gi-WxbcB3fi-lEwZGo_AIEHBpIsxHaqc-JDVYd1Q4zOL1pVmcPDPmpH-7I7vOyrC_TV2cmG_mo2IeCL0A8FP-nRFVXLwXqJO5oV7MnVPz1vIjTagVM3CM-tuiy3-yW3mQkMMdQLp1o3ogguD7K68FO3KdzrzVLqbKbzLvODgeqzdSvi2O0x8qwRD3ZGC3XojnkFW2lXnAGF8eHywqHwqwo0YBDdw1htwU0HEzApNTBGpupqyiqD4MioZsp0xwp6Hu69lrX4PHiLw6L3xpSkBmWz9Ua-2slL9kWEEn4X24htnTUd-7vPQpdFe-k5RUJsQND37uCOUvkB8S9e_87xKCQ5iE13sySXGr1ma76PCG0vUXjH6Xt2CuUDWyFl4z_EocOZNtsLGnOKBTYX4OXWCL-O2ZxS3AhziB1voPMlC20MC8-N2AWY7bJBloje3r8VQ4sJULmTB2P4lLPhUalk0Hv6HhZZ-eAI-_6oZtOzixE3i3SdpAUzvTQEDi0Nmq8ofIi_lZx4XN2eXEijDI9b0I1406LhTr-fJU2PFaK8Tt7c5jNdxKGgSgUHDFdzI1MtykdRuQ2NA9xsivj7BArqRCkRGq9MVGPxpREms9i1PFQXEiSm76VpIIZpz22Ldrrq8HXHmG1KTl7h6ZkHw9jH20flYU9FYqY-DoucN-lTDSunFJ1Fn2fvQ%26sai%3DAMfl-YS-58h38qeI4StKd-TDY4tQC0AYVKQbAzvg0fsrhnO0G9i9G1wim0nN3BUT4ZaBvIpwycyB2hUDRVny6r0aQpjoMrWbw0YNZ1KbgGm7dO8aCk4IInRcFDJHQDcjyC1-bU2g_VXISkHBW7_ztDXtUmz8uTG5WviflmG4A-U9YCx14k3PbyCB8lBDtpsdbA6wuVhmgb2Lbm3roCoFwjKP3Ck3Oae9xz7dVf-3cxj9ixo8EShAjTm7bJxuWWiSmF0xnnn3MwDy79TIUAw%26sig%3DCg0ArKJSzGZUmsh8QhotEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056140&DFA_PlacementId=369677010&DFA_AdId=560437852&DFA_CreativeId=168248057&DFA_SiteId=6958819&TC_1=cmm9nzf93z2&TC_2=30056140&TC_3=369677010&TC_4=168248057&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056140$dcmadid|560437852$dcmrenderingid|168136051$dcmsiteid|6958819$dcmplacementid|369677010$customer|Microsoft$dv360auctionid|ct=SG&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369677010&edge=y&html5=y&nr=0.41096448856330237

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| dataLayer object| jixie_o object| jixie_p object| jxtrkr object| pbjs object| googletag function| getCookieUid string| uuid__ number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT number| HB_TIMEOUT object| adUnits object| gptadslots function| initAdserver function| getUid2AdvertisingToken function| $ function| jQuery function| initSlider function| createArrow function| slideIt function| lozad string| base_url string| id_site object| core object| __core-js_shared__ object| firebase function| a4_0xea60 function| a4_0x534e object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ggeac string| Zjk3NTBlMzAwZTRhNGZhYmxvYWRlcl9qcw== string| Zjk3NTBlMzAwZTRhNGZhYmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_data object| google_js_reporting_queue string| site object| uuid_c object| ukid string| id string| jixie_id string| city string| useragent string| uuid function| setCookie function| getCookie function| getDomainName function| checkLoginPopup function| goVerify function| verifyPopupShow function| hidePopupLogin function| setCounterClose function| setCookiePopupLogin object| pbjsChunk object| _pbjsGlobals object| regeneratorRuntime object| _jxbidsq object| google_tag_manager string| GoogleAnalyticsObject function| ga object| d object| _comscore function| onYouTubeIframeAPIReady function| _0x405d12 object| Base64 object| script string| curr_url string| full_domain string| domain_login string| domain_name string| service function| setCookieAL function| _0x307d function| _0x12d2 function| setCookieAL2 function| delete_cookie object| url undefined| date object| get_g_state object| result_g_state string| p_id number| c2 number| c1 function| _0x5a1a function| _0x6cf1 function| _0x5bdc function| _0x19fb function| _0x225734 function| _0xf67c function| _0x28a3 function| _0x4aad function| _0x406f string| popup function| gtag function| kgCookieControl function| acceptCookie object| jQuery1124042059845686682196 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| din object| dfp_keywords object| gaGlobal object| gaplugins object| webVitals function| sendToGTM object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_320272 object| COMSCORE boolean| caea0971-f268-4d4b-9e94-407bbebe1a4e number| google_unique_id number| google_srt object| _google_rum_ns_ object| gaData object| __uid2SecureSignalProvider object| __uid2

