urlscan.io logo urlscan.io
SecurityTrails logo

www.betootaadvocate.com Open in urlscan Pro
172.67.21.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.betootaadvocate.com/
Effective URL: https://www.betootaadvocate.com/
Submission: On January 02 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 10 countries across 101 domains to perform 401 HTTP transactions. The main IP is 172.67.21.25, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.betootaadvocate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.
This is the only time www.betootaadvocate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.22.51.212 13335 (CLOUDFLAR...)
73 172.67.21.25 13335 (CLOUDFLAR...)
14 54.192.150.46 16509 (AMAZON-02)
2 74.125.68.97 15169 (GOOGLE)
3 138.199.46.68 60068 (CDN77 ^_^)
3 151.101.192.176 54113 (FASTLY)
1 3 104.18.41.104 13335 (CLOUDFLAR...)
19 104.20.107.62 13335 (CLOUDFLAR...)
1 185.146.173.20 13335 (CLOUDFLAR...)
2 74.125.130.95 15169 (GOOGLE)
3 54.187.159.182 16509 (AMAZON-02)
2 13.224.250.128 16509 (AMAZON-02)
1 44.239.215.175 16509 (AMAZON-02)
4 142.251.10.138 15169 (GOOGLE)
2 5 52.84.45.14 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 1 13.33.33.49 16509 (AMAZON-02)
2 13.224.250.20 16509 (AMAZON-02)
2 34.102.229.135 396982 (GOOGLE-CL...)
5 64.233.170.95 15169 (GOOGLE)
1 18.205.36.100 14618 (AMAZON-AES)
1 172.217.194.155 15169 (GOOGLE)
9 74.125.68.94 15169 (GOOGLE)
4 23.227.38.74 13335 (CLOUDFLAR...)
6 13.33.88.110 16509 (AMAZON-02)
1 172.67.25.151 13335 (CLOUDFLAR...)
6 74.125.24.157 15169 (GOOGLE)
5 34.120.111.33 396982 (GOOGLE-CL...)
5 104.22.0.93 13335 (CLOUDFLAR...)
2 54.91.59.199 14618 (AMAZON-AES)
8 23.227.60.200 13335 (CLOUDFLAR...)
2 104.26.8.169 13335 (CLOUDFLAR...)
1 13.224.250.21 16509 (AMAZON-02)
1 13.33.89.72 16509 (AMAZON-02)
1 151.101.129.229 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 182.161.73.129 55569 (CRITEO-AS...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.149.50.64 15169 (GOOGLE)
1 54.199.31.211 16509 (AMAZON-02)
5 9 103.43.90.179 29990 (ASN-APPNEX)
1 104.83.197.63 16625 (AKAMAI-AS)
10 131.153.206.101 59210 (PHOENIXNA...)
3 13.112.177.149 16509 (AMAZON-02)
2 69.173.158.65 26667 (RUBICONPR...)
2 3 104.18.36.155 13335 (CLOUDFLAR...)
2 4 35.227.252.103 396982 (GOOGLE-CL...)
1 207.65.33.78 62713 (AS-PUBMATIC)
1 52.77.10.176 16509 (AMAZON-02)
2 13.251.194.25 16509 (AMAZON-02)
8 142.251.10.157 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
4 182.161.73.136 55569 (CRITEO-AS...)
6 34.98.64.218 396982 (GOOGLE-CL...)
7 7 15.197.193.217 16509 (AMAZON-02)
2 2 211.120.53.206 4694 (IDCF IDC ...)
3 3 13.33.88.71 16509 (AMAZON-02)
13 24 172.253.118.157 15169 (GOOGLE)
13 64.233.170.132 15169 (GOOGLE)
3 104.83.196.24 16625 (AKAMAI-AS)
8 23.36.48.24 16625 (AKAMAI-AS)
1 74.125.200.154 15169 (GOOGLE)
5 172.253.118.132 15169 (GOOGLE)
2 172.217.194.105 15169 (GOOGLE)
1 23.49.60.130 20940 (AKAMAI-ASN1)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
1 3 13.107.42.14 8068 (MICROSOFT...)
2 6 67.199.150.81 3257 (GTT-BACKB...)
1 133.186.161.88 45974 (NHN-AS-KR...)
1 1 51.79.152.81 16276 (OVH)
1 1 23.106.127.52 59253 (LEASEWEB-...)
1 104.22.4.69 13335 (CLOUDFLAR...)
2 141.95.33.120 16276 (OVH)
2 10 52.223.2.229 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
6 7 185.84.60.20 198622 (ADFORM)
13 13.112.54.241 16509 (AMAZON-02)
1 172.64.149.180 13335 (CLOUDFLAR...)
4 104.83.198.23 16625 (AKAMAI-AS)
3 104.65.228.208 16625 (AKAMAI-AS)
2 3 151.101.2.49 54113 (FASTLY)
2 104.19.158.19 13335 (CLOUDFLAR...)
1 2 54.150.124.92 16509 (AMAZON-02)
3 3 54.165.166.176 14618 (AMAZON-AES)
1 3 35.244.159.8 15169 (GOOGLE)
3 5 18.136.146.191 16509 (AMAZON-02)
1 220.150.223.50 4686 (BEKKOAME ...)
3 3 50.116.239.135 6336 (TURN-US-ASN)
8 9 35.213.12.39 15169 (GOOGLE)
2 2 182.161.73.146 55569 (CRITEO-AS...)
1 1 74.121.140.211 30419 (MEDIAMATH...)
2 20 207.65.33.82 62713 (AS-PUBMATIC)
3 3 67.199.150.82 3257 (GTT-BACKB...)
1 6 207.65.34.74 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 13.251.47.187 16509 (AMAZON-02)
1 119.9.108.180 45187 (RACKSPACE...)
1 2 34.126.167.117 396982 (GOOGLE-CL...)
14 21 69.173.158.64 26667 (RUBICONPR...)
1 162.19.138.120 16276 (OVH)
2 2 103.229.10.211 16509 (AMAZON-02)
2 2 54.158.172.237 14618 (AMAZON-AES)
1 1 23.50.93.199 16625 (AKAMAI-AS)
4 5 18.143.106.89 16509 (AMAZON-02)
1 37.157.6.237 198622 (ADFORM)
2 3 209.191.163.208 14744 (INTERNAP-...)
1 207.65.34.87 62713 (AS-PUBMATIC)
2 4 52.46.151.131 16509 (AMAZON-02)
2 3 67.220.226.232 16509 (AMAZON-02)
2 2 54.250.9.123 16509 (AMAZON-02)
1 18.140.29.15 16509 (AMAZON-02)
1 72.247.127.240 20940 (AKAMAI-ASN1)
1 1 13.227.254.23 16509 (AMAZON-02)
1 2 13.224.250.83 16509 (AMAZON-02)
1 2 35.186.193.173 ()
1 13.250.207.233 ()
1 1 82.145.213.8 ()
2 3 35.244.154.8 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
2 2 89.207.22.140 ()
1 1 172.105.221.240 ()
1 35.79.38.31 ()
1 195.5.165.20 ()
1 1 35.214.187.199 ()
1 8.18.47.7 ()
2 2 52.74.26.171 ()
1 1 198.8.71.130 ()
4 4 74.118.186.107 ()
401 104
1    104.22.51.212 (None, )

ASN13335 (CLOUDFLARENET, US)
www.betootaadvocate.com
73    172.67.21.25 (United States)

ASN13335 (CLOUDFLARENET, US)
www.betootaadvocate.com
betootaadvocate.com
14    54.192.150.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-46.sin2.r.cloudfront.net
a.mailmunch.co
2    74.125.68.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f97.1e100.net
www.googletagmanager.com
3    138.199.46.68 (Singapore, Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-46-68.bunnyinfra.net
widgets.snack-projects.co.uk
cdn-header-bidding.snack-media.com
3    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
capi.connatix.com
19    104.20.107.62 (None, )

ASN13335 (CLOUDFLARENET, US)
omny.fm
1    185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)
sdks.shopifycdn.com
2    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
ajax.googleapis.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    13.224.250.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-128.sin52.r.cloudfront.net
m.stripe.network
1    44.239.215.175 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-215-175.us-west-2.compute.amazonaws.com
m.stripe.com
4    142.251.10.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f138.1e100.net
www.google-analytics.com
5    52.84.45.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-14.mrs52.r.cloudfront.net
www.omnycontent.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o479328.ingest.sentry.io
1    13.33.33.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-49.sin2.r.cloudfront.net
cmp.quantcast.com
2    13.224.250.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-20.sin52.r.cloudfront.net
cmp.inmobi.com
2    34.102.229.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.229.102.34.bc.googleusercontent.com
monorail-edge.shopifysvc.com
5    64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net
fonts.googleapis.com
1    18.205.36.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-36-100.compute-1.amazonaws.com
forms.mailmunch.co
1    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
stats.g.doubleclick.net
9    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
fonts.gstatic.com
4    23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
betoota-advocate-shed.myshopify.com
6    13.33.88.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-110.sin2.r.cloudfront.net
tagan.adlightning.com
1    172.67.25.151 (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
6    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
securepubads.g.doubleclick.net
5    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
api.edkt.io
5    104.22.0.93 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.pbstck.com
refresh.pbstck.com
intake.pbstck.com
2    54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com
analytics.mailmunch.co
8    23.227.60.200 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com
cdn.shopify.com
2    104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    13.224.250.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-21.sin52.r.cloudfront.net
tags.crwdcntrl.net
1    13.33.89.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-89-72.sin2.r.cloudfront.net
cdn.prod.uidapi.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    54.199.31.211 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-31-211.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
9    103.43.90.179 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
10    131.153.206.101 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
3    13.112.177.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-177-149.ap-northeast-1.compute.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
4    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    52.77.10.176 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-10-176.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
2    13.251.194.25 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
8    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
pagead2.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
snackmedia-d.openx.net
7    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
cr-p1.ladsp.com
24    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
cm.g.doubleclick.net
13    64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
tpc.googlesyndication.com
3    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
8    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
cs.media.net
1    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
www.googletagservices.com
5    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
cdn.ampproject.org
2    172.217.194.105 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f105.1e100.net
www.google.com
1    23.49.60.130 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-60-130.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    67.199.150.81 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
app.cauly.co.kr
1    51.79.152.81 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip81.ip-51-79-152.net
onetag-sys.com
1    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
7    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
13    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
4    104.83.198.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-198-23.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    104.65.228.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    104.19.158.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    54.150.124.92 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-124-92.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
3    54.165.166.176 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-166-176.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
5    18.136.146.191 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-146-191.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
20    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    67.199.150.82 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
6    207.65.34.74 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    13.251.47.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-47-187.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
21    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    54.158.172.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-172-237.compute-1.amazonaws.com
sync.ipredictive.com
1    23.50.93.199 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-199.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
5    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
ce.lijit.com
1    207.65.34.87 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
4    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.250.9.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-9-123.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    18.140.29.15 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-29-15.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    72.247.127.240 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-127-240.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    13.227.254.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-23.sin52.r.cloudfront.net
live.primis.tech
2    13.224.250.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-83.sin52.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    13.250.207.233 (None, )

ASN- ()
cm.adgrx.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
3    35.244.154.8 (None, )

ASN- ()
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    89.207.22.140 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    172.105.221.240 (None, )

ASN- ()
gocm.c.appier.net
1    35.79.38.31 (None, )

ASN- ()
dps.jp.cinarra.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.214.187.199 (None, )

ASN- ()
csync.loopme.me
1    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
2    52.74.26.171 (None, )

ASN- ()
pm.w55c.net
1    198.8.71.130 (None, )