118 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhDPs-Ha1jE=
tracker.oval.id/ Name: ovaluuid
Value: 139dfee3-1adb-4011-841e-4ace5413dfa4
tracker.oval.id/ Name: ovaluuids
Value: 1706902961-139dfee3-1adb-4011-841e-4ace5413dfa4
www.gridoto.com/ Name: _oval
Value: 139dfee3-1adb-4011-841e-4ace5413dfa4
.gridoto.com/ Name: _oval
Value: 139dfee3-1adb-4011-841e-4ace5413dfa4
www.gridoto.com/ Name: _ovals
Value: 1706902961-139dfee3-1adb-4011-841e-4ace5413dfa4
.gridoto.com/ Name: _ovals
Value: 1706902961-139dfee3-1adb-4011-841e-4ace5413dfa4
.gridoto.com/ Name: ukid
Value: e45f698f3680e5dbdbe9973b1709dd51
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 2831945881680454839846
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 363590=5831742
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500003915%3B%24ql%3DMedium%3B%24qpc%3D247964%3B%24qt%3D67_5521_497658t%3B%24dma%3D0%3B%24qo%3D3
.jixie.io/ Name: jxuuid
Value: 3b3dcb60-c203-11ee-b423-a705f91a135b
.jixie.io/ Name: jxuuids
Value: 1706902000-3b3dcb60-c203-11ee-b423-a705f91a135b~1706902962
www.gridoto.com/ Name: _jxx
Value: 3b3dcb60-c203-11ee-b423-a705f91a135b
.gridoto.com/ Name: _jxx
Value: 3b3dcb60-c203-11ee-b423-a705f91a135b
.smartadserver.com/ Name: pid
Value: 1293068100502208212
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500003915%3B%24ql%3DMedium%3B%24qpc%3D247964%3B%24qt%3D67_5521_497658t%3B%24dma%3D0%3B%24qo%3D3&c=1&l&lo&lt=638424997631168562&o=1
.gumgum.com/ Name: cs
Value: true
.teads.tv/ Name: tt_viewer
Value: ffee4cc0-f827-4b1f-9183-4c51f2506dfd
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: vst
Value: a_410ab4b7-b536-4fdb-b5a9-705264dbeda5
.rubiconproject.com/ Name: khaos
Value: LS51YBQ4-10-I1E6
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLbX6QEBGdkRDaWX/uP0aDmm4qxj2tHv3lnFssv3fAL3WUGTQsw9yVTf55XX0efVovMboWaW1ii7dsGIJtAMZ5zvsVAPbIH/+HjRCnHycYBAQ==
.yandex.ru/ Name: yandexuid
Value: 8439831031706902963
.gridoto.com/ Name: g_state
Value: {}
www.gridoto.com/ Name: _jx
Value: 3b3dcb60-c203-11ee-b423-a705f91a135b
.gridoto.com/ Name: _jx
Value: 3b3dcb60-c203-11ee-b423-a705f91a135b
www.gridoto.com/ Name: _jxxs
Value: 1706902000-3b3dcb60-c203-11ee-b423-a705f91a135b~1706902967
.gridoto.com/ Name: _jxxs
Value: 1706902000-3b3dcb60-c203-11ee-b423-a705f91a135b~1706902967
www.gridoto.com/ Name: _jxs
Value: 1706902000-3b3dcb60-c203-11ee-b423-a705f91a135b~1706902967
.gridoto.com/ Name: _jxs
Value: 1706902000-3b3dcb60-c203-11ee-b423-a705f91a135b~1706902967
.tokopedia.com/ Name: DID_JS
Value: /CqtS6xu0IizbQflJlaD7t7kIzn3dj1hz+qNSkFGtjI=
.adsrvr.org/ Name: TDID
Value: 16f7f74f-1c32-47e5-b624-e3350477a8d5
www.gridoto.com/ Name: _jxtdid
Value: 16f7f74f-1c32-47e5-b624-e3350477a8d5
.gridoto.com/ Name: _jxtdid
Value: 16f7f74f-1c32-47e5-b624-e3350477a8d5
www.gridoto.com/ Name: _jxtoko
Value: eyJESURfSlMiOiIvQ3F0UzZ4dTBJaXpiUWZsSmxhRDd0N2tJem4zZGoxaHorcU5Ta0ZHdGpJPSJ9
.gridoto.com/ Name: _jxtoko
Value: eyJESURfSlMiOiIvQ3F0UzZ4dTBJaXpiUWZsSmxhRDd0N2tJem4zZGoxaHorcU5Ta0ZHdGpJPSJ9
.gridoto.com/ Name: _ga_BFRLBQN3RX
Value: GS1.1.1706902968.1.0.1706902968.60.0.0
.gridoto.com/ Name: _ga_9TZYVFXGRP
Value: GS1.1.1706902968.1.0.1706902968.0.0.0
.gridoto.com/ Name: _ga_7HVKPKQRQR
Value: GS1.1.1706902968.1.0.1706902968.0.0.0
.casalemedia.com/ Name: CMID
Value: Zb1FuFfX8sMj0aogOxXuuAAA
.casalemedia.com/ Name: CMPS
Value: 4901
.casalemedia.com/ Name: CMPRO
Value: 4901
.openx.net/ Name: i
Value: cc474db7-b78d-0ef5-12f1-5f79bb6dc444|1706902968
.openx.net/ Name: pd
Value: v2|1706902968|jE
.gridoto.com/ Name: _ga_2TX2MX67CX
Value: GS1.1.1706902968.1.0.1706902968.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUnfj87nfVDEzaSkh8SPJ3PiSEXAwFhCLbqXMs9KvEN4V6jrumqcon0s7cGmqDA
.adnxs.com/ Name: XANDR_PANID