ASN- ()
p.rfihub.com
4    74.118.186.107 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
Apex Domain
Subdomains		 Transfer
74 betootaadvocate.com
www.betootaadvocate.com
betootaadvocate.com
2 MB
40 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
image6.pubmatic.com — Cisco Umbrella Rank: 1215
ads.pubmatic.com — Cisco Umbrella Rank: 811
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
image8.pubmatic.com — Cisco Umbrella Rank: 1098
image4.pubmatic.com — Cisco Umbrella Rank: 2201
image2.pubmatic.com — Cisco Umbrella Rank: 1555
ow.pubmatic.com — Cisco Umbrella Rank: 2373
simage4.pubmatic.com
44 KB
31 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
204 KB
28 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
44 KB
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
91 KB
19 omny.fm
omny.fm — Cisco Umbrella Rank: 26633
446 KB
17 mailmunch.co
a.mailmunch.co — Cisco Umbrella Rank: 33135
forms.mailmunch.co — Cisco Umbrella Rank: 35509
analytics.mailmunch.co — Cisco Umbrella Rank: 74204
435 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2297
usersync.gumgum.com — Cisco Umbrella Rank: 3044
rtb.gumgum.com — Cisco Umbrella Rank: 2293
6 KB
15 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
oajs.openx.net — Cisco Umbrella Rank: 2214
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
us-u.openx.net — Cisco Umbrella Rank: 930
jp-u.openx.net — Cisco Umbrella Rank: 10572
snackmedia-d.openx.net — Cisco Umbrella Rank: 130101
3 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
assets.a-mo.net — Cisco Umbrella Rank: 2362
10 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
warp.media.net — Cisco Umbrella Rank: 3492
lg3.media.net — Cisco Umbrella Rank: 7860
hblg.media.net — Cisco Umbrella Rank: 2922
cs.media.net — Cisco Umbrella Rank: 1972
102 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
6 KB
10 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
5 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com — Cisco Umbrella Rank: 957
secure.adnxs.com — Cisco Umbrella Rank: 793
24 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
5 KB
9 gstatic.com
fonts.gstatic.com
318 KB
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
cm.adform.net — Cisco Umbrella Rank: 1664
4 KB
8 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2157
274 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
5 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 708
fonts.googleapis.com — Cisco Umbrella Rank: 115
47 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
q.stripe.com — Cisco Umbrella Rank: 13887
m.stripe.com — Cisco Umbrella Rank: 2365
165 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
dis.criteo.com — Cisco Umbrella Rank: 943
8 KB
6 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8390
cdn.pbstck.com — Cisco Umbrella Rank: 8914
refresh.pbstck.com — Cisco Umbrella Rank: 45526
intake.pbstck.com — Cisco Umbrella Rank: 9071
113 KB
6 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 3891
145 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 323
104 KB
5 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 14660
api.edkt.io — Cisco Umbrella Rank: 14359
9 KB
5 omnycontent.com
www.omnycontent.com — Cisco Umbrella Rank: 34211
38 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
id.crwdcntrl.net — Cisco Umbrella Rank: 4038
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
14 KB
4 myshopify.com
betoota-advocate-shed.myshopify.com
7 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
3 1rx.io
sync.1rx.io
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
3 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
904 B
3 rlcdn.com
api.rlcdn.com Failed
idsync.rlcdn.com
901 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
2 KB
3 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 16443
cr-p1.ladsp.com — Cisco Umbrella Rank: 67056
2 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
2 KB
3 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 10241
match.justpremium.com — Cisco Umbrella Rank: 6905
6 KB
3 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 5110
capi.connatix.com — Cisco Umbrella Rank: 1732
4 KB
2 w55c.net
pm.w55c.net
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 pippio.com
pippio.com
882 B
2 ctnsnet.com
ipac.ctnsnet.com
666 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1479
sync1.intentiq.com
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
965 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
1011 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
2 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2287
25 KB
2 shopifysvc.com
monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 3267
537 B
2 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4373
44 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2891
16 KB
2 snack-media.com
cdn-header-bidding.snack-media.com — Cisco Umbrella Rank: 75174
165 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
148 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
527 B
1 rfihub.com
p.rfihub.com
791 B
1 deepintent.com
match.deepintent.com
44 B
1 loopme.me
csync.loopme.me
225 B
1 iprom.net
core.iprom.net
277 B
1 cinarra.com
dps.jp.cinarra.com
38 B
1 appier.net
gocm.c.appier.net
436 B
1 linksynergy.com
tags.rd.linksynergy.com
403 B
1 opera.com
t.adx.opera.com
555 B
1 adgrx.com
cm.adgrx.com
230 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2303
558 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
650 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
280 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
283 B
1 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
220 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 16688
655 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
737 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 8048
243 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
2 KB
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
350 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
512 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
439 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 63245
161 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3016
296 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
62 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
386 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270
375 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
895 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276
3 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 4731
600 B
1 sentry.io
o479328.ingest.sentry.io — Cisco Umbrella Rank: 52443
324 B
1 shopifycdn.com
sdks.shopifycdn.com — Cisco Umbrella Rank: 59247
60 KB
1 snack-projects.co.uk
widgets.snack-projects.co.uk — Cisco Umbrella Rank: 132042
2 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 a-mx.com Failed
id.a-mx.com Failed
0 nex8.net Failed
cs.nex8.net Failed
401 101
Domain Requested by
73 www.betootaadvocate.com 1 redirects www.betootaadvocate.com
24 cm.g.doubleclick.net 13 redirects google-bidout-d.openx.net
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
eb2.3lift.com
rtb.gumgum.com
19 omny.fm www.betootaadvocate.com
omny.fm
14 pixel.rubiconproject.com 9 redirects
14 simage2.pubmatic.com 2 redirects ads.pubmatic.com
14 a.mailmunch.co www.betootaadvocate.com
a.mailmunch.co
ajax.googleapis.com
13 usersync.gumgum.com cdn-header-bidding.snack-media.com
rtb.gumgum.com
ads.pubmatic.com
11 tpc.googlesyndication.com cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
www.betootaadvocate.com
cdn.ampproject.org
tagan.adlightning.com
10 eb2.3lift.com 2 redirects cdn-header-bidding.snack-media.com
eb2.3lift.com
10 prebid.a-mo.net cdn-header-bidding.snack-media.com
ads.pubmatic.com
9 x.bidswitch.net 8 redirects ads.pubmatic.com
9 fonts.gstatic.com fonts.googleapis.com
8 pagead2.googlesyndication.com cdn.edkt.io
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tagan.adlightning.com
tpc.googlesyndication.com
8 ib.adnxs.com 4 redirects cdn-header-bidding.snack-media.com
eb2.3lift.com
acdn.adnxs.com
8 cdn.shopify.com www.betootaadvocate.com
sdks.shopifycdn.com
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 match.adsrvr.org 7 redirects
6 image2.pubmatic.com ads.pubmatic.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 securepubads.g.doubleclick.net cdn-header-bidding.snack-media.com
tagan.adlightning.com
securepubads.g.doubleclick.net
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
www.betootaadvocate.com
6 tagan.adlightning.com cdn-header-bidding.snack-media.com
tagan.adlightning.com
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
5 ups.analytics.yahoo.com 4 redirects assets.a-mo.net
5 pr-bh.ybp.yahoo.com 3 redirects snackmedia-d.openx.net
5 cdn.ampproject.org www.betootaadvocate.com
5 us-u.openx.net 1 redirects google-bidout-d.openx.net
snackmedia-d.openx.net
5 fonts.googleapis.com ajax.googleapis.com
a.mailmunch.co
www.betootaadvocate.com
5 www.omnycontent.com 2 redirects omny.fm
4 simage4.pubmatic.com ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects
4 eus.rubiconproject.com cdn-header-bidding.snack-media.com
eus.rubiconproject.com
assets.a-mo.net
4 gum.criteo.com tagan.adlightning.com
gum.criteo.com
cdn-header-bidding.snack-media.com
4 rtb.openx.net 2 redirects cdn-header-bidding.snack-media.com
snackmedia-d.openx.net
4 betoota-advocate-shed.myshopify.com sdks.shopifycdn.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sync.1rx.io 3 redirects
3 idsync.rlcdn.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 pixel.tapad.com 2 redirects
3 image8.pubmatic.com 3 redirects
3 ad.turn.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ads.pubmatic.com cdn-header-bidding.snack-media.com
rtb.gumgum.com
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
3 hblg.media.net cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
3 lg3.media.net cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
contextual.media.net
3 contextual.media.net cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
tagan.adlightning.com
3 cdn.pbstck.com boot.pbstck.com
3 cdn.edkt.io cdn-header-bidding.snack-media.com
tagan.adlightning.com
cdn.edkt.io
3 q.stripe.com www.betootaadvocate.com
3 js.stripe.com www.betootaadvocate.com
js.stripe.com
2 pm.w55c.net 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pippio.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 capi.connatix.com 1 redirects
2 match.prod.bidr.io 2 redirects
2 ap.lijit.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 cms.quantserve.com 2 redirects
2 um.simpli.fi 1 redirects
2 image4.pubmatic.com 1 redirects
2 dis.criteo.com 2 redirects
2 rtb.gumgum.com 1 redirects pre.ads.justpremium.com
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 id5-sync.com cdn-header-bidding.snack-media.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 api.edkt.io cdn.edkt.io
2 www.google.com www.betootaadvocate.com
tagan.adlightning.com
2 cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 tg.socdm.com 2 redirects
2 oajs.openx.net 1 redirects www.betootaadvocate.com
2 fastlane.rubiconproject.com cdn-header-bidding.snack-media.com
2 pre.ads.justpremium.com cdn-header-bidding.snack-media.com
2 script.4dex.io cdn-header-bidding.snack-media.com
script.4dex.io
2 analytics.mailmunch.co www.betootaadvocate.com
2 monorail-edge.shopifysvc.com sdks.shopifycdn.com
2 cmp.inmobi.com www.betootaadvocate.com
cmp.quantcast.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 ajax.googleapis.com a.mailmunch.co
sdks.shopifycdn.com
2 cdn-header-bidding.snack-media.com www.betootaadvocate.com
cdn-header-bidding.snack-media.com
2 www.googletagmanager.com www.betootaadvocate.com
www.googletagmanager.com
1 sync.targeting.unrulymedia.com 1 redirects
1 p.rfihub.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ce.lijit.com
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 hb.yahoo.net
1 match.sharethrough.com
1 ow.pubmatic.com
1 cm.adform.net
1 secure-assets.rubiconproject.com 1 redirects
1 secure.adnxs.com 1 redirects
1 lb.eu-1-id5-sync.com cdn-header-bidding.snack-media.com
1 uipglob.semasio.net
1 sync.crwdcntrl.net
1 cm.ambientdsp.com 1 redirects
1 sync.mathtag.com 1 redirects
1 sync-dsp.ad-m.asia snackmedia-d.openx.net
ads.pubmatic.com
1 match.justpremium.com pre.ads.justpremium.com
1 js-sec.indexww.com cdn-header-bidding.snack-media.com
1 acdn.adnxs.com cdn-header-bidding.snack-media.com
1 snackmedia-d.openx.net cdn-header-bidding.snack-media.com
1 id.crwdcntrl.net cdn-header-bidding.snack-media.com
1 id.hadron.ad.gt cdn-header-bidding.snack-media.com
1 ssbsync.smartadserver.com 1 redirects
1 onetag-sys.com 1 redirects
1 app.cauly.co.kr cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
1 cr-p1.ladsp.com 1 redirects
1 s.tribalfusion.com
1 cs.media.net contextual.media.net
1 qsearch-a.akamaihd.net cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
1 www.googletagservices.com cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
1 warp.media.net cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
1 intake.pbstck.com www.betootaadvocate.com
1 google-bidout-d.openx.net tagan.adlightning.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tlx.3lift.com cdn-header-bidding.snack-media.com
1 hbopenbid.pubmatic.com cdn-header-bidding.snack-media.com
1 htlb.casalemedia.com cdn-header-bidding.snack-media.com
1 a.teads.tv cdn-header-bidding.snack-media.com
1 g2.gumgum.com cdn-header-bidding.snack-media.com
1 s.seedtag.com cdn-header-bidding.snack-media.com
1 cdn-ima.33across.com tagan.adlightning.com
1 static.criteo.net tagan.adlightning.com
1 oa.openxcdn.net tagan.adlightning.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 tags.crwdcntrl.net tagan.adlightning.com
1 refresh.pbstck.com www.betootaadvocate.com
1 boot.pbstck.com cdn-header-bidding.snack-media.com
1 stats.g.doubleclick.net www.google-analytics.com
1 forms.mailmunch.co a.mailmunch.co
1 cmp.quantcast.com 1 redirects
1 o479328.ingest.sentry.io omny.fm
1 m.stripe.com m.stripe.network
1 sdks.shopifycdn.com www.betootaadvocate.com
1 cd.connatix.com www.betootaadvocate.com
1 betootaadvocate.com www.betootaadvocate.com
1 widgets.snack-projects.co.uk www.betootaadvocate.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 id.a-mx.com Failed
0 cs.nex8.net Failed snackmedia-d.openx.net
0 api.rlcdn.com Failed cdn-header-bidding.snack-media.com
401 157
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.mailmunch.co
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
widgets.snack-projects.co.uk
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
connatix.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
omny.fm
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
sdks.shopifycdn.com
E1		 2023-12-01 -
2024-02-29		 3 months crt.sh
cdn-header-bidding.snack-media.com
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
omnycontent.com
Amazon RSA 2048 M02		 2023-03-03 -
2024-03-31		 a year crt.sh
monorail-edge-gateway-central.shopifycloud.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
forms.mailmunch.co
R3		 2023-11-15 -
2024-02-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
myshopify.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-21		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2023-06-04 -
2024-06-03		 a year crt.sh
api.edkt.io
GTS CA 1D4		 2023-11-25 -
2024-02-23		 3 months crt.sh
analytics.mailmunch.co
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
cdn.shopify.com
E1		 2023-11-08 -
2024-02-06		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
tracking.justpremium.com
Amazon RSA 2048 M02		 2023-11-14 -
2024-12-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.cauly.co.kr
Sectigo RSA Organization Validation Secure Server CA		 2023-02-17 -
2024-03-06		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh

This page contains 64 frames:

Primary Page: https://www.betootaadvocate.com/
Frame ID: 993FCC687BC8BA319DD390729233893D
Requests: 161 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=a821a8e3-bc2e-4dbf-9d9a-469b20b5afbc
Frame ID: 621CEF4B8C0695D50D68B640238715E3
Requests: 1 HTTP requests in this frame

Frame: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Frame ID: 7FA7F17B031B20CF0440BD4EEB55C7C2
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 0B9B5B3E3B68C172978E73B3B02CFD35
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B3BD52701D29B0A7C78D0F1D4ABB07AE
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Frame ID: 3BB2BB622F3A2EDA17D9612FEB682B14
Requests: 7 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/postman/embedded/index.css
Frame ID: 8CE86B51C2855AC827C03F5E03F8DF02
Requests: 6 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/index.css
Frame ID: 50869078ACBCC2A9B703D4EF825EE8B6
Requests: 6 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
Frame ID: AA35E73B58AE6A5E0E1D01F1D5A2B743
Requests: 7 HTTP requests in this frame

Frame: https://cdn.edkt.io/check/prober.html
Frame ID: CA302C413AC73DAC5AAC5FB7AFD4E127
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: B808335470C4C211D41679352BEC7898
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 18D562389F6D45D7CCE30CA944D49AC4
Requests: 6 HTTP requests in this frame

Frame: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5E82C87DA2E32F10E7A1B11B3DA5EF5
Requests: 1 HTTP requests in this frame

Frame: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC68E6BFB936C0C8E41F2DB81DB31214
Requests: 18 HTTP requests in this frame

Frame: https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Frame ID: D652E9EF8B5868406DA99708C0E73954
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3342&&kkdd=HH%7C3%7C*AnH9&Qc=!aE)!57.5.55*E75).!&h-JP=E&tDJ9=E&W-Q=!!)E&4DWF=vZ__&Wc-=583v._Yo.&WJW-=E_n)*CNcmOLYwm!UZRV7tb%3D%3D&WPc-=7!Z!))_!7&DcGF=a.5~*E&WW=6m&W1wt=AbLSuy(&Jc-=5suO_g5o)&4Jc-=28S(.H2&144JD=!&PPP=4GLf1vWXfv5mayrZTFYxCS9lxSFWv2g2y_OmSgBDEwNVv5mJ77V2KU%3D%3D&wDF=7&XU=!&0h-=)&9-4!=583))LZau&9-4.=aZa!)55_a&l-949=el~xXFw%3D!.ZEel1J%3DEelc-%3DEkE.Eel~x9wWFD4CP%3DZf.M7fZM!5fZM.Ef.el~x9Dw%3D*7E_el~xF~J%3DEel~xhcwD0%3DEel~xcw4t-%3DEel~xP1%3D)aRrnJT5AHel~xPJW%3DEE!EEEEel~xDcGF%3Da.5~*Eel~x4t9~%3D.7Eel~x4tXxD0jjc~%3D%2FeWc4V%3D6YymbsuLreWBxjX%3D.e-W%3DhWJf9J9WfDF!fle-ttx-!%3DEe-ttx-!E%3DEe-ttx-!.%3DZe-ttx-!)%3DEe-ttx-!7%3D!e-ttx-!_%3DZe-ttx-!a%3D!e-ttx-!5%3D57e-ttx-!*%3D!EEEe-ttx-.%3D2e-ttx-.!%3Df!e-ttx-..%3DEkE7e-ttx-.)%3D7e-ttx-.7%3D-Fjx-Fje-ttx-.5%3D7e-ttx-.*%3DEkEEe-ttx-Z%3DEe-ttx-ZE%3DEe-ttx-Z.%3DEe-ttx-ZZ%3DEe-ttx-Z_%3Dybe-ttx-Za%3D2e-ttx-)%3DEEe-ttx-)E%3DEe-ttx-).%3DEe-ttx-)Z%3DEe-ttx-))%3DJPC-e-ttx-)7%3DEe-ttx-)_%3DLe-ttx-7!%3DEe-ttx-7.%3DEkEEe-ttx-7_%3DEe-ttx-a%3DEe-ttx-5%3DEe-ttxX%3DEkE77e-ttxt!%3DEkE))e-ttxt!E%3D!kEEEe-ttxt!!%3DEk*5ae-ttxt!.%3D!k)!Ze-ttxt!Z%3D!kEEEe-ttxt!)%3D!kEEEe-ttxt!7%3D!kE!!e-ttxt!_%3DEkE75e-ttxt.%3DEkEZ*e-ttxt.!%3D!kEEEe-ttxt.Z%3D!kEEEe-ttxt.)%3D!kEE5e-ttxt.7%3D!kEEEe-ttxt.a%3D)e-ttxt.*%3D!kEEEe-ttxtZ%3D!kEEEe-ttxtZE%3D!kEEEe-ttxtZ.%3DEkE!Ee-ttxtZ)%3D!kEEEe-ttxtZ7%3D)kEEEe-ttxtZ_%3D)kEEEe-ttxtZ*%3D7ZkEEEe-ttxt)E%3D7ZkEEEe-ttxt7%3D!kEEEe-ttxt7!%3D)kEEEe-ttxt7.%3DEk*EEe-ttxt7Z%3DEkEa*e-ttxt7)%3D7kEEEe-ttxt77%3DEk7EEe-ttxt7a%3D!kEEEe-ttxt7*%3D!kEEEe-ttxt_%3D!kEEEe-ttxta%3D!k)E!e-ttxtaZ%3D)kEEEe-ttxta)%3D)kEEEe-ttxt*%3D!kEEEe-ttxP%3DEkEa*eFxPJt%3DEkE))eFPJt%3DEkE))e1W%3DE%20%2B%20Eec19%3DEec4VJF%3DbRqePxWW%3D6mePxcJ%3D..Ek.77k!EakEePxDW%3DE!ePlC%3D7xZePFjxWw4%3DEeDFXXFPx49hxc-%3D)!55Z!Z7.aeD4-%3D)!55Z!Z7.aeQlP%3DEeWl-J%3DEkE!!eD-%3D!ec4VJFxc-%3D!aeDFXXFPx49hxc-%3D)!55Z!Z7.aeD0JJXVx49hxc-%3De-F4FW4F-x49hxc-%3DeQcFU9lcXc4V%3DEk*eJCD%3D!eW4P%3DEkEe9Wx4VJF%3D!e9-lXB%3D)!55Z!Z7.ae9tJ%3D!eChlc-%3DEkE.EeljXP%3DEkE!EeD0c-%3D8br6rHdVGHuAb.LBuq38wSdCCqUe-4W%3D9J9WxDhe-ttxFPJt%3Dj9XDFe-tt%3D19PtCwVel-JW9J-%3DEe-9Xh%3D0wcDCw!.eDClJ%3De~c-%3DbRqfJ0lf7Za.__!.__Z_!!E7e14tX%3D!e-W04%3D)7e-Chl%3DEf!eFWJx0DF-%3DlFXCUxKE7eFWJxJE7%3DEkE.E*_)_7.)E*E.!)7.eFWJxJ!E%3DEkE)!ZZ_E7)!_!)E*_7eFWJxJ!7%3DEkE_)*Z7__!)7_*).*eFWJxJ.E%3DEkE*Z*_)Z5)a)Ea._E7eFWJxJ.7%3DEk!!_*a5!7!a__.7!Z_eFWJxJZE%3DEk!Za**!.!5_!5_Z_..eFWJxJZ7%3DEk!_ZE!55Ea5Z7E!7aeFWJxJ)E%3DEk!57)E!7_aa..!!5!ZeFWJxJ)7%3DEk.!._7Z5EE*ZZaa*_)eFWJxJ7E%3DEk.)Za_*E).!a7_5._7eFWJxJ77%3DEk.aa775)EE!Z7.77.ZeFWJxJ_E%3DEkZ!_._))aE)7*_777_eFWJxJ_7%3DEkZ7_!E*7E).5!.))*)eFWJxJaE%3DEkZ**Ea*77.!..Za!)eFWJxJa7%3DEk)7Z*5.57.a*5)5E*)eFWJxJ5E%3DEk7_!!a_5)*EEEE75aeFWJxJ57%3DEka7E.5E!*EE!a!))aeFWJxJ*E%3D!kE_7.aZ5)E7EE77aZeFWJxJ*7%3D!k5Z.a.57._ZE*!E7eFWJxJ**%3D_k.Ea!5)7ZE)Z_*E!eclW%3D!e&w4Q=E&ttt=uEHW_vKKDPSxtssGFhwvouF0~Pn)sVX6Fyd)A6JA7uVPa9zVA)nQth%3D%3D&cU=a.5&cwYjP=!&l-PY-=)_.&lc-=Z)*E_7&B44XF=69jFdP9tF%208Cw49cwFP&tWj=a_7*.&V-DJP=!&l9F=H~FyHKGhKHeH~FyHKGKKHe)FF&B94JPF=!&B94lc-=f!EZ&W9-Ct9cw=4GLf1vWXfvfA61y).f00jqJOF07dGjuPGU0)Dm(zhbmzTJKfxdnOwb%3D%3D&VJXJ=!&cDc-=7&9-Q=YwDc-FP%2081CcWFD&DDtWPxQFP=7&Jhc-=JE.!._*..Z.54.E.)E!E.E5)5&DDX-=%7B%22DDcJ%22%3A%22..Ek.77k!EakE%22%2C%22DDWW%22%3A%226m%22%2C%22DDDW%22%3A%22E!%22%2C%22DDW4V%22%3A%22Dcwh9JCPF%22%7D&14tXDPW=!&sflct=6078620&4WjxWtJ=!&ure=1
Frame ID: 4A667A1B55E738BB43DC69D7573D120D
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 44F158C0889B3C6BDA9DCF3BE077C364
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3788F919876EF38B96416C8E6CB88B90
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: C5AD61AE71573C468730B4D022C8F437
Requests: 11 HTTP requests in this frame

Frame: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: C5577B6353FB95A99B92B87BB9EE2CC6
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FC1B9822F01E6FE2558679404B0164C0
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=3710105856933683394&gdpr=0&gdpr_consent=
Frame ID: 543CE79D497E1B1937BF976258CD3A32
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1BFD419425FC9CB5F0119F09EB8DF46C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 0B44F6A0B4FA668FFE33166991EEE899
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Frame ID: 7075EAE52D129D5050511209C688B89D
Requests: 17 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZZPNxAALYQFAIAAM&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM
Frame ID: 0D5BD6849CFE47BF5EC62A7736C3BD76
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=aclh60e1704185281267
Frame ID: EEFD2A816779613D2ADD7B9B52FD22E0
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CvYBShd3d3cuYmV0b290YWFkdm9jYXRlLmNvbVILYWFzLWZjMjU1OGFaCHBiYTEuMy4zahd3d3cuYmV0b290YWFkdm9jYXRlLmNvbfoBBjguMjAuMOgCAYgDwJvPrAaoAyPqAyQ2NzU2M2VkZS1lZmNhLTRiZDYtYTIzNC03NjNkYTdhZTYwNDiqBANJU1CyBQNVU0TSBQkxMDUxOTk1NDbYBQDgBQHqBQdkZXNrdG9w-gUDc2dw0gYgNUZFMEQyRTk5RDU3OEFBN0FCQjVDQjI1RkNBOUNDREaqBwN3ZWLKBxNiZXRvb3RhYWR2b2NhdGUuY29t4AcB
Frame ID: 85ACB6ECF36B1C950E650B4C67F335C0
Requests: 16 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Frame ID: 3E0889B9BC0AD8518B63B8D3171066CB
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=pubmatic&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Frame ID: CDB2D48CD6E8A4CDC8FCAAEB9C78BC1B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2737469907082529874&gdpr=0&gdpr_consent=
Frame ID: C6AE5C23FAFAB944A8F0F2B84A8E8B1E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: F32DE0F87F68288087B417191AF342C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12xuc8vbo64n
Frame ID: 3FF6BE5DF3C44D202B9FF10E4B8AA682
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=2478682083756549096&gdpr=0&gdpr_consent=
Frame ID: 47EB66302AA55CBFE88DA3F33DA79236
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9mODRmMTRhOC1jODlkLTQwMDEtYTc4Yy1hMzIyMzgxNmQyMzg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 5E6B5CBBF0920A36C5722CD999F961DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: B53CE49702110FA31DE55BC183F0AB0F
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=75b0f43b-d089-4345-98db-2dafdee0ed2d
Frame ID: C4FEC5E7B9402325C96BE960112D1829
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZPNxcCo5swAAPrWAaEAAAAA
Frame ID: 3DBF1460784B698264556EE67BFB2FE8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 7CC1761CDBDC2F85467B41A87E7039DC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02C564339509D73C558AED5CA59899A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A93A3864383DFA063A0DAD6C1EB82ED1
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent=
Frame ID: 6E7AA475CAEF9B0FF78C46503BA782FD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zf6_R5iv5ULW-uVDwvyrEcPysRXW-rZMy_vvIne8
Frame ID: 3D15DB63C2A7CADD1A6C852DE27BC8F3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 58101390C50B3D437CB13C140C847352
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=94db73f9c99b46ca8a764e6915bed4f8
Frame ID: BE175C948998D4AB5272BBC43EBC8EF9
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 19D522A4D926932D6848853768D18CD9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=e8ieAQpAX-9IbIzWoAISu9z_a_0&gdpr=0&gdpr_consent=
Frame ID: E93A11D7F7B4EEFAACC5BBE711999DCF
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 2F5285AB6C7EA03B666D0D3DDAACDF46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1A79FBC8ED50E113ACA7D3691B380BBA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5F28D62DC5BFF3AF83298B311B0C57DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03b569d23337494db4e0f677c814d5e9
Frame ID: E2C69219A6C6FE3FA86F8DFCE25B0677
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KTuKH6lEDae2vDwIyM2TZQ
Frame ID: 20388EBE1622C4C28082482074FB3D06
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 5AC15A492BF8D9986BD6B3D77F164782
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Frame ID: 9E2E932497A6C9B706DFD00AFE9B5BEC
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CBF82FD7A53C2A5FCFA67A516C21657D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 8CD569DAD6CB88E2911F4097C53D856B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 8D59716B503A9537146D835700E5EE30
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 6D2F56F3355B27FE90B1BDC38DC10EE5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F655E287F89F41D8B9D92802968BC439&gdpr=0&gdpr_consent=
Frame ID: E9F8A40BD6CAD8BE452DE07E901ADA62
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:itrM51611RkAru5&gdpr=0&gdpr_consent=
Frame ID: 5ED9E01D974EE699FA441E049702E4AF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292556411330
Frame ID: B3098DC86F3DF4A3BD3A3ED17C2D8883
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Frame ID: D6F5C44142FFB1DB72E7C37095BBEE4E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004
Frame ID: 5B4A11E25DABBD64CC2ABCB291024863
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Frame ID: DAAFCE0C777FEA89BDF6A8808B1BB43D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Betoota Advocate - Australia's Oldest And Favourite Newspaper

Page URL History Show full URLs

  1. http://www.betootaadvocate.com/ HTTP 301
    https://www.betootaadvocate.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdks\.shopifycdn\.com
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

401
Requests

82 %
HTTPS

0 %
IPv6

101
Domains

157
Subdomains

104
IPs

10
Countries

5599 kB
Transfer

12850 kB
Size

140
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.betootaadvocate.com/ HTTP 301
    https://www.betootaadvocate.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/4d44a88f-dfde-4348-87d8-b0de002d1183/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4b90-abed-af8f01765c4d&size=small HTTP 302
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
Request Chain 109
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/4d44a88f-dfde-4348-87d8-b0de002d1183/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4b90-abed-af8f01765c4d&size=thumbnail HTTP 302
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
Request Chain 115
  • https://cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
Request Chain 203
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
Request Chain 207
  • https://match.adsrvr.org/track/cmf/openx?oxid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0&gdpr_consent=
Request Chain 208
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZPNwcCo5swAAPrW-nYAAAAA
Request Chain 209
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab1Up4Fz0FO2ks8AEDxkG0XDE88AAAGMyVu8xA
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdjMWIzNTctNTY5NC0yN2YzLWNiNTktODUyM2FkZmQ5N2Mx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdjMWIzNTctNTY5NC0yN2YzLWNiNTktODUyM2FkZmQ5N2Mx&google_tc=
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELMRuTt773b_46EC2NnKVpo&google_cver=1
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MTg2ODgzMjY4NDUyNzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEC-oSVakl3ypD-xliotTbH8&google_cver=1
Request Chain 260
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMR4sxfnlrUTrW45lPoPINA&google_cver=1&google_push=AXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMR4sxfnlrUTrW45lPoPINA&google_cver=1&google_push=AXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 261
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOgoVbSmNSq4o27SOp_MzQE&google_cver=1&google_push=AXcoOmQWbOrOASyEB1A16_5qvKdmsMuGKJONtjHoKynIamqBVPjQO-TvY9R47yGWogYYY-D0Xo1hrt0TpazwQPUk4YDBabIQkukzgC5LnfBm3DU6Np1u4-1aLc5sjZp8QTvzwmI5WpPjhOEuCmdpS3P0l2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQWbOrOASyEB1A16_5qvKdmsMuGKJONtjHoKynIamqBVPjQO-TvY9R47yGWogYYY-D0Xo1hrt0TpazwQPUk4YDBabIQkukzgC5LnfBm3DU6Np1u4-1aLc5sjZp8QTvzwmI5WpPjhOEuCmdpS3P0l2Q
Request Chain 262
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmT-CtvQhw5qpvYCqXe1b9kgWScuH6HPFSSZdjmIQ57D-XgxbhfPqpEU0UQBd3aZg4l0T4VSjTOVSXlgRAwWvEDlxSJeF38GhHZHsAzh08Tz3xXYwIeZWpiGahQ0ccBMhDTfl-eONTy3wY0ARBm8lvQ&google_gid=CAESEGy7uILUbGFn3ZjHUhobv2E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmT-CtvQhw5qpvYCqXe1b9kgWScuH6HPFSSZdjmIQ57D-XgxbhfPqpEU0UQBd3aZg4l0T4VSjTOVSXlgRAwWvEDlxSJeF38GhHZHsAzh08Tz3xXYwIeZWpiGahQ0ccBMhDTfl-eONTy3wY0ARBm8lvQ&google_hm=AYtK54dY6921ks8AEDxkG0XDE8A
Request Chain 263
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAG_s886Uz2IKreGuiqZmJU&google_cver=1&google_push=AXcoOmT6KVBqErJEO9k_MQCH49uJnn3mPsegHwiezWAbie5qJJyeVcWrOBse9zxgBU6Y0Ud3EoZ2eBZYmjPxa9LozSSbucqX5U1FQL7yAB8ms6kSVSOP_7RPJUpIqlB8DV9JSDz8XYEFHhDlNxFO-6oATcs HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAG_s886Uz2IKreGuiqZmJU&google_cver=1&google_push=AXcoOmT6KVBqErJEO9k_MQCH49uJnn3mPsegHwiezWAbie5qJJyeVcWrOBse9zxgBU6Y0Ud3EoZ2eBZYmjPxa9LozSSbucqX5U1FQL7yAB8ms6kSVSOP_7RPJUpIqlB8DV9JSDz8XYEFHhDlNxFO-6oATcs&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=41cc-wKjTQWY3BqSMmr6Wg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT6KVBqErJEO9k_MQCH49uJnn3mPsegHwiezWAbie5qJJyeVcWrOBse9zxgBU6Y0Ud3EoZ2eBZYmjPxa9LozSSbucqX5U1FQL7yAB8ms6kSVSOP_7RPJUpIqlB8DV9JSDz8XYEFHhDlNxFO-6oATcs
Request Chain 265
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEB7YMrKRSv7eJN5wW2swGy0&google_cver=1&google_push=AXcoOmTH4Oz29YF72j5oPr4RE_i6elRyxdQNi6wM7_peuw0zDHIHYq0h5Cqyu0-w-6-RB8PZ9O68z_0jXKx-ArOxzCvMxaX5fB94awBwh1bAEgwqSZPy_HaSFA90FE7mMpe8hpreKhk90kqqndqmdosvMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTH4Oz29YF72j5oPr4RE_i6elRyxdQNi6wM7_peuw0zDHIHYq0h5Cqyu0-w-6-RB8PZ9O68z_0jXKx-ArOxzCvMxaX5fB94awBwh1bAEgwqSZPy_HaSFA90FE7mMpe8hpreKhk90kqqndqmdosvMg
Request Chain 266
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJG573adaucg4CHs_LmXHfA&google_cver=1&google_push=AXcoOmRk9OS8LfHgU7IszYqPPLnrAnw2zuHQ0uesl8HGRcKGn0aFkUnhMOXUQNR40O-deqzd2nF_3uGAA__2wYd92HV3HRLvpYjazazn7kbMaBMg_6nhfQ2MBdOlOqP6Q6ChHCrU-U4yRNG6NFojDNbriKM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRk9OS8LfHgU7IszYqPPLnrAnw2zuHQ0uesl8HGRcKGn0aFkUnhMOXUQNR40O-deqzd2nF_3uGAA__2wYd92HV3HRLvpYjazazn7kbMaBMg_6nhfQ2MBdOlOqP6Q6ChHCrU-U4yRNG6NFojDNbriKM&google_hm=MzI2NjE0MTk0NDE2NzkxMTU5Ng%3D%3D
Request Chain 282
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=3710105856933683394&gdpr=0&gdpr_consent=
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZZPNxAALYQFAIAAM&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM
Request Chain 292
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&us_privacy= HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705&ex_uid=a_f84f14a8-c89d-4001-a78c-a3223816d238
Request Chain 293
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=e8ieAQpAX-9IbIzWoAISu9z_a_0
Request Chain 296
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=hPjqoTZlwHk4zZMttAZjGw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 298
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3515932829652169944&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=75b0f43b-d089-4345-98db-2dafdee0ed2d&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 300
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTIzMjA4ODQyNjg0NTc4NzQ3MzQ1 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHsoM_bBUB6Rfh5tyZK4H6A&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 302
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTIzMjA4ODQyNjg0NTc4NzQ3MzQ1
Request Chain 304
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/523208842684578747345?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-g5LlawxE2oS1nBYfKeXLS2ovYIhM4jHgrHuqFIl3gw--~A&dongle=0883
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=523208842684578747345&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=523208842684578747345&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7454654908275200369&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 306
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=fc4b2f2f-acdf-4824-896a-fb9642bd0a7e&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2737469907082529874&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 311
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7cfe6593-cdc5-4700-a0b6-c43cc195b207&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3710105856933683394 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dpubmatic%26uid%3DE3571CFB-02A3-4D05-98DC-1A92326AFA5A&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=pubmatic&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Request Chain 312
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2737469907082529874&gdpr=0&gdpr_consent=
Request Chain 314
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12xuc8vbo64n
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=41cc-wKjTQWY3BqSMmr6Wg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 316
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E3571CFB-02A3-4D05-98DC-1A92326AFA5A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=E3571CFB-02A3-4D05-98DC-1A92326AFA5A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=92a1f33d-6522-4d5f-9122-fa9fde06217a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=92a1f33d-6522-4d5f-9122-fa9fde06217a%2C%2C
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTM1NzFDRkItMDJBMy00RDA1LTk4REMtMUE5MjMyNkFGQTVB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBgpYvahqHkTOpxKrp_kNgw&google_cver=1
Request Chain 323
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=
Request Chain 324
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4596796740221088984&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 328
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2737469907082529874
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_f84f14a8-c89d-4001-a78c-a3223816d238&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_f84f14a8-c89d-4001-a78c-a3223816d238&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=JQ4d8HBfR_U-Ckf0KgwJpisCE6I-ChT7IwtXNs4x HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 330
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=ac93c4ed-b7f6-4101-b9c2-cf77af4f58e7
Request Chain 331
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7bc89e01-0a40-5fef-486c-8cd6a00212bb$ip$220.255.107.253
Request Chain 332
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-9KUjfr9E2pf3OG6oK2kK3aW9UpqZkN61Gq1D~A
Request Chain 333
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5e555364-505d-44f8-a8fc-8d1d1c908f27
Request Chain 334
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=2478682083756549096&gdpr=0&gdpr_consent=
Request Chain 337
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=75b0f43b-d089-4345-98db-2dafdee0ed2d
Request Chain 338
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZPNxcCo5swAAPrWAaEAAAAA
Request Chain 340
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 341
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=579e1990-04d4-43eb-a67b-0d837a94c9d4&gdpr=0&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=579e1990-04d4-43eb-a67b-0d837a94c9d4&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 342
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=579e1990-04d4-43eb-a67b-0d837a94c9d4 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-luyBdH9E2uE5kx89wPgbZJrI3aUaCvebyvJ9A.Q-~A
Request Chain 344
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=openx&uid=6270ef52-267c-4abe-b535-1f8fe6449b2c
Request Chain 346
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D579e1990-04d4-43eb-a67b-0d837a94c9d4%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-whF8IdlE2uVRpi4tB1YtZiynWbEW7hQ-~A&gdpr=0
Request Chain 347
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=index_rtb&uid=ZZPNxVRj8TKbV0Sreid4DgAA%264874
Request Chain 348
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=sovrn&uid=H7FQCLZHgPpM_pD1SdSQ3FmA
Request Chain 349
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=appnexus&uid=2737469907082529874
Request Chain 353
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zDX-X0VFTviHei87C9pD_g&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zDX-X0VFTviHei87C9pD_g&gdpr=0
Request Chain 354
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=&expires=30
Request Chain 355
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFXM1dZVDgtMU8tNk9CTw==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEPj125v2i5pgFMaxcN_iOlE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXM1dZVDgtMU8tNk9CTw==&google_push=&gdpr=0
Request Chain 356
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQW3WYT8-1O-6OBO&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 357
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQW3WYT8-1O-6OBO&gdpr=0
Request Chain 358
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6SlTqSySQniq9cmQHkDjjA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6SlTqSySQniq9cmQHkDjjA&gdpr=0
Request Chain 359
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZmWS-Daw0OOBAQW3YIv7jsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Gerl_NE2oJYRqg2DtI9ZWLcHj_LPlrzihyFIg--~A
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECDUW-NX52ddE1ZIVY1uc3s&google_cver=1
Request Chain 361
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczMThmZjY0MDcyNTg5YzdlNjE0N2Y3MjgyNjRjZjIyOWRkNGUyMg&gdpr=0
Request Chain 362
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJVck7LJ5wAABPkih7-3A&expires=30&gdpr=0
Request Chain 363
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQW3WYT8-1O-6OBO&gdpr=0
Request Chain 364
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQW3WYT8-1O-6OBO&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQW3WYT8-1O-6OBO&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 365
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQW3WYT8-1O-6OBO&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQW3WYT8-1O-6OBO&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HYnVoWk5oRTJ1R0Q3dEpJNjNCcVZlX2M1bVM4dEVSVn5B&gdpr=0&ovsid=LQW3WYT8-1O-6OBO&dpid=58160
Request Chain 366
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b4215b4-a51b-4bcd-96eb-e9f4aee38a9a&expires=30&gdpr=0
Request Chain 367
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQW3WYT8-1O-6OBO&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQW3WYT8-1O-6OBO HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQW3WYT8-1O-6OBO&ckls=true&ci=hrIXjNUhGw&nc=false&trid=-1340290794
Request Chain 368
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQW3WYT8-1O-6OBO&gdpr=0
Request Chain 378
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&khaos=LQW3WYT8-1O-6OBO HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQW3WYT8-1O-6OBO&gdpr=0&gdpr_consent=undefined
Request Chain 384
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zf6_R5iv5ULW-uVDwvyrEcPysRXW-rZMy_vvIne8
Request Chain 386
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=94db73f9c99b46ca8a764e6915bed4f8
Request Chain 388
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=e8ieAQpAX-9IbIzWoAISu9z_a_0&gdpr=0&gdpr_consent=
Request Chain 390
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 392
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03b569d23337494db4e0f677c814d5e9
Request Chain 393
  • https://idsync.rlcdn.com/420486.gif?partner_uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEUzNTcxQ0ZCLTAyQTMtNEQwNS05OERDLTFBOTIzMjZBRkE1QRAAGg0IyJvPrAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=bbcbf5db640f3e99cb90a3a134e29ebe8591d85cad41d686691d810db70add3b791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYmNiZjVkYjY0MGYzZTk5Y2I5MGEzYTEzNGUyOWViZTg1OTFkODVjYWQ0MWQ2ODY2OTFkODEwZGI3MGFkZDNiNzkxNDI2YjU0MTdkY2UyMRAAGgwIyJvPrAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYmNiZjVkYjY0MGYzZTk5Y2I5MGEzYTEzNGUyOWViZTg1OTFkODVjYWQ0MWQ2ODY2OTFkODEwZGI3MGFkZDNiNzkxNDI2YjU0MTdkY2UyMRAAGgwIyJvPrAYSBAgCEABCAEoA&google_gid=CAESEIcjjtEmm7scW9jApR44NT8&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c078117e-e11a-4aa3-93ea-7a622558a132
Request Chain 394
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=11d9c4379d3122a3&is_secure=true&networkId=17100&version=1&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALBIaOC9EYdwMKwjM5AAAAAAA&expiration=1704271688&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 396
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KTuKH6lEDae2vDwIyM2TZQ
Request Chain 401
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 403
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F655E287F89F41D8B9D92802968BC439&gdpr=0&gdpr_consent=
Request Chain 404
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:itrM51611RkAru5&gdpr=0&gdpr_consent=
Request Chain 405
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292556411330
Request Chain 412
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1704185291690 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8369198798 HTTP 302
  • https://sync.1rx.io/usersync/turn/3515932829652169944?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004