Value: O27EV16yavyDs7d5Uk2INKuZuezgl2rVuX7BVIzVAlq-kb4XYSNos3lvkwWK7fyLVV3nZelBPaI0BgsvNIrVAuQZr21F58pdY3oiCy_Ea_U.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1941033958778798103
.quantserve.com/ Name: d
Value: EFYBDQGGK7jvsQA
.quantserve.com/ Name: mc
Value: 65bd45b9-0480f-42a75-06169
.bidswitch.net/ Name: tuuid
Value: 4b9169ae-0d08-470c-8eaf-2dc6350960fe
.bidswitch.net/ Name: c
Value: 1706902968
.bidswitch.net/ Name: tuuid_lu
Value: 1706902969
.gridoto.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.gridoto.com/ Name: _ga
Value: GA1.2.266424015.1706902968
.gridoto.com/ Name: _gid
Value: GA1.2.1616509534.1706902969
.gridoto.com/ Name: _dc_gtm_UA-106088976-1
Value: 1
.gridoto.com/ Name: _gat_UA-93462315-18
Value: 1
.contextweb.com/ Name: V
Value: 9wS9I9RGzIqT
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ph2|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d8f83f4126880cea
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1ac7bdb8-b17f-50b6-43d0-e02e31901ad7.tJdA32EBUzj8Tn9yW6tR8rRkWWkj81cUzirIIQqVkrM
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1ac7bdb8-b17f-50b6-43d0-e02e31901ad7.tJdA32EBUzj8Tn9yW6tR8rRkWWkj81cUzirIIQqVkrM
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGse9uLF_ULZD0OAuMZAa13RWmxk.bYQB2LRPmsLA1gBHlo1tpge4yLwzt%2B2mrA0f1LNARwE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGse9uLF_ULZD0OAuMZAa13RWmxk.bYQB2LRPmsLA1gBHlo1tpge4yLwzt%2B2mrA0f1LNARwE
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAv2JkDBKGlYrn5VoG6HCRrhYcBNmStjzXfkwSl6JnHJEAEYAyC5i_WtBjABOgQ7vvenQgSkFhNE.IPtPjfV6K3pO%2Bm8a%2F8kSaTvW26XswRBV7IqI5XF6mfI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAv2JkDBKGlYrn5VoG6HCRrhYcBNmStjzXfkwSl6JnHJEAEYAyC5i_WtBjABOgQ7vvenQgSkFhNE.IPtPjfV6K3pO%2Bm8a%2F8kSaTvW26XswRBV7IqI5XF6mfI
.gridoto.com/ Name: __gads
Value: ID=1356da671b4f8ed7:T=1706902968:RT=1706902968:S=ALNI_MZU8-FOQZw6n6kTKAM1YYHjCXU-2Q
.gridoto.com/ Name: __gpi
Value: UID=00000cf718e3e928:T=1706902968:RT=1706902968:S=ALNI_MZ5o2mmXCNnF7Le35sK9Sy96MmsRA
.gridoto.com/ Name: __eoi
Value: ID=2bb15a2486696dd9:T=1706902968:RT=1706902968:S=AA-AfjbsBif0KUjtUq7kJz8csNFu
.nrich.ai/ Name: _nauid
Value: cf0933bb-d73a-43c9-a7e6-74a3a145056a
.id5-sync.com/ Name: 3pi
Value: 2#1706902969595#661848101#1941033958778798103|264#1706902970003#1408185473#16f7f74f-1c32-47e5-b624-e3350477a8d5|441#1706902969190#-1405378729#a_82691a7d-127a-4a49-b1a0-e54f2159555f
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCLLWvrOljNI8EAUSFQoGZ29vZ2xlEgsI1viMwqWM0jwQBRgBIAIoAjILCLy2hum7jNI8EAU4AVoHOGg5dTExaGAC
.gridoto.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9I90tQ_3qKArYRaNl8ITZ8Tq7csQW8E9RaoOd4brLvUyzR-OJESDlL1SLjw3vl5shp8PHMe92MNOs_z9HR1pfnI1sRxutE3ueWX2US3HeiQM8hoPUqJN9I50w2P9i3zScMJb22GiaUOf2rKtxqFIN_kOctww%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22210%22%5D%5D%5D
.bidswitch.net/ Name: google_push
Value: AXcoOmRMVVez1c0u0yrbuPXjCnCb2NqxewGf44PzSJoJJo27ihgxTZl_cLWSXpow6-KH0FgKGgYKVrGudEpBUOC6RVkoeWSdZnLrlic9t39TqnKZd61eb09LzWtSrVbZ7haHxHWKYNLBL-WuqTiVcaJrYQ
.ctnsnet.com/ Name: cid_e564ef15515049289376bda4bb8ff8b3
Value: 1
.ctnsnet.com/ Name: gid_CAESEMUfrl5XEFAPOCFKFPgJ_fM
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi55nMZR0O1pDWQT2zvYBGjs69YrR03wH3msUMqSwM7PWJTD5g
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.socdm.com/ Name: SOC
Value: Zb1FusCo5s8AAIdYj-MAAAAA
.uncn.jp/ Name: t
Value: v_cf4e216b-c43a-44bf-8ca1-226954afd0c8
.adtdp.com/ Name: uid
Value: AY1rWGUBtNNDWd71CMI
.adtdp.com/ Name: dynid
Value: AY1rWGUBtNNDWd71CMI
.r-ad.ne.jp/ Name: r_ad_token
Value: 58dJgp00RBDE8006RxwB
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Iljl<nxo!]tbPl1M>e)ZlrFUfJ+tGXxoT9!1UbDvl]:V^Bf.LFy4Q^j./(Oz!0I^E?k>*bpRz*qF1`*baKG*E1^0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ffaaab61-b90f-4690-9247-ae7cbc87c761-004%22%7D
.sitescout.com/ Name: ssi
Value: 05b6ff0a-b225-4307-b401-6c76e4c8902a#1706902971674
.ladsp.com/ Name: cr
Value: 1
.simpli.fi/ Name: suid
Value: 214D46727CC94913944F8A12CD6C569C
.dotomi.com/ Name: DotomiTest
Value: 1eb31baba56f21f3
.yahoo.co.jp/ Name: XA
Value: cv1qnd9irqhds&sd=A&t=1706902972&u=1706902972&v=1
.yahoo.co.jp/ Name: XB
Value: b4gum4dirqhds&b=3&s=vh
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pangle-ads.com/ Name: _pangle
Value: 2bpD9ASAptAfggKae4ef4ngA7qz
.adform.net/ Name: uid
Value: 4166585433366979255
pool.admedo.com/ Name: tuuid
Value: 910a9142-6d3b-4094-b7c8-7b7a5768c438
pool.admedo.com/ Name: c
Value: 1706902972
.yandex.ru/ Name: yuidss
Value: 8439831031706902963
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTcwNjkwMjk3MjYyMCwiNyI6MTcwNjkwMjk3MjYyMH0
.zemanta.com/ Name: zuid
Value: XkhnXDo4QIdfEngpCotS
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ffaaab61-b90f-4690-9247-ae7cbc87c761-004%22%7D
.id5-sync.com/ Name: id5
Value: 29b2a58a-30cf-7e5d-abc9-514280b8977c#1706902969008#3
pool.admedo.com/ Name: tuuid_lu
Value: 1706902973
.adform.net/ Name: TPC
Value: 1706902973229
.ladsp.com/ Name: smn_uid
Value: mhW-pWFFNCFfQ0NJfLVcghA8ZDFnOHc
.ladsp.com/ Name: lum
Value: CILX4drWMRIFCAEQqAE
.c.appier.net/ Name: _auid
Value: e5d1FQ6zAsi-QMiXvUW9ZQ
.c.appier.net/ Name: _gu
Value: CAESEMtJLXVLqlUnQGOtr8r7nDI
.gsspat.jp/ Name: gid
Value: 049ff65e0a352102aa0bc3e780b77c61

2 Console Messages

Source Level URL
Text
network error URL: https://tracker.oval.id/026b8b23-bca9-470a-b506-b867f47cc9a3/v1/user-segments/139dfee3-1adb-4011-841e-4ace5413dfa4
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEOz6x9KbWrONAW11n6ITQ1o&google_cver=1&google_push=AXcoOmReJAF8grF-y8yjEL6NfxVZ1f6ovgUO9izLrNLV5AAmcorG2ZGD_vpQ1ty2gu-iEh8Iuwh3W_HtIe3CVSSmB4ZsMxwWzsP7ygIcBjm3HEtaewgT0UGWLSf5iFFgHNCZe2Wh4QcPJvgbb6HOrRkTLORy
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.teads.tv
a.tribalfusion.com
accounts.google.com
accounts.tokopedia.com
ad.doubleclick.net
ads.everesttech.net
ads.grid.id
ajax.googleapis.com
ampcid.google.com
ampcid.google.com.sg
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
apis.kompas.com
asia.adform.net
asset.kompas.com
assets.kompas.com
b1sync.zemanta.com
beacon-sin1.rubiconproject.com
bh.contextweb.com
bid.g.doubleclick.net
bs.yandex.ru
c1.adform.net
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cms.quantserve.com
cr-p1.ladsp.com
cs.r-ad.ne.jp
csi.gstatic.com
d.turn.com
dclk-match.dotomi.com
ds.uncn.jp
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dynalyst-sync.adtdp.com
eb2.3lift.com
eus.rubiconproject.com
f3f90b2380b952a3ea9e9935dcd97d9f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
g2.gumgum.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gridoto.com
hb.jixie.io
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
imasdk.googleapis.com
imgx.gridoto.com
ipac.ctnsnet.com
kgdata-cdn.s3.ap-southeast-1.amazonaws.com
kompascybermedia-d.openx.net
match.adsrvr.org
onetag-sys.com
p16-ttam-va.ibyteimg.com
pagead2.googlesyndication.com
partnerrsc.jixie.io
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
prebid-asia.creativecdn.com
prebid.jixie.io
prg8.smartadserver.com
rt.gsspat.jp
rtb.gumgum.com
rtb.openx.net
rtb0.doubleverify.com
s.tribalfusion.com
s0.2mdn.net
s2.adform.net
sb.scorecardresearch.com
scripts.jixie.media
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.1rx.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tag.adbro.me
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tracker.oval.id
traid.jixie.io
um.simpli.fi
unpkg.com
us-u.openx.net
usersync.gumgum.com
v16-ad.byteoversea.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.gridoto.com
www.gstatic.com
x.bidswitch.net
ads.everesttech.net
cm.g.doubleclick.net
eus.rubiconproject.com
match.adsrvr.org
pixel.tapad.com
prebid.jixie.io
tps.doubleverify.com
103.132.192.30
103.229.10.211