401 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.betootaadvocate.com/
Redirect Chain
  • http://www.betootaadvocate.com/
  • https://www.betootaadvocate.com/
301 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba3b35e930a793b885887fc176ad38c7a21d7614f67748db6a872e027e4d35f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
1522
cache-control
max-age=1800, must-revalidate
cf-apo-via
tcache
cf-cache-status
HIT
cf-ray
83f1bd6d1e774085-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 08:47:54 GMT
last-modified
Tue, 02 Jan 2024 07:58:40 GMT
server
cloudflare
vary
Accept-Encoding, Cookie,User-Agent
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
BYPASS
CF-Ray
83f1bd671bab3df3-SIN
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 08:47:54 GMT
Location
https://www.betootaadvocate.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie,User-Agent
cf-apo-via
origin,no-cache
x-redirect-by
Solid Security
x-turbo-charged-by
LiteSpeed
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		1007 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/instagram-feed/css/sbi-styles.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/give/assets/dist/css/give-donation-summary.css,wp-content/plugins/give-recurring/assets/css/give-recurring.min.css,wp-content/plugins/td-composer/td-multi-purpose/style.css,wp-content/themes/betootaadvocate/style.css,wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css,wp-content/themes/Newspaper/style.css,wp-content/themes/betootaadvocate/lib/css/ba.css,wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b4e80322ceea83bdef8d7939564f86e48fb850683296423da0ed252aa0c3ee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 17 Nov 2023 03:50:42 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
cache-control
max-age=86400
cf-apo-via
origin,nohtml
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd6d7f0b4085-SIN
content-length
115457
expires
Wed, 03 Jan 2024 08:47:54 GMT
give.css
www.betootaadvocate.com/wp-content/plugins/give/assets/dist/css/ 		74 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/give/assets/dist/css/give.css?ver=3.1.1
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50338bee5cd172d881b12eee82890858feaa42dec7a25654ca813be2691ad973

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 17 Nov 2023 03:50:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd6d7f0d4085-SIN
content-length
17350
expires
Tue, 09 Jan 2024 08:47:54 GMT
e1d5728e-4589-4fdd-aa32-b4f5d45841c4
https://www.betootaadvocate.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.betootaadvocate.com/e1d5728e-4589-4fdd-aa32-b4f5d45841c4
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/td-cloud-library/assets/css/tdb_main.css
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c1992406ec9c6f2aac5a686c636ed33dd24e80edc607559710ec293b571da2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 11 Sep 2023 03:41:23 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
cache-control
max-age=86400
cf-apo-via
origin,nohtml
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd6daf674085-SIN
content-length
6806
expires
Wed, 03 Jan 2024 08:47:54 GMT
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/jquery/jquery.min.js,wp-content/plugins/give-recurring/assets/js/give-recurring.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5297f04d86e06325abfc96f65e0f58b051d0b46eda17097408dbec355eb5b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:54 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 31 Oct 2023 03:51:14 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=86400
cf-apo-via
origin,nohtml
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd6defbf4085-SIN
content-length
33071
expires
Wed, 03 Jan 2024 08:47:54 GMT
site.js
a.mailmunch.co/app/v1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/site.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 19:12:07 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
48959
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8416
last-modified
Fri, 29 Dec 2023 11:44:33 GMT
server
AmazonS3
etag
"4b19d79668614cfbb5ee100d183f9a5c"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
A_t6CVSo0GPCv4rwi8Q1NsCR5NEig7YdgGvMJM07_HxtdW5x_e5yGQ==
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-56468053-1
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4be83055627b74d5779543f96c07a88b10bc29cab3434c6cb7e3cc4f9664e295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68938
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 08:47:55 GMT
snack-cmp_v2.min.js
widgets.snack-projects.co.uk/gdpr/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.snack-projects.co.uk/gdpr/snack-cmp_v2.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.68 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-46-68.bunnyinfra.net
Software
BunnyCDN-SG1-868 /
Resource Hash
c23d5ca3e201d4c79f0b3f980beda9287a056df0f5c8c7ddb087a6d95f671210

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
content-encoding
br
cdn-edgestorageid
868
cdn-storageserver
DE-680
cdn-cachedat
12/21/2023 03:38:22
cdn-pullzone
851110
last-modified
Tue, 08 Aug 2023 15:20:05 GMT
server
BunnyCDN-SG1-868
cdn-fileserver
382
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64d25d25-fa0"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
cf85643b-ef61-4e40-8871-e5ff38046499
cache-control
public, max-age=2592000
cdn-requestid
190e5ccecb1b152ec9c6ef6df493f230
cdn-requestcountrycode
SG
cdn-status
200
cdn-requestpullsuccess
True
Betoota-Advocate-Desktop-Header-Logo.svg
betootaadvocate.com/wp-content/uploads/2018/07/ 		93 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Advocate-Desktop-Header-Logo.svg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8752501a9c32832119ff9cddfe47b8f32e51c97d5abbd6d254d3646ca9e6d665

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 01 Jul 2018 23:58:27 GMT
server
cloudflare
age
131248
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd726e3d4085-SIN
content-length
26165
expires
Sun, 07 Jan 2024 20:20:27 GMT
Betoota-Advocate-Mobile-Header-Logo.svg
www.betootaadvocate.com/wp-content/uploads/2018/07/ 		73 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Advocate-Mobile-Header-Logo.svg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6eded00baf8989a00ae532498c24904285fcf42a8c7d727f2270ac74cd4d56b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Sun, 01 Jul 2018 23:58:30 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7338064085-SIN
content-length
21268
expires
Tue, 09 Jan 2024 08:47:55 GMT
Screen-Shot-2023-12-21-at-7.44.10-pm-534x462.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		301 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-21-at-7.44.10-pm-534x462.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39c8bde9930fccb03edab6958a0429a9c524da194f373a0454a34614eea9165

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 08:45:22 GMT
server
cloudflare
cf-polished
origSize=359317, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd6fdaee4085-SIN
content-length
308731
expires
Tue, 09 Jan 2024 08:47:55 GMT
Screen-Shot-2023-12-21-at-7.15.17-pm-533x261.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-21-at-7.15.17-pm-533x261.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee32231d5a875e40e49ccdbdcafb20fd26c2e9d86891a3ec1c7d539a54ae9e46

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 08:16:30 GMT
server
cloudflare
cf-polished
origSize=220879, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd704b5e4085-SIN
content-length
189657
expires
Tue, 09 Jan 2024 08:47:55 GMT
themilk-265x198.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/themilk-265x198.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5c830eec6dc15ae270f6c0f4c6a517ff1fca2f3032a95796f04e0337635880

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 05:47:29 GMT
server
cloudflare
cf-polished
degrade=85, origSize=18028, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd704b5f4085-SIN
content-length
16341
expires
Tue, 09 Jan 2024 08:47:55 GMT
Screen-Shot-2023-12-20-at-4.42.57-pm-265x198.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-20-at-4.42.57-pm-265x198.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cfab4b521c83685e4a84ac4c3f3292b40deab923a472e16447158af174c9e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 06:32:55 GMT
server
cloudflare
cf-polished
origSize=122345, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd70bbdd4085-SIN
content-length
107510
expires
Tue, 09 Jan 2024 08:47:55 GMT
themilk-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/themilk-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa39137f5c117eefa448e473cbf4520d4bce91c3b37dd4bbfb903613fbe96dc8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 05:47:29 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd70bbe14085-SIN
content-length
17313
expires
Tue, 09 Jan 2024 08:47:55 GMT
youchkytwiggy-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/youchkytwiggy-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee9c933bc0a2e52d4b20efe0e5e5dcbb22aba49b48f7e54b31793839792f16c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 04:44:03 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd70bbdf4085-SIN
content-length
10903
expires
Tue, 09 Jan 2024 08:47:55 GMT
nerdddd-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/nerdddd-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130a03140ace422969a9a2dbfd4d3f2f07dea3c085c1a71bb4058f1f6ba99c77

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 04:13:47 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7338084085-SIN
content-length
12790
expires
Tue, 09 Jan 2024 08:47:55 GMT
whitechristmas-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/whitechristmas-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86390c182874ee78035b2929cf944aed9a4f50465b8380271574e4eaffd9cbe3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 03:59:30 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7338094085-SIN
content-length
12222
expires
Tue, 09 Jan 2024 08:47:55 GMT
cherryripe-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/cherryripe-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684dda9fe41445cad9bc894d6f83c281c2e3c411856904273b7befb7719f34a9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 23:13:19 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd751a594085-SIN
content-length
13043
expires
Tue, 09 Jan 2024 08:47:55 GMT
pricegouging-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/pricegouging-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801d234ecf47cc73cdd0b98558c4e5aac85949921184f1cab6c964d5b073b2b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 22:56:00 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd753a7a4085-SIN
content-length
17009
expires
Tue, 09 Jan 2024 08:47:55 GMT
Screen-Shot-2023-12-21-at-7.44.10-pm-324x235.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-21-at-7.44.10-pm-324x235.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3ce41c49e17e65163f0c7f24ddd048dbddb6633c0df7e84863e7b6f7d87eac

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 08:45:22 GMT
server
cloudflare
cf-polished
origSize=118879, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd753a7d4085-SIN
content-length
103135
expires
Tue, 09 Jan 2024 08:47:55 GMT
shutterstock_1531731818-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/shutterstock_1531731818-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c2d8502ad6af29342c37dcfe2864d2eccb53a7e545fbd05e7052b0d93826be

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 05:00:16 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd758ae54085-SIN
content-length
2622
expires
Tue, 09 Jan 2024 08:47:56 GMT
chrissytree-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/chrissytree-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f718cc6a6c18df93ea1075582133c62e4b4edda836a9e137b2dd517f67ceab58

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Dec 2023 04:03:25 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd761b8d4085-SIN
content-length
2467
expires
Tue, 09 Jan 2024 08:47:55 GMT
Screen-Shot-2023-12-19-at-11.54.21-am-100x70.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-19-at-11.54.21-am-100x70.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fb6230f4db2fd66dc9b75d2342d3584b1c0407be4b4683c789d22e904185c0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 02:37:51 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd76dc864085-SIN
content-length
16078
expires
Tue, 09 Jan 2024 08:47:56 GMT
toowoomba-uncle-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/toowoomba-uncle-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdbdd2efe65871253152bb33510817b4c98f246880918a4570df134935d21b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Dec 2023 04:22:04 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd771ccd4085-SIN
content-length
3320
expires
Tue, 09 Jan 2024 08:47:56 GMT
bigstavros-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/bigstavros-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b6a9f57be93642c352f62db6b79ffdba1ec54df3ec966b07762b85a17a02d6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 12 Dec 2023 00:52:37 GMT
server
cloudflare
cf-polished
degrade=85, origSize=12871, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd778d664085-SIN
content-length
11697
expires
Tue, 09 Jan 2024 08:47:56 GMT
qlder-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/qlder-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd8f7782bd65dbe9537a6e74e66c4555782c72b0050d128f753f503843bed82

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Dec 2023 02:30:25 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd77dde04085-SIN
content-length
3571
expires
Tue, 09 Jan 2024 08:47:56 GMT
oosh-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/oosh-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b1c945b531e2d66c4fddd8ae74478abac63f7bd1c66f3246250ef4f35cdb92

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Mon, 04 Dec 2023 00:10:19 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd782e364085-SIN
content-length
2964
expires
Tue, 09 Jan 2024 08:47:56 GMT
global-tensions-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/global-tensions-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0999d3a847dcd6a8461bfdbf98d6dc9335ac1bbd8c8c1a9a8acaf163e6a71645

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 02:22:51 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd784e784085-SIN
content-length
3351
expires
Tue, 09 Jan 2024 08:47:56 GMT
dutmanchan-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/dutmanchan-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03479e6f02504de844285fcb503c535c8b135b8f44c9acc01ca66a2815c2085

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 00:29:37 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd78bf1f4085-SIN
content-length
3464
expires
Tue, 09 Jan 2024 08:47:56 GMT
Lee-balmain-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Lee-balmain-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0b9374e30c5c796d04169b8a461a2c5007ef7f4a86168d632d2e5ca3ec4508

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 17 Dec 2023 23:36:53 GMT
server
cloudflare
cf-polished
degrade=85, origSize=16792, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7938104085-SIN
content-length
15222
expires
Tue, 09 Jan 2024 08:47:56 GMT
road-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/road-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa02b52b135a63852f2147fe383c39262ec17d17ca568601c881878f2644a562

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Dec 2023 04:52:07 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7988b74085-SIN
content-length
2776
expires
Tue, 09 Jan 2024 08:47:56 GMT
Kerry-Hes-back-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Kerry-Hes-back-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56237fb1a5631ed1c8bd4b8722dbd5cd9917e91eb91d4754ab2e66a6b1c0a714

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Dec 2023 04:40:01 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd79d9164085-SIN
content-length
2804
expires
Tue, 09 Jan 2024 08:47:56 GMT
hospitality-venues-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/hospitality-venues-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00649438c71db3bee3f6d7680b8e1288b5da0e9bef701d42206f5f94b1225d5d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 03:24:48 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7a19744085-SIN
content-length
3425
expires
Tue, 09 Jan 2024 08:47:56 GMT
furston-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/furston-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0f5368f00f93c1714d74a511deb48686ddf3d9e7f2efda684d7de8587bb9ba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 04:51:27 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7aaa354085-SIN
content-length
3603
expires
Tue, 09 Jan 2024 08:47:56 GMT
boyishly-handsome-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/boyishly-handsome-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeeb00b65c626157993b8aeb9e2071e54f0136b08b7a4b92bd98163fd4692a15

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 00:51:19 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7b3af64085-SIN
content-length
3710
expires
Tue, 09 Jan 2024 08:47:56 GMT
roadrage-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/roadrage-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414dfd3a5fc7ec6781151178ba8a2eff8df15a0480a9766df5d7fe3e67aacc4a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Dec 2023 04:08:10 GMT
server
cloudflare
cf-polished
degrade=85, origSize=11648, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7b8b604085-SIN
content-length
10383
expires
Tue, 09 Jan 2024 08:47:56 GMT
thirsty-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/thirsty-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bfc5237e8e6346a55f519577142ef2ce4b84bd84c9bcf2c0675c520bacf1f13

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Dec 2023 03:49:01 GMT
server
cloudflare
cf-polished
degrade=85, origSize=9150, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7bdbaa4085-SIN
content-length
8195
expires
Tue, 09 Jan 2024 08:47:57 GMT
turkish-airlines-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/turkish-airlines-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9eb9d682cfcbdb21e287ae51acfe0d9caa18e35e0e5aab8508faaa509aaae9b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Dec 2023 03:43:20 GMT
server
cloudflare
cf-polished
degrade=85, origSize=9062, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7c0c054085-SIN
content-length
8184
expires
Tue, 09 Jan 2024 08:47:57 GMT
nurse-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/nurse-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a74af641cea8c1f19fbaac8567d7a97624b393ab9b172a2b76737bf291de67

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Dec 2023 03:15:48 GMT
server
cloudflare
cf-polished
degrade=85, origSize=8486, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7cacce4085-SIN
content-length
7712
expires
Tue, 09 Jan 2024 08:47:56 GMT
gran-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/gran-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60cdce7ff6902c37326eb2f67d00d36340acdc0a77bd7c61f86a596dddaee4d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 18 Dec 2023 03:07:38 GMT
server
cloudflare
cf-polished
degrade=85, origSize=11474, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7d2d734085-SIN
content-length
10145
expires
Tue, 09 Jan 2024 08:47:57 GMT
white-boy-brother-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/white-boy-brother-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d532f59bb8c5e5dca811745e90f42d0a2f598931315a284dcf7508cffc5689bc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 18 Dec 2023 00:48:49 GMT
server
cloudflare
cf-polished
degrade=85, origSize=9862, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7d8dcf4085-SIN
content-length
8957
expires
Tue, 09 Jan 2024 08:47:57 GMT
Screen-Shot-2023-12-21-at-7.15.17-pm-218x150.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-21-at-7.15.17-pm-218x150.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d565feffce15b3c95db2e82c539c8c54fde9ca96e095ca87a77a0e3f3a882e6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 21 Dec 2023 08:16:29 GMT
server
cloudflare
cf-polished
origSize=62789, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7dce224085-SIN
content-length
55449
expires
Tue, 09 Jan 2024 08:47:57 GMT
Screen-Shot-2023-12-20-at-4.42.57-pm-218x150.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-20-at-4.42.57-pm-218x150.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4463408f527c99cb3a9a33e746e7dd818cd7f6809d27a741de18ff604ba2fc3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 06:32:55 GMT
server
cloudflare
cf-polished
origSize=78453, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7dee684085-SIN
content-length
69039
expires
Tue, 09 Jan 2024 08:47:57 GMT
whataguy-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/whataguy-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b0c7f1aa0ed9519020ccdca771a17cce9a709a460f62a88d996c156c975684

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 05:01:31 GMT
server
cloudflare
cf-polished
degrade=85, origSize=8373, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7e0e9f4085-SIN
content-length
7622
expires
Tue, 09 Jan 2024 08:47:57 GMT
townie-mate-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/townie-mate-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be45ef24dcc7af17aa1f676b5da114cdc62d5eb5e2836c83f07b47b9552abd1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 04:14:08 GMT
server
cloudflare
cf-polished
degrade=85, origSize=10806, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7e0ea14085-SIN
content-length
9843
expires
Tue, 09 Jan 2024 08:47:57 GMT
Screen-Shot-2023-12-20-at-1.32.56-pm-218x150.png
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Screen-Shot-2023-12-20-at-1.32.56-pm-218x150.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce2015d02806a5e4fb362b4e8da586684971de5213575b91cfd84149f64b139

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 20 Dec 2023 02:33:41 GMT
server
cloudflare
cf-polished
origSize=39131, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7e0ea34085-SIN
content-length
33496
expires
Tue, 09 Jan 2024 08:47:57 GMT
shutterstock_1889597656-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/shutterstock_1889597656-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc50ae4a94abda48ef61ad74dc8f42a6854eab50648ec8844a33b2439c9160f7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Dec 2023 05:51:27 GMT
server
cloudflare
cf-polished
degrade=85, origSize=8520, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7e6f074085-SIN
content-length
7818
expires
Tue, 09 Jan 2024 08:47:57 GMT
Gaza-albo-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Gaza-albo-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5d79d196a9c76038937d64e2dd9b8727408336c121da69a02fe4e1948b9918f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 Dec 2023 00:08:11 GMT
server
cloudflare
cf-polished
degrade=85, origSize=16302, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7f382b4085-SIN
content-length
15056
expires
Tue, 09 Jan 2024 08:47:57 GMT
Concert-dads-1-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/Concert-dads-1-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1957b85d70be39b9874c458e8eb77a62b5c4b37a2fc8909af9e11c3d40bab4c8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Fri, 08 Dec 2023 00:49:29 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7f88744085-SIN
content-length
3438
expires
Tue, 09 Jan 2024 08:47:57 GMT
bombsssss-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/bombsssss-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58a24d219366d5a18c44eed47fdbb7e5086923da65a20baef8aaf4592cdcbb9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 00:39:20 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd7fe8e24085-SIN
content-length
3790
expires
Tue, 09 Jan 2024 08:47:57 GMT
WENDELL-HUSSEY-Cadet-CONTACT-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/12/WENDELL-HUSSEY-Cadet-CONTACT-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541f9b92f065902a54022422117ae72b1a13cf74f8d36bbe76a8c81a722b8a46

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Nov 2023 22:41:21 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd8009084085-SIN
content-length
2916
expires
Tue, 09 Jan 2024 08:47:57 GMT
napoleon-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/napoleon-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1df290aa60ed226b1014a450ef16b5466b8efc6e65bd0b3b0708be27b442d4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 03:10:30 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd8069cc4085-SIN
content-length
3182
expires
Tue, 09 Jan 2024 08:47:57 GMT
snoop-grunge-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/snoop-grunge-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc610eb574b3180f989113f123b006f07e53521f601cf1cde0a9531170838f77

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 21 Nov 2023 02:24:14 GMT
server
cloudflare
cf-polished
degrade=85, origSize=3231, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd8069d04085-SIN
content-length
2562
expires
Tue, 09 Jan 2024 08:47:57 GMT
loosers-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/loosers-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787c7b022a6979a9f23834de008052625804b61bd2e0e0ae4d9361157d99887c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Nov 2023 22:51:53 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd8069d14085-SIN
content-length
4511
expires
Tue, 09 Jan 2024 08:47:57 GMT
shutupdenmark-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/shutupdenmark-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9e230825a5d69b1d2fb79b406439e1a5b9385cebd21ba8f1180afc09d5fba5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 02:53:43 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd8069d34085-SIN
content-length
3233
expires
Tue, 09 Jan 2024 08:47:57 GMT
devobra-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/devobra-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecec378089aaab88b84f15debf5c3f28eb80d79d79a5f17971556b7b275b97d4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Nov 2023 05:29:09 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd80aa1f4085-SIN
content-length
3317
expires
Tue, 09 Jan 2024 08:47:57 GMT
stiffy-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/11/stiffy-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4c9fe6e06a31ba3c5e2bd5bba519cb89f527f84d4c491e35f88cd3613e7a78

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Oct 2023 23:57:18 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd813aac4085-SIN
content-length
2956
expires
Tue, 09 Jan 2024 08:47:57 GMT
irish-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/irish-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3426ba2849e31dfd6553c8db9edf508e5c35fe34ea18f57177207f82193c47

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Oct 2023 23:39:40 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd817af94085-SIN
content-length
3282
expires
Tue, 09 Jan 2024 08:47:57 GMT
Betoota-Advocate-Black-in-Red-Footer-Mark.svg
www.betootaadvocate.com/wp-content/uploads/2018/07/ 		27 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Advocate-Black-in-Red-Footer-Mark.svg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da4fada3595750f81fdaa0208de38c9526ed2e992e3d9493b8ce5cec75626c30

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Sun, 01 Jul 2018 23:58:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd81fb954085-SIN
content-length
13818
expires
Tue, 09 Jan 2024 08:47:58 GMT
/
js.stripe.com/v3/ 		579 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/?ver=3.1.1
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 08:47:55 GMT
via
1.1 varnish
age
33
x-cache
HIT
content-length
164503
x-request-id
af74e334-d73f-4b07-a7a7-3407581c046c
x-served-by
cache-qpg1282-QPG
last-modified
Fri, 22 Dec 2023 21:43:17 GMT
server
Fastly
etag
"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/give/assets/dist/js/give-stripe.js,wp-includes/js/dist/vendor/wp-polyfill-inert.min.js,wp-includes/js/dist/vendor/regenerator-runtime.min.js,wp-includes/js/dist/vendor/wp-polyfill.min.js,wp-includes/js/dist/hooks.min.js,wp-includes/js/dist/i18n.min.js,wp-content/plugins/give/assets/dist/js/give.js,wp-content/plugins/give/assets/dist/js/give-donation-summary.js,wp-content/plugins/give-stripe/assets/dist/js/give-stripe-payment-request.js,wp-includes/js/underscore.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa7e9ecc8d287db1d42d159a6a793e4c7ee763fe0d62e158aba5577e3aff1881

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 17 Nov 2023 03:50:26 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=86400
cf-apo-via
origin,nohtml
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd704b614085-SIN
content-length
80739
expires
Wed, 03 Jan 2024 08:47:55 GMT
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		543 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js,wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js,wp-includes/js/comment-reply.min.js,wp-content/themes/betootaadvocate/lib/js/ba.min.js,wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js,wp-content/plugins/instagram-feed/js/sbi-scripts.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f858c1a94ec5d7ebc46acd4254265e5300514ca8817cdc19dd973cc91aca65b5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 17 Nov 2023 03:50:42 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=86400
cf-apo-via
origin,nohtml
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd704b624085-SIN
content-length
131938
expires
Wed, 03 Jan 2024 08:47:55 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
www.betootaadvocate.com/wp-content/themes/Newspaper/images/icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/instagram-feed/css/sbi-styles.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/give/assets/dist/css/give-donation-summary.css,wp-content/plugins/give-recurring/assets/css/give-recurring.min.css,wp-content/plugins/td-composer/td-multi-purpose/style.css,wp-content/themes/betootaadvocate/style.css,wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css,wp-content/themes/Newspaper/style.css,wp-content/themes/betootaadvocate/lib/css/ba.css,wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/instagram-feed/css/sbi-styles.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/give/assets/dist/css/give-donation-summary.css,wp-content/plugins/give-recurring/assets/css/give-recurring.min.css,wp-content/plugins/td-composer/td-multi-purpose/style.css,wp-content/themes/betootaadvocate/style.css,wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css,wp-content/themes/Newspaper/style.css,wp-content/themes/betootaadvocate/lib/css/ba.css,wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 03:58:08 GMT
server
cloudflare
vary
User-Agent, Accept-Encoding
content-type
font/woff
cache-control
max-age=1800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd708bae4085-SIN
content-length
33488
S6u9w4BMUTPHh6UVSwiPGQ.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd708bb34085-SIN
content-length
23040
expires
Wed, 01 Jan 2025 00:24:10 GMT
S6uyw4BMUTPHjx4wXg.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd708bb44085-SIN
content-length
23580
expires
Wed, 01 Jan 2025 02:42:56 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd708bb64085-SIN
content-length
27120
expires
Tue, 31 Dec 2024 23:37:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd708bb74085-SIN
content-length
15744
expires
Tue, 31 Dec 2024 19:52:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:54 GMT
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd708bb94085-SIN
content-length
15920
expires
Wed, 01 Jan 2025 02:42:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd708bba4085-SIN
content-length
48236
expires
Sun, 29 Dec 2024 00:10:04 GMT
connatix.playspace.js
cd.connatix.com/ Frame 621C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js?cid=a821a8e3-bc2e-4dbf-9d9a-469b20b5afbc
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aef7b186c832637e1303d69cfe2b4f125969fe76f32d17cafd3ebaa4bf2c4247