103.43.90.117
104.16.124.175
104.18.24.173
104.18.36.155
124.146.153.152
13.251.217.254
142.250.4.132
142.250.4.95
142.250.71.35
142.251.10.155
142.251.10.94
142.251.12.155
142.251.175.100
142.251.175.105
142.251.175.148
142.251.175.95
142.251.175.97
15.197.193.217
151.101.65.229
172.104.45.159
172.217.194.132
172.217.194.154
172.253.118.113
172.253.118.149
172.253.118.94
174.137.133.49
18.161.111.34
18.161.111.46
18.176.234.133
180.87.173.160
180.87.173.171
183.79.217.124
184.26.21.27
184.51.97.137
184.51.97.92
185.84.60.20
185.84.60.23
185.84.60.57
211.120.53.202
213.180.204.90
216.137.52.102
216.239.36.181
222.230.178.28
23.106.127.160
23.106.127.165
23.206.171.8
23.47.190.187
23.47.190.8
23.59.80.130
3.112.158.142
3.160.188.50
3.5.149.125
34.149.43.113
35.163.61.116
35.186.193.173
35.213.12.39
35.227.252.103
35.244.159.8
35.247.47.28
35.71.178.8
35.76.19.218
42.99.140.179
43.129.34.148
43.129.34.52
50.116.239.135
50.31.142.255
51.255.68.171
51.79.152.76
52.199.16.172
52.222.144.85
52.84.42.47
52.84.45.62
52.84.45.86
54.148.120.126
54.151.166.244
54.151.237.84
54.156.224.85
54.168.194.38
54.230.112.100
54.238.120.71
54.65.92.192
64.233.170.154
69.173.158.64
69.173.158.65
69.173.158.67
74.118.186.107
74.125.130.119
74.125.200.156
74.125.200.94
74.125.24.156
74.125.24.84
74.125.68.102
74.125.68.155
74.125.68.95
74.214.196.131
89.187.162.136
89.207.22.76
00e600385783914fd7fca5a40ee9aedd3eff578235d92813c5cd29976ab7acd0
01040c5ecf346412aa7fd7ae5a2a3fb6f59f8827a604e90be3258f0f9c924253
0156e9de2dc4aa6709952330b7052b7aae571d7332f082ccbae987b8c6853de8
019896fcd906b732c768016a7ce3695b56b8ad077b709d9cd8925e8444b4e92d
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03c030ba67e8c18d496a7c97e8262fa929d599deda978778da63ce8859c15900
0440aa3379ad312e26e9a66d6ce6cce7b199537e29f4996ffc7ef852553c7ed3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
067d9b14d97656b91323b45c7d7efbd6e1f054bf1ed5534bf24a90466570971c
06f57812419d63e8a1ec11176dc671244a7dec2364b6f18f30bfc4861e1b80a8
079631c1fe46563971edbb7b9955f112b5f9a699f0131fb9ca37a5201b44dee6
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0908706be57b3ce7d6d6a3d0074b24228c3b191fb3a70673e473cdc154bd51e3
0b2e405022468a100cf76962723d696e3c0d93e67f0e54efda5dbe778d6c85c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c382289ab4ca6d2aeb4d2c5fa3e4c668d0ffa5e938dce88ffb80cc96a48f43a
0dbdf149ed66d1b3400fbfbe5949d49d850b97d7a33222dfa4326b113b1ecc48
13d4dcf6ee0153bb3283714671fb0a53043f2c6a553d067267bcbe21d442723c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1824ef0b5074e0d055c51de0db27684daca92d5077225951e277e1ea7bf5bf8f
1a64924ad6dafb421bd25430fccf14720ca013cc9e3142517bb51b1367e2d53a
1ad9674f27e463332eafdac79b370a6315f475667728a3b365835609a4757eac
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0d2b11c10bea242ff0a659b9ff5c6d18eee9dd91c417411d29e5729a9e6036
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fc937d407a80bc9876ef28260a615bb1ee5e394afd2e0ad2fca309535995b2f
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2198a83adb021e91741237412b01f39e2fb2bd1469523d533b43a760c9ea782f
221be6fcf0feedd4fdaccd604ba0fbb8896a7a22bd5ec7940e2c973b35286e3f
22727b0e420336026bdbd8db9a200762e7e157f9cc5538747c4c1be1fc80d398
23064e3e3d8b8e15a80160f76f48ff440dcb8dce30584816801761de43221a45
26f321176cd418bc971a63b94d68633cf28a572b7303f2aaf2b24ce457c0e7c9
2926034b689945162c2b2873cdd8afd28a39bce7837dae2cc027cd5bd8b5a10f
2a2f33c436f1895985537a107a71d12da966b277a35bd1005d67d83421b43c1a
2c102b19bfa6f14369a635beabbff435945fed09d64f5484abc29d1b9390e75e
2c16c8296ab71eb861dabd7a644527900c6a2aca2beb2c4aab496a039ac11ed5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e9b8575a4b5c0f85e46b34d9a650ebfa3204cca3f398c0a45ecd53d0f0f9274
3131795b06dea0b432e206f99d18931f3c4023d43a36dcebaff55aa282f3b98e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3356d32e090e8bbba0880262bc183029fc1b4e21707c7af894a8a6f395fd8e29