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f1bd82da914cbf-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
embed
omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/ Frame 7FA7 		395 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5b0f3e63c1c55ba61073a8139a048aaf9ec2962599e24596c61fdd4c3be43f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=120
cf-cache-status
MISS
cf-ray
83f1bd734ed94022-SIN
content-encoding
br
content-security-policy
default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:47:55 GMT
etag
W/"136wn0g85nh8np3"
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex
buy-button-storefront.min.js
sdks.shopifycdn.com/buy-button/latest/ 		366 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf41f73936eefaed7c45ed6df28b056c2e1f7b44b0ffe63d56d07d081cf7f428
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
imagery;dur=359.069, imageryFetch;dur=289.149, cfRequestDuration;dur=18.999815
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f2a3fe17-cbc7-48f7-b3e6-8de47c652afb
last-modified
Tue, 02 Jan 2024 05:47:04 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxTqWF%2FPB8px1VeN1nVXuwaYUE%2ByGyTsw5%2Bpw0uMb5TUXmyuAtYr3RERez%2BxpSg4hTt3JTiK3ez1%2Br5HdcRj9JIXokXFh8mIfZDhofhdnR5fRpzmc135L33UBhGsM9RWrVm3S7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
timing-allow-origin
*
link
<https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js>; rel="canonical"
cf-ray
83f1bd831e3191ab-SIN
Betoota_Generic_HomePageBanner.jpg
www.betootaadvocate.com/wp-content/uploads/2023/06/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/06/Betoota_Generic_HomePageBanner.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe62006eb24f633f53a11d09f19a42e22c7ce960ec2b3f471226fdb5bce3235

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:58 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Jun 2023 23:40:06 GMT
server
cloudflare
cf-polished
degrade=85, origSize=533023, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd828c454085-SIN
content-length
190008
expires
Tue, 09 Jan 2024 08:47:58 GMT
Betoota-Podcast-Banner.png
www.betootaadvocate.com/wp-content/uploads/2018/07/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Podcast-Banner.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dea00bf10e0e94309b80e6e574a91e18712ade7cbf6107b42093cf60c74f782

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:58 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 02 Jul 2018 04:37:02 GMT
server
cloudflare
cf-polished
origSize=197454, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd828c494085-SIN
content-length
169738
expires
Tue, 09 Jan 2024 08:47:58 GMT
BG-Newsletter.jpg
www.betootaadvocate.com/wp-content/uploads/2018/06/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/06/BG-Newsletter.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd84760f0d592333d5d12f51a4ca2b38b77c81e71fad2fa3c0f83a9701275bee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:58 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 28 Jun 2018 10:23:16 GMT
server
cloudflare
cf-polished
degrade=85, origSize=253692, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd828c4a4085-SIN
content-length
142091
expires
Tue, 09 Jan 2024 08:47:58 GMT
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Apr 2022 15:45:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd714cbd4085-SIN
content-length
27976
expires
Sun, 29 Dec 2024 00:15:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
83f1bd718d174085-SIN
content-length
15860
2980
cdn-header-bidding.snack-media.com/assets/js/snack-loader/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=0
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.68 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-46-68.bunnyinfra.net
Software
BunnyCDN-SG1-868 / PHP/8.2.7
Resource Hash
52d0c294bd5a8c30d7b06359b6a35218c397b7e0dcef450f12d74a982552d9bb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Tue, 02 Jan 2024 08:47:59 GMT
content-encoding
br
cdn-edgestorageid
868
x-powered-by
PHP/8.2.7
cdn-cachedat
01/02/2024 08:47:59
cdn-pullzone
145563
server
BunnyCDN-SG1-868
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
EXPIRED
cdn-uid
cf85643b-ef61-4e40-8871-e5ff38046499
cache-control
public, max-age=3600
cdn-requestid
626985e2e3bc240fce08759cc95774ee
cdn-requestcountrycode
SG
link
<https://header-bidding.snack-media.com/wp-json/>; rel="https://api.w.org/"
cdn-status
200
expires
Tue, 02 Jan 2024 09:23:40 GMT
wp-emoji-release.min.js
www.betootaadvocate.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:58 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 11 Sep 2023 03:37:21 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
83f1bd831ce74085-SIN
content-length
5744
expires
Tue, 09 Jan 2024 08:47:58 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0B9B 		200 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2874110
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:47:55 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
636369
x-content-type-options
nosniff
x-request-id
2790e4cc-6de9-4f78-95ff-fad41b5f7198
x-served-by
cache-qpg1282-QPG
admin-ajax.php
www.betootaadvocate.com/wp-admin/ 		336 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-admin/admin-ajax.php
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/jquery/jquery.min.js,wp-content/plugins/give-recurring/assets/js/give-recurring.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00fc21fd70d52ae4d157e55768305f75110de0d445f53404461fbd6bbaf70f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.betootaadvocate.com/
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 02 Jan 2024 08:47:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex
cf-ray
83f1bd73886a4085-SIN
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 16:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 16:41:46 GMT
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 0B9B 		526 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 08:47:55 GMT
via
1.1 varnish
age
1668752
x-cache
HIT
content-length
315
x-request-id
c85c2bea-b168-452d-8c4c-7c5cb363cb46
x-served-by
cache-qpg1282-QPG
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
596026
csp-report
q.stripe.com/ Frame 0B9B 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704185276329231
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704185276328963
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0B9B 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704185276329553
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704185276329042
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame B3BD 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-128.sin52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
181
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:44:55 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-amz-cf-id
dsOJKAADkuZNeMValXTjAzcAFY7Kq7MMmsJoJ32FCA2s2Nd_Rl3psQ==
x-amz-cf-pop
SIN52-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame B3BD 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704185276329280
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704185276329017
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame B3BD 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-128.sin52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:45:53 GMT
content-encoding
br
via
1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
123
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
SIN52-C2
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
-hJkVWTARFZ7hqMwno0XYoZvENOB0OPWnqgtlzTC6f2Df61e3nhEUQ==
6
m.stripe.com/ Frame B3BD 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.215.175 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-215-175.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ee9768df988fbda1ed069b216b2c72939f1fb20a81d435eadff69101cf72fa7e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 08:47:56 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704185276301575
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704185276301020
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
js
www.googletagmanager.com/gtag/ 		226 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4ZLLC2NYSG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56468053-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
82ba0b7c8f3191735eef2757df692b2f8f43f0b27bd7c211388e60672af4cf59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81720
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 08:47:57 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56468053-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 07:39:54 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4084
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 09:39:54 GMT
b4ba02559a00e479.css
omny.fm/_next/static/css/ Frame 7FA7 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/css/b4ba02559a00e479.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6db3f903296e39abe266a621b7a1ed4f207d6089b5c84fb76ca23d602f6925

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
4448378
etag
W/"3acb-18b7f64aff8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd75ca614022-SIN
alt-svc
h3=":443"; ma=86400
webpack-e841cb581cf79f94.js
omny.fm/_next/static/chunks/ Frame 7FA7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/webpack-e841cb581cf79f94.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
396121521df8c4b2715023aa811a7212f8f155e01436c930f5e9ef641a363679

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
4768400
etag
W/"1183-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd75ca664022-SIN
alt-svc
h3=":443"; ma=86400
framework-e80d50c86cecd1b2.js
omny.fm/_next/static/chunks/ Frame 7FA7 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/framework-e80d50c86cecd1b2.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
450b99a8f26cbeda4af46867bebc233cc126e696e321b8ba9a4d2e2e2d31dc63

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
5466568
etag
W/"226d4-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd75ca6a4022-SIN
alt-svc
h3=":443"; ma=86400
main-dcd5409803ac6f1d.js
omny.fm/_next/static/chunks/ Frame 7FA7 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/main-dcd5409803ac6f1d.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bfedf7c882ca316abd64d03037a165b8c661d051c81b869b0a7100082119cc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
4699809
etag
W/"2620c-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd75ca6b4022-SIN
alt-svc
h3=":443"; ma=86400
_app-21f7935da12938f1.js
omny.fm/_next/static/chunks/pages/ Frame 7FA7 		699 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/_app-21f7935da12938f1.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
463b3036e25536f8e798d083074b2d9dc1c26261387a4408847e9134ac073266

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:02:11 GMT
server
cloudflare
age
4058983
etag
W/"aed07-18bd75dce38"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd761b044022-SIN
alt-svc
h3=":443"; ma=86400
6065-67afd97643376f2e.js
omny.fm/_next/static/chunks/ Frame 7FA7 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/6065-67afd97643376f2e.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b536ded558ccf7c84991908c01dfea31e4a894e52f68356583027d78d35c706

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
2885064
etag
W/"c317-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd761b074022-SIN
alt-svc
h3=":443"; ma=86400
4713-f83e03484820ffa0.js
omny.fm/_next/static/chunks/ Frame 7FA7 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4713-f83e03484820ffa0.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58e34717b0cec2a83b64079793a1e03e1db87c97066f8e6f07bbdae255c9c052

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
2721635
etag
W/"4c7e-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd761b0b4022-SIN
alt-svc
h3=":443"; ma=86400
7367-3ffbc007cf043124.js
omny.fm/_next/static/chunks/ Frame 7FA7 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/7367-3ffbc007cf043124.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f9878ec0d1bcae87fa4f7c68767acd4058ec2107e4105646c87aee8334e936

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
4777601
etag
W/"294c-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd761b0e4022-SIN
alt-svc
h3=":443"; ma=86400
4632-d42c0309c2f83561.js
omny.fm/_next/static/chunks/ Frame 7FA7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4632-d42c0309c2f83561.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ce7fdceea5dc30cf5c939afabae2877284954f598965a4f8e0a950c6670927

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
4613758
etag
W/"2e63-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd76abb44022-SIN
alt-svc
h3=":443"; ma=86400
4715-0953dd13d8aa5c4f.js
omny.fm/_next/static/chunks/ Frame 7FA7 		107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4715-0953dd13d8aa5c4f.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3390a2cd5dc160e9a701ceb30e69572460f8d5540941b75684a807ce40b6a5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
2883957
etag
W/"1ab94-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd76bbc94022-SIN
alt-svc
h3=":443"; ma=86400
8743-096c1b7b8d2a0fa2.js
omny.fm/_next/static/chunks/ Frame 7FA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8743-096c1b7b8d2a0fa2.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73756a678e8e2a8aa4c3ebec6843b379474c1ecb7bd3124f879157141746475

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
2980964
etag
W/"ac2-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd76ebf44022-SIN
alt-svc
h3=":443"; ma=86400
3375-57cb419cb02005ba.js
omny.fm/_next/static/chunks/ Frame 7FA7 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/3375-57cb419cb02005ba.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654baea258ef04690d4314f50aabe789ca5e7423f7381258446e64f20fe5581c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
2790836
etag
W/"373f-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd770c1a4022-SIN
alt-svc
h3=":443"; ma=86400
embed-f41c4184bcba50cf.js
omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/ Frame 7FA7 		448 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/embed-f41c4184bcba50cf.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4408d0a689912fd392cf3dc65ac22757182ac65b9bfd5c16596a3dfb936a1ebf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:03:07 GMT
server
cloudflare
age
2883687
etag
W/"1c0-18b7f64aff8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd77fd174022-SIN
alt-svc
h3=":443"; ma=86400
_buildManifest.js
omny.fm/_next/static/BcHYS_O6HhRJjAOgPazn5/ Frame 7FA7 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/BcHYS_O6HhRJjAOgPazn5/_buildManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c3a8de19d269904a6d72f0f3ccaa83528503d22280e43113d10911590b5c95

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:02:02 GMT
server
cloudflare
age
2884641
etag
W/"1102-18bd75dab10"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd77fd184022-SIN
alt-svc
h3=":443"; ma=86400
_ssgManifest.js
omny.fm/_next/static/BcHYS_O6HhRJjAOgPazn5/ Frame 7FA7 		77 B
137 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/BcHYS_O6HhRJjAOgPazn5/_ssgManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:02:02 GMT
server
cloudflare
age
4058984
etag
W/"4d-18bd75dab10"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
83f1bd783d634022-SIN
alt-svc
h3=":443"; ma=86400
image.jpg
www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/ Frame 7FA7
Redirect Chain
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/4d44a88f-dfde-4348-87d8-b0de002d1183/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4...
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Server
52.84.45.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-14.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
e22a50c334577787dd805c6fec9388d7001fd7bd4a0b92179e39b62b0179edb0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 00:00:27 GMT
via
1.1 ac13acf57c23911a257fe4535c510b00.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
MRS52-P1
age
636450
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22234
last-modified
Thu, 19 Jan 2023 23:19:47 GMT
server
cloudflare
etag
"0x8DAFA73A7D63E7A"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
83b50b2828bd047a-FRA
x-amz-cf-id
rwlnpI3p4xOSr2TIbDH1_-R3jiA_8zREjhjPVvnCfKivvzvWZbp0KA==

Redirect headers

date
Tue, 02 Jan 2024 08:47:57 GMT
via
1.1 ac13acf57c23911a257fe4535c510b00.cloudfront.net (CloudFront)
cf-cache-status
HIT
server
cloudflare
x-amz-cf-pop
MRS52-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
access-control-allow-origin
*
location
/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
cache-control
public, max-age=60
cf-ray
83f1bd7d1d8030cc-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
-Y9NhHkRHViaL_BTFvsAOVWBC_kI_1Q8mf--q1DEs_MmUgmbZmmk_g==
image.jpg
www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/ Frame 7FA7
Redirect Chain
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/4d44a88f-dfde-4348-87d8-b0de002d1183/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4...
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Server
52.84.45.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-14.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
3d230ded0d47548eca5bdbda2107399f501a5c06e2cdd900f449fee17541ee76

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 17:46:52 GMT
via
1.1 ac13acf57c23911a257fe4535c510b00.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MRS52-P1
age
658865
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2768
cf-bgj
h2pri
last-modified
Tue, 24 Jan 2023 11:00:19 GMT
server
cloudflare
etag
"0x8DAFDFA2EE2AEE8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
83b2e7ec2d001e59-FRA
x-amz-cf-id
Vr0AJ3uCwUqepiBqFNtZb7-1xbhubwAXpCKOGLALv747RxE-CwVFSA==

Redirect headers

date
Tue, 02 Jan 2024 08:47:57 GMT
via
1.1 ac13acf57c23911a257fe4535c510b00.cloudfront.net (CloudFront)
cf-cache-status
HIT
server
cloudflare
x-amz-cf-pop
MRS52-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
access-control-allow-origin
*
location
/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
cache-control
public, max-age=60
cf-ray
83f1bd7d1ca55d6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
pIPctQasTLLKNbfmUYAVyYzwux3PzAW0cx_J7hOAGmCOVdm3Mj4DRg==
open-sans-latin-600-normal.07f9d4a5.woff2
omny.fm/_next/static/media/ Frame 7FA7 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-600-normal.07f9d4a5.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/b4ba02559a00e479.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127

Request headers

Referer
https://omny.fm/_next/static/css/b4ba02559a00e479.css
Origin
https://omny.fm
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:02:48 GMT
server
cloudflare
age
5375058
etag
W/"4174-18b7f6465c0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
83f1bd763b3b4022-SIN
alt-svc
h3=":443"; ma=86400
content-length
16756
open-sans-latin-700-normal.532b8102.woff2
omny.fm/_next/static/media/ Frame 7FA7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-700-normal.532b8102.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/b4ba02559a00e479.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Request headers

Referer
https://omny.fm/_next/static/css/b4ba02559a00e479.css
Origin
https://omny.fm
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 07:02:48 GMT
server
cloudflare
age
2978396
etag
W/"3ff4-18b7f6465c0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
83f1bd763b3d4022-SIN
alt-svc
h3=":443"; ma=86400
content-length
16372
open-sans-latin-400-normal.55ee70a1.woff2
omny.fm/_next/static/media/ Frame 7FA7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-400-normal.55ee70a1.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/b4ba02559a00e479.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.107.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer
https://omny.fm/_next/static/css/b4ba02559a00e479.css
Origin
https://omny.fm
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:55 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:02:02 GMT
server
cloudflare
age
2792969
etag
W/"4164-18bd75dab10"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
83f1bd763b3e4022-SIN
alt-svc
h3=":443"; ma=86400
content-length
16740
/
o479328.ingest.sentry.io/api/6149200/envelope/ Frame 7FA7 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o479328.ingest.sentry.io/api/6149200/envelope/?sentry_key=26e057be21a84efb8189b730ef099727&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.74.1
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-21f7935da12938f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://omny.fm/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 08:47:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
waveform
www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/4d44a88f-dfde-4348-87d8-b0de002d1183/ Frame 7FA7 		18 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/4d44a88f-dfde-4348-87d8-b0de002d1183/waveform?t=1703040371&token=QK4hVyD3Juk2wRShHctwqhZBH97fliUz
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-21f7935da12938f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-14.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
29ae932ebfc4ef85e75c9bb132f63952299a7cc2e28abf9324e9f8740e6131ce