344dc3edbdcce82933ceeb9633b59e6564c4cc1a36fc74c5b4d52656b04302ae
34f410da3a00092949f20a2e802b6a40aa9761953a121df4701a517eafc96ca8
34f71260d09af021e3c8fa3f2a0f9b9db3e26811d8d5d1ad20bacf614f6f643a
37487478b24c2cb75eb8affb037fbc2666d8fd8e1e49f584de85a039cf879819
39b77adb365ae8dffae3b2c931aa0b42d4de991b6f9c3d659f6a48b3d9cca15f
39d1aa27ac537234e6cca6a8391048fe49d5f6da794d00b92cee4412b77d802b
3b5968101e04a0ca713a6789543d6c4b61cb81aa7c4134f22ef2682ae6249204
3e208e81b3ce0a867a3443d22880deb0f4e619f84f0ee20dec0ea87abbf0e2b9
3e6c991ee063c5ae971a76cc9bc46956f860db0db4c98ee1e608f8369c66e871
3fb7debdf3bb090673141e7d7b81f9119cd258e26b8a6afc36694eea1d0a84da
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41776fb96ddc3d27fc409e94a0471e6597cedad553e8e68e6c9bc5f32c5c41b4
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
432bbbd1f881787a16cc58eec9206b765bd30cbe9829ea82bb16fe89b9ea9957
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43812577c59ff0ba14d12d41fc67ff3fa504b34eb46d0b064243cd2769352b53
43e9b8efbf09e93f574c30dae5c301e7e48f1cc613548b34600daf1832af3caa
460591afec6d390a52c4e58d70d34200000d9b95b441cf406df45af347dc7858
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496d9d3400faf301bedb34080e296142b9fbcbf98d7efe326ebf57584cd78eae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7da2057c3a37a4c49b313a989f78fbc91ba50ba03725afcde21477b56d3378
4bbd30439575c4c1ec03fe85c7a3ccb592b6d67e52a6ba7d57d35846577f3822
4cd9f2fd5600da8f4f2c409185b28b56fb7171c1f9c62eb3f4d906db58f1f930
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f055da525cda4ec2f1eda5a5fc553c1794b8a5a76d745f6ef21c9de97be459d
4f6cdf4a5fd22ce2789448f76f18191987e2a741f88fa07a6bf57cff4a476963
4fc0058bc4ebfc454067538dff139e3910b3b7ca4ed98ca4cc7f57dc110df06f
50a6ab42c4fab62ec06c9672ed0e86932294683ce4933f8e8c3c3b5d85d14264
52b4515a7a7f81cce755af23a14d1467abda12ad451dd3bd03224907a0815504
5359958935941ec9462591cec2b8d1da312896c51d42cb8df61546b71aba33db
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
563d663e7c6f0140c86e1318a3f0f051a18593a3f586f804f89a9b67cd9f49af
58127ef3cee572aff575009598114aafe3077ffb68287828a87f3d3b56f3e05f
58b250e8d3c2bcf65704cc7552196205b36940d11cb2335fdc0653fa3b48452a
59d38599195139ad88a9e09a3c6b37b83ab9ca400805da08dc93d62fe2025d8d
59da79aae3797c8022aa6dd0f4ab33d5b10c171d6af6cc43eed1bd776f88f0b4
5a3a7a2c91fd7277a40f1e2269da0fea83c99739d0c7f2e2f9aa471cfa37efcc
5b3d817aca7b645eb9d4563a24aa147740ef279bf2f2b0986564fccf35c41061
5d6a1b09de90d6f0c4d6f4350ad72e0a9426bfc7c812ce986e19407d43fa2602
5d7c4c050fdcfdc0319954fe8f2a09365d1ddee7932fdba5c94c99ea99639924
5e212f9be2fcc03a0553b54beb6816b8b900357923b1c62a5f2cddf805671d93
5eda290d9452824cad6091e120d5b1458de51c9532824eadd102e8d8c9036c99
5fafece64f62ecbbd9597cf738b2fd033f6b929c69e9ac4b96272e634e70e1a6
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66bdb7956c2c20e913748b1c70ee39f83d4bed10309e51e100e703200c4aaaa0
6728f6465cb558dd6a0f253401ef02cd364a66e81efef45805856bc1b93d9944
67aec9700707c3544b7dda80da75449107e6b0daf7890bb4365d2a1f70f9a65c
67c150bf7bcd5bf240b59644501b4490d21426a3416e5d39a598e0535b488b2b
69ff80b1f39dcef3c8847941b7d46fe0b5274c098a22918179de39db44bfa1f1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b91d521a640e5667eba1a3f4cedd1bbbe506940430922b904ef2fcefcbe88de
6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b
713a99c48e02b90834b7fba522bfce3249e8dbf7c719b9daa10ef98bf0fd33e9
71e4192ca604daca238b4a0c6523b3ae613ed8820697eda1667c8e123c07b601
7254131d3b01ac94013bd5cb4e111b7e68ed8550cfd4ed95f0193b7b33513ee9
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74941a7c02b56b93f35f377e0d03f0b222b6785bf8c5b98fd8439680aee24dd7
74b7579d2d0e26467f4ba1b71e3cb9aec713db49ac6d7b74e1220dfbbeb32493
75d0c20052bd374a2a5550ab475b4b1589ccd78dc2120de4ff9b91b1d586941d