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:03:12 GMT
content-encoding
br
via
1.1 619ec087cb9316041730ef86d5003ae8.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MRS52-P1
age
751485
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 02:46:11 GMT
server
cloudflare
etag
W/"0x8DC0105D3A0C289"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=5184000
cf-ray
83aa12b1db7765af-FRA
x-amz-cf-id
yNFpnlQ3Cjt1yGm9UncxViTn95dzb9Yp2QMG3MckBocV9pZ-LO2WdA==
choice.js
cmp.inmobi.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Server
13.224.250.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-20.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1fd2650b005a6d51b71ae221905b17632566f26c36b5fd2299fcb07125d68c1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:01 GMT
content-encoding
gzip
via
1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
last-modified
Mon, 27 Nov 2023 13:56:28 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"9786fb83cd296c30f621d766fbe1602e"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
b4vxaKfPqSYWHJZHH5SMBl4VQvLA5OmcrlhuJdkK-bCHTlbNYnh97Q==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
date
Tue, 02 Jan 2024 08:48:00 GMT
via
1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:40:56 GMT
server
AmazonS3
etag
"3a5b1fa930418cca5f4e36886096045a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Wo4kE_JDFXoNEJyWojDyCbrMKTvQxJBT-5g3hDlBwh7gbKfdGUsTXQ==
produce
monorail-edge.shopifysvc.com/v1/ 		0
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.229.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.229.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:47:58 GMT
via
1.1 google
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
c73890d3-c5f7-4165-899c-874761970010
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 18:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 18:24:02 GMT
collect
www.google-analytics.com/g/ 		0
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4ZLLC2NYSG&gtm=45je3bt0v9118813431&_p=1704185274905&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1683639413.1704185278&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704185278&sct=1&seg=0&dl=https%3A%2F%2Fwww.betootaadvocate.com%2F&dt=The%20Betoota%20Advocate%20-%20Australia%27s%20Oldest%20And%20Favourite%20Newspaper&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5006
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZLLC2NYSG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:47:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3BB2 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
7fc04fa5a2d39a18d0d3ac9ae8c7e018d8e8e366c38a137799b96b8992cbf3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 08:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 08:41:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 08:47:58 GMT
styles.css
a.mailmunch.co/app/v1/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/styles.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 19:09:46 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
158773
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Fri, 29 Dec 2023 11:44:36 GMT
server
AmazonS3
etag
"d410b4d25dc803ade09d27e3e28cf366"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
accept-ranges
bytes
x-amz-cf-id
yOL0y9bCOpOTaBsN2kctNZMqmRsIGZoumXc5nno0GW5uSccIOhhj8g==
103219
forms.mailmunch.co/sites/ 		130 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.mailmunch.co/sites/103219
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.36.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-36-100.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
c7f111bc6ce54bf2d3b530b608bc20eee88ba646d14b65457c518ffc32892f6e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:47:59 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By
Express
Connection
keep-alive
Content-Length
130
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1704185279&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=jxM0YuFzY0cqV%2BAutUvVUHoPQOzgOVkVel6bk8ElJaw%3D
X-Mm-T
Server
Cowboy
Etag
W/"82-QJjUiI7FhOBtUziN7fIbh/35cG0"
Vary
Accept-Encoding
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704185279&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=jxM0YuFzY0cqV%2BAutUvVUHoPQOzgOVkVel6bk8ElJaw%3D"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=923124473&t=pageview&_s=1&dl=https%3A%2F%2Fwww.betootaadvocate.com%2F&ul=en-us&de=UTF-8&dt=The%20Betoota%20Advocate%20-%20Australia%27s%20Oldest%20And%20Favourite%20Newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2073318177&gjid=994762223&cid=1683639413.1704185278&tid=UA-56468053-1&_gid=1347550707.1704185278&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=195544045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:47:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56468053-1&cid=1683639413.1704185278&jid=2073318177&gjid=994762223&_gid=1347550707.1704185278&_u=YADAAUAAAAAAACAAI~&z=523541696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 02 Jan 2024 08:47:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 3BB2 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 11:55:15 GMT
x-content-type-options
nosniff
age
75164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 11:55:15 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 3BB2 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 09:57:17 GMT
x-content-type-options
nosniff
age
168642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 09:57:17 GMT
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-variant,x-sdk-variant-source,x-sdk-version,x-shopify-storefront-access-token
Access-Control-Request-Method
POST
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type, X-SDK-Variant, X-SDK-Variant-Source, X-SDK-Version, X-Shopify-Storefront-Access-Token, Shopify-Storefront-Private-Token, Shopify-Storefront-Buyer-IP, Shopify-Storefront-Id, Shopify-Storefront-S, Shopify-Storefront-Y, Shopify-Storefront-Extension-Token, Custom-Storefront-Request-Group-ID, shopify-core-canary
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f1bd8b5c15602e-SIN
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:47:59 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyRMAqM2S0nZcP%2BGgD1tTLBIhZUC%2FiD8bQnOTXc55Cp6eMWSjFqxbzJcuVPbFpOHyBZ7WByFA6keoqMDX2NXmGsQo7FwEYrS37wo0XTMPkY9UTGoB3ZdabFXl%2B9IjD9okTTmUlR4ASuenR9hEm9VZhPWBIN6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=5, db;dur=3, asn;desc="9506", edge;desc="SIN", country;desc="SG", servedBy;desc="bfvx", requestID;desc="50758af0-9811-417c-9305-e001bee175b3" cfRequestDuration;dur=260.999918
vary
Accept-Encoding Accept
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
50758af0-9811-417c-9305-e001bee175b3
x-shardid
135
x-shopid
7278065
x-shopify-stage
production
x-sorting-hat-podid
135
x-sorting-hat-shopid
7278065
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ 		29 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
089991f58410f646ce04fbb3e31e0a30eb1f2d2c810e9278385b04adf74d6843
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-SDK-Version
2.20.0
Accept-Language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-SDK-Variant
javascript
Content-Type
application/json
Accept
application/json
X-Shopify-Storefront-Access-Token
adf38735c8f633a344c8351cf196609f
Referer
https://www.betootaadvocate.com/
X-SDK-Variant-Source
buy-button-js

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
x-shopify-api-version
2023-07
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
hit, server
server-timing
processing;dur=20, db;dur=8, asn;desc="9506", edge;desc="SIN", country;desc="SG", servedBy;desc="nhlj", graphql;desc="storefront/query/other", requestID;desc="53101b4d-a9a2-4277-9abb-95939922ca9b", cfRequestDuration;dur=665.999889
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
7278065
x-request-id
53101b4d-a9a2-4277-9abb-95939922ca9b
x-shardid
135
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
7278065
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE2v%2FN6dJBP9W9MvjHTZXo%2BmsNOXKOUrtPIpE%2BVf7WyNE3fUDidBsvzyBFSz%2BXqwOcxOpBqgXXCR67RW4jATOIudZIbcNSX6iZhYlVutzqoJ%2B4hgMc%2BfuLpgkkY0zy%2BTHj3g8w2Nu%2B9IbwIZnXLYZjpCaRc9"}],"group":"cf-nel","max_age":604800}
content-language
en
x-download-options
noopen
cf-ray
83f1bd8d1fb2602e-SIN
x-sorting-hat-podid
135
settings-1704169475.json
a.mailmunch.co/forms-cache/103219/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/settings-1704169475.json
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a449caa094b77c960c3f97acc18efe61c21aefc21043d55b093f2eeab1c0eadb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:25:42 GMT
content-encoding
gzip
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
15737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jan 2024 04:24:43 GMT
server
AmazonS3
etag
W/"b0adf5b97debe9530183dd404fe683bb"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
kDtA8z6HsP6yzk5eWEvnKjmc8Lgcu6sql1prwcuYgu_NJpneoj_IRA==
op.js
tagan.adlightning.com/valnet-snackmedia/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/op.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-110.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5361633c9faadd6d759fb77e2648e3a693de4410f5da93196aa72401168686fb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
o86Z4C6V0HPQjrlnW9Ti.Pz3eTgJjBkg
content-encoding
gzip
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 08:42:50 GMT
x-amz-cf-pop
SIN2-P2
age
310
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8124
x-amz-meta-git_commit
ed6e5a5
last-modified
Tue, 02 Jan 2024 01:40:37 GMT
server
AmazonS3
etag
"0a20e42cdc40d56cb85ce74dd4e542e5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
7pY99Bm3z6XsGCjd2ULoqX7F8_hWvOzbLBZzc7ICQz5wEiTwdUCxfg==
d280555d-43c9-4617-8a74-e00bdddc2217
boot.pbstck.com/v1/tag/ 		3 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f70cfa6983f31738d88a13d2df9dc04a031c242c00664151b1c4d6123493a24

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
83f1bd8f1e854a71-SIN
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
17d52e12ece0d784f97fc3aa0b2ddcb3982684c27bae40cfd84b387749cb0e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29310
x-xss-protection
0
server
cafe
etag
613 / 19724 / 31080057 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 08:47:59 GMT
prebid-8.20.0-std_v1.js
cdn-header-bidding.snack-media.com/assets/js/ 		438 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.46.68 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-46-68.bunnyinfra.net
Software
BunnyCDN-SG1-868 /
Resource Hash
26ab428b0c041295ab003ee3092e00f9daf7642156583063a046cce76590bd48

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Tue, 02 Jan 2024 08:47:59 GMT
content-encoding
br
cdn-edgestorageid
868
cdn-cachedat
01/02/2024 08:47:05
cdn-pullzone
145563
last-modified
Tue, 19 Dec 2023 12:34:51 GMT
server
BunnyCDN-SG1-868
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6d95c-60cdc17ca03b2"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
cf85643b-ef61-4e40-8871-e5ff38046499
cache-control
max-age=30
cdn-requestid
9a83092533d0b1e1f1956f5beabb3136
cdn-requestcountrycode
SG
cdn-status
200
expires
Tue, 02 Jan 2024 08:47:12 GMT
b-ed6e5a5-f14e3344.js
tagan.adlightning.com/valnet-snackmedia/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-110.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b18cb4de3cb893295b438e4ab5cebdcb5b6ca1e79e8be22d40c5366ecec3b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 15:43:56 GMT
content-encoding
gzip
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
x-amz-version-id
zRZj8aTc5kxHhPSIW0t1yqe89G23gVTR
x-amz-cf-pop
SIN2-P2
age
320643
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26804
x-amz-meta-git_commit
ed6e5a5
last-modified
Fri, 29 Dec 2023 15:43:44 GMT
server
AmazonS3
etag
"2ad4edeeb3f5e06e6a37c5c6eb2e36e0"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yJGmLVtb7y1YkREnhUGSLNakhzcK3CoMjW1QMWWrDV_OF_NH_x_v5Q==
bl-ed6e5a5-f4205783.js
tagan.adlightning.com/valnet-snackmedia/ 		65 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/bl-ed6e5a5-f4205783.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-110.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f26191cfd3aef0f16f81a7277021628731cf074a2126a096a20c14ee0e9cacb2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:42:34 GMT
content-encoding
gzip
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
x-amz-version-id
_bZy0ueqLXHDAcOhX6qSHn3X2Fvir4nS
x-amz-cf-pop
SIN2-P2
age
25525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28386
x-amz-meta-git_commit
ed6e5a5
last-modified
Tue, 02 Jan 2024 01:40:16 GMT
server
AmazonS3
etag
"bd6d7df6ea7f832c8d02ce1471f262ea"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GqjgrfMWnvbnXxlBp9NOgE9KottkUnY3XD4vRaQAkH_ni7M4DeMn8A==
embedded.js
a.mailmunch.co/app/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/embedded.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b846ef170dfb8305947448dbeeec8b1054f73573346678f1a4f9f72f981a4c3d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:42:58 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
45132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1097
last-modified
Fri, 29 Dec 2023 11:44:33 GMT
server
AmazonS3
etag
"de4f6ef8356fefa4221a98396ae8324f"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
DZJefIoIN0b9EHTKg4CuLs51GGt06utPI8P29N9ul-nnKnuxwHYwag==
sidebar.js
a.mailmunch.co/app/v1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/sidebar.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03b91cc6b7b75f6aa9e1015ded5196298213496512857cbba8ac41a23ae06c13

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:18:44 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
44956
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
842
last-modified
Fri, 29 Dec 2023 11:44:34 GMT
server
AmazonS3
etag
"c39b385dcc12f2829efcd83fd70f4af8"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
inCF83r74xEGlwkJ-Zfmem287wSSeoB5QshXuXGfy_ZAXCupqXGmkA==
popover.js
a.mailmunch.co/app/v1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/popover.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 19:28:18 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
48932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Fri, 29 Dec 2023 11:44:33 GMT
server
AmazonS3
etag
"9fe7ef73dcab81a1619d9318da0bcb06"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
rp3F51p4xz5iKDUfFr2oHIHFN5MyYdMm4y4nWbnZyWQMx-lpbxf2HQ==
index-1703210416.html
a.mailmunch.co/forms-cache/103219/661249/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/661249/index-1703210416.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d1c1f074f56ec8caa2fe0f67c0933719bb6fe52ca11b3f6751ae62059404827

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:04:45 GMT
content-encoding
gzip
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
974595
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 02:00:22 GMT
server
AmazonS3
etag
W/"ccbec341289c7af29616d0df47730246"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
EwcGErS0J_Bg6opn5Lc3WrSaMSf8XGTgBB9QWkC8xaRnJDrRmtn6aQ==
index-1703210416.html
a.mailmunch.co/forms-cache/103219/461061/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/461061/index-1703210416.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
584ac38a54a8e9268303d5b2f97f804a9f5122543515f28d81f6a6065d912fe4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:04:35 GMT
content-encoding
gzip
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
974605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 02:00:22 GMT
server
AmazonS3
etag
W/"645e32cfbe3eaabbebee87faef123c4a"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
m9V0VSVGzjRC8L9Ez-gjGWjBzH0aKcIMO6K41o1x-zpM93e8DmZvWQ==
index-1636686647.html
a.mailmunch.co/forms-cache/103219/134107/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/134107/index-1636686647.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee522edff65917a2a6bf73db010b8de5a7bd6a7c8e0dccd5ef39b0b28302e42

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 12:13:03 GMT
content-encoding
gzip
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
8886897
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 08 Sep 2023 01:01:55 GMT
server
AmazonS3
etag
W/"94c488548929c004f366b27e5804be64"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
JlgdQsI3IfCJ1v1MDv5N4VlkZ0BWU2P2OCCl39ie7a9zTKvrKKTL0A==
index.css
a.mailmunch.co/v2/themes/mailmunch/postman/embedded/ Frame 8CE8 		104 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/postman/embedded/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
966360a88a7e084cfc9cb1372ab8443618fa9a8fa8bd89afeb0f67aff0c37452