78ff6466224df98524cf6c8d784347189585d19fa1f9606a8ab8313617e6dc7f
790ed97f913e3a42a6fc482cd444ccbdeff27af8f36a52f52f939e8ad08d9f14
7a16b7d0e707f96104961395747c7e9a2e6ed3a4e4eccdf92a990060bfeb60b0
7a98efbd48e727770b5d6f5bc67c24a9b37d4e95ef05d0b2d81362e16ee0f52c
7c89e1006689eb98f721c7dd029af394693c87991959f187281954092f36615b
7d83ba0811457eb2df7c37e2b265c3993a5c315a8657521d45f1c06c50d56960
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dde5327a6649b85728a53d294060fbb17dcf9f4b2f8d3b0bd7ec7f97a14e789
7e732f81ce725d2831eaf2413925b1647ed9c61e9247a307f915ef302f471d2f
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
7f9b8b2651a0f775543e87532fc3fb4edc643ae7c67bbd45ac37f9a33859c05c
7fcc447aa5fd412a93c3439e1417d1e9d5e07452bc160fd7073d97fb1172b5c6
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
8172ce5d108e0d250163488dac0ff7daa64dfd641a16b1b606170803684a109a
81b32949b21807f00f7769135c4b8b482c0dc4bb9b84f5a7472b5c70ee7d3a9c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842f0bf6fb491b61e79ad047cb1e2ba514b994a2e258cceef29983b1ba74ad44
8431b25bb9205ccd0ceed08c7430ad09a5925053183ef5f67bb12141acfdd6ab
8b61725beabdf0afb9ca455f4757609d8f8536b307c948aacedcb1b1354ef80b
8c0e1f95aa09754b10449fd8cd7f2e76d8f232d1038b6cf7454db558ac79962e
8e6eb64e7415016ab12b6fcf5167acd2470176db5312c06913a13ffe8b34ac8c
8f42fb821bad2dde3d26349f3d002bda7e1f80f82c1a670d450b0d8164b768be
90ce33a833c1c479092e7e51130dcb4c66f5adaccb041f2ecb37f4e84be3fdab
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91f843b9eaf44456e505b51215d694964867dc0aa59e3b5545efb80e752d4032
924fb6b475fc4bf95627a25d59c7d0dd93e413d696fad2610eb5b4e68bbdf5a1
92f542adf7cf045bc51284711f297f45659f9388f9fcdb389e6d0536de1e567a
948ada99051f251d3aaf277f01eb9d04b7a873572e117145c5ef710b28f8573b
954b13d80b451386e8dd32e422c50d37aa2e5867ce7566a8f9fe652e47548ac2
96312839e203fe236e83eb167279b158ac7fe4f7394a5c50545cc1fff6bc57ef
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
999c40fafd231bcec465339a73efe5bf7604de0dcb68e45650d8a294485f33fe
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b66ad685b5dc7f12fdefbf70d6e5cf26a30f3626f75a621491c2addfb0a371e
9c36517a408bffbe9655e769a230bc1fe2fa3e9ebf557aef24c08378e81da7f2
9e30e4aa6393737f33d17631e954cf2e5d3c8cd3cd1016b053b94c46b2d88c7a
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0fc50e45d9a5fd4f6de5434f6997f30d240f83bf815088a68beeb843f0b8c8e
a10ab74918e9f1f3738005ccd8281b01eca812a88ec8fe755e23445072246c13
a5364650aa0cb2cec4c886f100ea126443dd9607331170855f230f610c24bbda
a5690d872e7d339a26df1d3a91c9bd962d8f31870aebd6d623cb7a4ddf2a8571
a5e0104d6421cf17fc1312b0190e7c5357a59c10dad1d9bbd3b48b1d3aa30985
a68fcd3f2b8a0babdd32d798a5af06f37f8ee88605a972c08c9ccbd4312896c9
a6ed2efcbec6a678e202597504af620372e2daa474491ba07481a5afe6fc92bb
a86a94a29d4f3803653b06c22db18504637b56c218fb3873e54bc90bfcb67913
ab8a8ffa9b1809e2315e21cde7a4d07503c8cd2bb18614bfa4b671045760f694
acd57e79b4881ec0feb6d7830bc15e03b566b2ab8c836d2233aff823b88a4aa9
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1128adb79c7208d410630c04fe6e8ac8886aeb778aafb3f4195fe735acc1d89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b198b4c9b992aff4bb82991f3ee2279e2548037c73b1414f5faff6c1d1bb15ca
b290618c6a5c2dd4b007f08778431d033d20fd379b4e9dc4f173e11e2a965116
b2bde2cfb587ff65fd8894cd2784e2cfc3a4e69d3b703bc14814ef19818ef033
b32505639caaf59c0bc9f0d53064bd00701d9ce70062295d2441b04c1b25cfa2
b69c396d7f3e90a7d9c557a8aa2dce50db29c018fe1867046630fc86658fa18a
b76eebf57b8661717f074da7dc163453dd7da77e438d86597967423b076603c9
b956b883772b6d0f0ac383019e723ff95acdf5d63efc324a9bf2409095656d85
badb9fc3b8f529c75d741beb9705b5b57490f095103848d70a7120efbc54a4ad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb72ac614c7ea0cc352c28e0d2396a56b79908fc5a9b3b9a389f9eea146c7c07
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
bc72c07030ee5f7c0c5c77f606d1ea8a8dbdabf04d10c3d89f881e72f480e5da
bd0227b00004613a927308d7f226e78753fef52c41e5b472f2254a4076ace73e
be0f062e720cd82841e4116ce1e3fa7e8e741695b77123b1c917009f817e225d
bf55e8f971a71ab29b20601372b89a73d3138f8a708efe0e6d58c5537323ce52
c009ac686105fb45eb8dbc153d9202f9d0f93a9989140c023d0c46a80f78ffd7
c142cf847b8624f43893f14c50075855aa56eae9055249898539f6b510659980
c2386d82c6b2538e1ce74645158a71fea5d1b908f04690bf9cf490458ddf85a4
c253109c5e48ae6d2bd62028932e1b2b7fd72a16967d3ba084da90fcd0f74ffe
c2b1c29f1e4c1ee1437c94660bef3e14f9164845c1d71a1b1698a4a92257aba2
c39bb49f66ed958238a974591fadfe80b86484238bf211bfb9a6a0b70c6293ec
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c9aa1d7770e262eecf21344b103f9a2b52ffd97beabbf855dcdf050d545c2d29
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb8fad6a2b1ca6ae6e5f80aab607ffc7c4c001a672badb3c757b3cb9a60ebd38
cbcd80df687708a3eefbe3dcc30a96767d1b00e59898aadc9cb5d2436b92d78e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
cf7fa00b9e1d696bce006b3a599f03086f44987c6b19b4dda8063c69a403df25
d1e3ef13e44d040cfdce0aacae314925903a0c5d19d41eb8a391539818bc3a00
d220d6b1d29a9ffe3efe18a465d043387cf65aa6639ca3cba48546ae87538f0a
d52efd688c566fd35c68e76c56b795babf0cc067f5f508a77c8bbe5d7be8c339
d56db1f8f77b25d9be815d1e078d6779473b23f04145d7cc6bda38df11146417
d6bd96f87483739e231a0fdc135566fa1f57eb7d206dac3cc775635039115afd
d7977ba839b64b777deb2875bbdbf3736070d49241be7c9ecbcddaf9739059f9
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
da00f15984494a6ffee94be8243e040c31e15730408eb7f57886155f55f91a70
da1cc3c45fbd4743c15e37b84e2993a984987eafac57da60436f59b1e4affc76
db6afb65d3fe14a65d2aa3522cd54ec93f37b0c90512a1d05fdfd20dfe7fb011
dbd1dcb3c5ebfa57fc0865d87b3fe9aab6fbbc59798505c682fa77a66b38db1f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6c6ac209cad1173a9eec675425c475ec0d6ca5ce2669e2808d6ac273549f1c
df6db6fa0c9f9b5efae313b4e40fdd431f01f424bb385662d88c92c9f81dcbfb
df77a6022174064d2efedf9cd0ab115bab39bca1788a3ed704bfabfae02cfdd4
dfc1030cbc4043633193866e93e378b2db965ca4cfce4befb2415f8e073065d4
e02ea0e6065f2fe880b8219f8a3262768cfa562d22b347e48551326de09e783c
e02f9ab3e3d3ba339a3551a90fd56574c48f127acfde5453d5bd76e9b92e1ace
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7a06001251f6162c86f637f48b5d7f62777234a8fda03a8bbda0f6b46f2a9d7
e8bce37dbdd629f680fb5d0e670ee0e6a2fd29c8c84d7013f7eab08b9589a1c1
ea2cd32350b83d4b793d5235b2bd920edefc2a5f67a92154c1379874cad65134
eb3130596a6dd5402a095224498b27051591bd97950d1cb04580f194991e1dda
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0a09cd80a7d1963cacf7d1381270598de7fb5b424bb31b74198ec490b5034d
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed92f7ae86206ee9ffebd000e6fe8b4c88e21e4a723372fa53f0a30c2e98b5bc
eef2525c2fdb145070cc666174212f34c138606674ae23e4a7d035a88282a048
ef18eb1587d67f59a495697d71792aef77eeebcc345ee818d6b37e188ed55dac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0b5187a74d6d10b0d7a289040ee7b4d34399b660b2598c03f6e9b03d3274094
f0ee29ce372941903d91363424523fabd33344524c315588b573ff3382bfffee
f0fda098b0d7515fd624a7c82d9a4649cd727681c5d8f9afc46dae06258bbf53
f3623ba746955e7c482d6c0496565c4f2ab270ddfb9428e38edbec92118738d2
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56626feef118edb73b33c150593c0cf4b5a1a3448bbd1bc426866c524a99e09
f577323c14a61623df6ca1cf0a886e8d4378a99942da44ae7926fc0113b1796a
f700ceccd155271f555f6594aa9f804e5308b426f9fd133948697653217a76d4
f8c56fe8975d3c881b32f1d998c1925ac372c560cbf051132c55f42ba2ce15c8
fb3192b8e5895093b5733892aa8970cfdd19c99117c3278c24a91d61dc7cf741
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fce796abed785346eed93f0747c488718a711f8aab60d6b0a718770df8563985
fd3c9e7640b5c659b5e8886e5739ccf8a02d6ad4be65f76b7a3ff634ace61a91
fd51de5f39d5745037dae822cc9d6f205eff381c202814fc25edb3f41d79e1eb
fdc5a967bb7a49a372a7b3acd9f4010c6439274e1caa52949becf5b7ab4e198a