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 23:35:19 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
121528
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:09:30 GMT
server
AmazonS3
etag
W/"d9b29476c301e4766e8adb02f005e0b0"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
XS3-gAKN-zGyXgGh_k2aEx2rVN0ZSAJlGzOfZAa8Ja7PG7agekiHzQ==
index.css
a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/ Frame 5086 		104 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
561d75b69f4c05ef2d7335bfc99a1f0cad36d53cdc96d58e506426bc7b18c4dc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 02:12:21 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
23766
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:09:10 GMT
server
AmazonS3
etag
W/"dab3e654d6bf25d48b431a3755957c27"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
-yD04eOzJXJ5nU5vTVJUVOjCWhSpyvvilq-2pcxQ9W3WyBFr8GmPzQ==
index.css
a.mailmunch.co/v2/themes/mailmunch/postman/popover/ Frame AA35 		106 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b10da3db8bd92838051a2f554d6d8dab5603d0367606f74610f901b0f18da4ee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 20:12:54 GMT
content-encoding
gzip
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
131706
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:09:20 GMT
server
AmazonS3
etag
W/"d481a0d1e0fc73b9a1a61665e1e49a27"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
-WDjwNILFsD3AcM4Ncl3yIFHWpM2XRkKO2ikHCC0q7ZJS-Xk4V42Sw==
css
fonts.googleapis.com/ Frame 8CE8 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/postman/embedded/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
0f6fa7a0a74259565845d52c122faf5cbcb04b6fea5d027b5731e8e0a59378e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 08:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 08:45:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 08:47:59 GMT
css
fonts.googleapis.com/ Frame 5086 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
0f6fa7a0a74259565845d52c122faf5cbcb04b6fea5d027b5731e8e0a59378e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 08:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 08:47:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 08:47:59 GMT
css
fonts.googleapis.com/ Frame AA35 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
0f6fa7a0a74259565845d52c122faf5cbcb04b6fea5d027b5731e8e0a59378e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 08:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 08:44:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 08:47:59 GMT
truncated
/ Frame 8CE8 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8CE8 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 8CE8 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:25:18 GMT
x-content-type-options
nosniff
age
440561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:25:18 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 8CE8 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 08:55:27 GMT
x-content-type-options
nosniff
age
345152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 08:55:27 GMT
truncated
/ Frame 5086 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5086 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 5086 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:25:18 GMT
x-content-type-options
nosniff
age
440561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:25:18 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 5086 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 08:55:27 GMT
x-content-type-options
nosniff
age
345152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 08:55:27 GMT
truncated
/ Frame AA35 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AA35 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AA35 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame AA35 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:25:18 GMT
x-content-type-options
nosniff
age
440561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:25:18 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame AA35 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 08:55:27 GMT
x-content-type-options
nosniff
age
345152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 08:55:27 GMT
edgekit.min.js
cdn.edkt.io/7dDzS0/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/7dDzS0/edgekit.min.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:20:41 GMT
content-encoding
gzip
age
30438
x-guploader-uploadid
ABPtcPoSUoDuAr7YZUyJXI7EVTvMQzltc_vaaD8ilFL3dE9dL9u7c7yhXLmei8Y1h7uYCcbJvKo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7874
last-modified
Wed, 20 Dec 2023 18:07:29 GMT
server
UploadServer
etag
"378af5009c90d64bac9f8719e9718fee"
x-goog-generation
1703095649248952
x-goog-hash
crc32c=o282cQ==, md5=N4r1AJyQ1kusn4cZ6XGP7g==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7874
accept-ranges
bytes
expires
Wed, 03 Jan 2024 00:20:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 18:40:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
50867
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 31 Dec 2024 18:40:12 GMT
index-monitoring-bbdc39c.js
cdn.pbstck.com/ 		183 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-monitoring-bbdc39c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.0.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802e9028483930a2cf1e6cc857183b4404451e72ec9e555845612bacdeec2490

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
Z32N4T5G954MV2XG
age
1674655
alt-svc
h3=":443"; ma=86400
x-amz-id-2
chmLqza2pMQJg7yOXcKEElx/aoha0Ns20azkZ6ffzh0PZxMifogWWc8lp/7JDHVThIGesbwh8CU=
last-modified
Wed, 13 Sep 2023 12:21:10 GMT
server
cloudflare
etag
W/"a84705dc4e55d0ff74ca5e1edefba3dd"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
83f1bd92ae333fc9-SIN
index-refresh-bbdc39c.js
cdn.pbstck.com/ 		148 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-refresh-bbdc39c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.0.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf9bb26263ea7f5b18ab30b3d6c86f7df14c3a0d97cb5a67eea10b485f4d338

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
6MCZBAH4WMFS2B7S
age
3039213
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8OzK7ECgAAxebd9kNWBQrDQ9LmGxz12XvuourLKRHjiPIWZw88hIJeYO7bqSA1n4t5ucua7qwMM=
last-modified
Wed, 13 Sep 2023 12:21:10 GMT
server
cloudflare
etag
W/"530f4687c9db064d9c81999237c5da8e"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
83f1bd92ae323fc9-SIN
collector-0ccdd4d.js
cdn.pbstck.com/ 		61 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/collector-0ccdd4d.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.0.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a134ac6c07dce8e5b5615f1948862b46cb25e2e621d45371b2dc5dadb16684

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
C8JJ907WH0T7S5PM
age
2414739
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xPxbyAeD8Me4pczyij5uVxqO/GfBYbn/TCCiuZqPb89+se+1ESQPaowN/xHFF6amQH/Xo8Sf/H0=
last-modified
Tue, 05 Dec 2023 09:00:16 GMT
server
cloudflare
etag
W/"63b07b193fc7478613fa5ca4add77259"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
83f1bd92ae343fc9-SIN
/
analytics.mailmunch.co/event/ 		35 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.mailmunch.co/event/?site_id=103219&widget_id=661249&event_name=views&cache=1704185280119&referrer=https%3A%2F%2Fwww.betootaadvocate.com%2F&visitor_id=98922869-60d1-4d91-b5ed-508ed278fc6b
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:01 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
X-Powered-By
Express
Transfer-Encoding
chunked
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704185281&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=4H%2FS9Xl%2FQf3%2F6wbGR9IgH45rIYPLDy9fb6hI4zbQPqI%3D"}]}
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1704185281&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=4H%2FS9Xl%2FQf3%2F6wbGR9IgH45rIYPLDy9fb6hI4zbQPqI%3D
/
analytics.mailmunch.co/event/ 		35 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.mailmunch.co/event/?site_id=103219&widget_id=461061&event_name=views&cache=1704185280121&referrer=https%3A%2F%2Fwww.betootaadvocate.com%2F&visitor_id=98922869-60d1-4d91-b5ed-508ed278fc6b
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:00 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
X-Powered-By
Express
Transfer-Encoding
chunked
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704185280&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=eUmskv1yMIIpar0%2B9bwRW3%2BNXpCZleo19Hd45S6qwuo%3D"}]}
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1704185280&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=eUmskv1yMIIpar0%2B9bwRW3%2BNXpCZleo19Hd45S6qwuo%3D
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-variant,x-sdk-variant-source,x-sdk-version,x-shopify-storefront-access-token
Access-Control-Request-Method
POST
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type, X-SDK-Variant, X-SDK-Variant-Source, X-SDK-Version, X-Shopify-Storefront-Access-Token, Shopify-Storefront-Private-Token, Shopify-Storefront-Buyer-IP, Shopify-Storefront-Id, Shopify-Storefront-S, Shopify-Storefront-Y, Shopify-Storefront-Extension-Token, Custom-Storefront-Request-Group-ID, shopify-core-canary
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f1bd923d583f62-SIN
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:00 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aK%2FfA1gUY08uz6YspzYE7ZrZLdVyqcAr7WX33obMPdkyqFh19b1WaJ3fusg3Pv4%2F45vJo%2BmfjQNh5iJR1v%2F6aIihLdpaWP6H1G%2FrSoa5niAHFEidMQXxWi17hd6rbezBpTVAfe41ssZOLOpRZlUWlKU8ArO0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=4, db;dur=2, asn;desc="9506", edge;desc="SIN", country;desc="SG", servedBy;desc="jq2p", requestID;desc="9e10cbb6-e330-49cc-98bc-2603b20696c9" cfRequestDuration;dur=253.999949
vary
Accept-Encoding Accept
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
9e10cbb6-e330-49cc-98bc-2603b20696c9
x-shardid
135
x-shopid
7278065
x-shopify-stage
canary
x-sorting-hat-podid
135
x-sorting-hat-shopid
7278065
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
P1033346_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 3BB2 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg?v=1607652906
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
dcad94b6a32ec5030d3516820428da0de61a374e46c97d555b087a78e0ab004a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
source-type
image/jpeg
server-timing
imagery;dur=252.260, imageryFetch;dur=60.075, imageryProcess;dur=189.262;desc="image", cfRequestDuration;dur=90.999842
source-length
2225628
content-length
16552
x-xss-protection
1; mode=block
x-request-id
f8add365-1d93-46f3-9174-c42d768cd8cb
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Dec 2023 14:53:32 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkB%2B7Oxe1cka6nbqxjssivGxapNbolfeDp%2BHOdqYdx%2FVSp3u7x0RhvXNW%2BfL6XrNFTy7oxGaVgzW8C0LTFLWXd2DXIWAvwwxm5Ar64SDfs2HI5i4OP9gBl4Dd9kPNFfHjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg>; rel="canonical"
cf-ray
83f1bd931a71469d-SIN
P1022786_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 3BB2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg?v=1676599195
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
c6700c5a885f3443c90d50a4281ab9038d374b8c5edcfe6d7e3f5aa7e1870b7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
source-type
image/jpeg
server-timing
imagery;dur=298.914, imageryFetch;dur=81.625, imageryProcess;dur=214.758;desc="image", cfRequestDuration;dur=26.999950
source-length
588152
content-length
18298
x-xss-protection
1; mode=block
x-request-id
5919d043-a157-4780-8ee4-ac7f036ab98e
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 05:26:05 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChcUfbNBqZOrt9s5DEkDQ5wEBE3ZEPTeaN5hOF2VKS0%2Fw5mCkPt2I6AckNbYv37xZWyvE1BDcGz0DjZPZgQiGHvKRj3g%2F57Yi1S4Axe6jNNEZ3uyWTrsZvgkeo2aHOavJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg>; rel="canonical"
cf-ray
83f1bd931a70469d-SIN
DugongsHat2_550x825.png
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 3BB2 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png?v=1657243227
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b919dcb87ce9dd2e66882154d391c80a6f91ee4ba3d352fa88657729d61cd6c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
source-type
image/png
server-timing
imagery;dur=437.477, imageryFetch;dur=124.950, imageryProcess;dur=311.911;desc="image", cfRequestDuration;dur=19.999981
source-length
3113548
content-length
19474
x-xss-protection
1; mode=block
x-request-id
7eacef95-39c1-4e6a-8b53-4b951adffb86
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 25 Nov 2023 22:27:25 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFxw3I2HBbTEb5y%2BhUSCnOtxEO7vysnxqYjxRXKybXgUP2FeIQKBgT0fu%2Faq3pQKVoNRiLdQk0UMlCSSVmDG2Mb73m2HszdCnJa0ivCpnhhowloJbbFcf1Y6hTLLJuIPng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png>; rel="canonical"
cf-ray
83f1bd931a6d469d-SIN
2500x2500OutNow_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 3BB2 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg?v=1669697473
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b4351bb8f000ae7aa9d6a168799c09e57a49e6564520b5f25be3488b5075513a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
556086
source-type
image/jpeg
server-timing
imagery;dur=429.856, imageryFetch;dur=173.143, imageryProcess;dur=256.141;desc="image", cfRequestDuration;dur=17.999887
source-length
4219545
content-length
83632
x-xss-protection
1; mode=block
x-request-id
1edb0255-2232-44d3-b1a2-8811b28178ec
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 04:40:08 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgPwlUU43vMS3CCtC%2BUpcERGTSqdi0345LQnU%2BCKeud9jOrZLajWmRh1YyV6qMLxb45xowQAtSeXTrXmxYpmxkVy2BT%2B7f2fXLyVv4LAcnNgawOnZDSRXBoH7mLiMhNfvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg>; rel="canonical"
cf-ray
83f1bd931a6f469d-SIN
P1033346_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg?v=1607652906
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
dcad94b6a32ec5030d3516820428da0de61a374e46c97d555b087a78e0ab004a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
0
source-type
image/jpeg
server-timing
imagery;dur=252.260, imageryFetch;dur=60.075, imageryProcess;dur=189.262;desc="image", cfRequestDuration;dur=200.000048
source-length
2225628
content-length
16552
x-xss-protection
1; mode=block
x-request-id
f8add365-1d93-46f3-9174-c42d768cd8cb
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Dec 2023 14:53:32 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN5udvcc4jnF%2FKPztNxrqF6%2FZwtBdeqCIbIn3glfX4aBCqBCrQdN2andPx%2BpqO0hFrIImX1nR8J9WZePMx11FOLpO1rNcXmzkjfS3zbUqmSMt2adL%2FdwrPXGdNplnpif%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg>; rel="canonical"
cf-ray
83f1bd931a72469d-SIN
P1022786_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg?v=1676599195
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
c6700c5a885f3443c90d50a4281ab9038d374b8c5edcfe6d7e3f5aa7e1870b7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
0
source-type
image/jpeg
server-timing
imagery;dur=298.914, imageryFetch;dur=81.625, imageryProcess;dur=214.758;desc="image", cfRequestDuration;dur=37.000179
source-length
588152
content-length
18298
x-xss-protection
1; mode=block
x-request-id
5919d043-a157-4780-8ee4-ac7f036ab98e
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 05:26:05 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LozoC%2BAJZ6Z6HcK%2BDCapVVMcNcjDE0p201R%2BFcW5CGv0Gmy1NCbCCH6UI%2FIJC2Um%2FkTaa0ZcdvwKeLSDClroHt2YovUTo5fHWQln6BuY0D4L1yRqaVg8sd5ka5vP7eeKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg>; rel="canonical"
cf-ray
83f1bd931a74469d-SIN
DugongsHat2_550x825.png
cdn.shopify.com/s/files/1/0727/8065/products/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png?v=1657243227
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b919dcb87ce9dd2e66882154d391c80a6f91ee4ba3d352fa88657729d61cd6c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
0
source-type
image/png
server-timing
imagery;dur=437.477, imageryFetch;dur=124.950, imageryProcess;dur=311.911;desc="image", cfRequestDuration;dur=14.999866
source-length
3113548
content-length
19474
x-xss-protection
1; mode=block
x-request-id
7eacef95-39c1-4e6a-8b53-4b951adffb86
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 25 Nov 2023 22:27:25 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PckHw91PWd4xEwwUw7OxcV%2BpnHNHN4YnZPn%2FDdzS0fKMMsUeH6u%2FdiA1OIsAiyOxGBK0dpWqcg1TlpJDcUWFr23QiX59Fre09b86lp6VT45RgXRZ9H33cvSxMaAWV%2BktDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png>; rel="canonical"
cf-ray
83f1bd936b01469d-SIN
2500x2500OutNow_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg?v=1669697473
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b4351bb8f000ae7aa9d6a168799c09e57a49e6564520b5f25be3488b5075513a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
556086
source-type
image/jpeg
server-timing
imagery;dur=429.856, imageryFetch;dur=173.143, imageryProcess;dur=256.141;desc="image", cfRequestDuration;dur=12.000084
source-length
4219545
content-length
83632
x-xss-protection
1; mode=block
x-request-id
1edb0255-2232-44d3-b1a2-8811b28178ec
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Dec 2023 04:40:08 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=697NkFYAnStvK9kbB2mk4SInV5Kjyzsj%2BqRJUF6UBB30sEbz9IO7GFWd4RNE2TyMQAwp5GaH0LQPhWP%2BRT%2BTulBRsE6aJcGrjb5xxcBp%2FQulZvcXaPrUk6q2MMJxaCNAsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg>; rel="canonical"
cf-ray
83f1bd936b07469d-SIN
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ 		171 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
aa338f9f28f12ceffb790ce01497cb31c32a8265f59a82fce44b56ea6af525eb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-SDK-Version
2.20.0
Accept-Language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-SDK-Variant
javascript
Content-Type
application/json
Accept
application/json
X-Shopify-Storefront-Access-Token
adf38735c8f633a344c8351cf196609f
Referer
https://www.betootaadvocate.com/
X-SDK-Variant-Source
buy-button-js

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
x-shopify-api-version
2023-07
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-cache
hit, server
server-timing
processing;dur=17, db;dur=7, asn;desc="9506", edge;desc="SIN", country;desc="SG", servedBy;desc="kk9m", graphql;desc="storefront/query/other", requestID;desc="d1a19244-4035-4e7d-9482-07a81a151ffe", cfRequestDuration;dur=247.999907
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
7278065
x-request-id
d1a19244-4035-4e7d-9482-07a81a151ffe
x-shardid
135
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
7278065
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcOEGvWpTWd5zu8sihu7mgvlyJhPub556bZe%2FIqeOm0yUkcWEqtqSXrWMlFoWYFRertuEVtuiLN26WVUOZkLZ4EPhDcGVAJszpcUV3ukVkQQ2QEp7kiF9TrtDREjJrpo%2B3xhWnH%2FVSUPNGgjzNJGnA8UiHql"}],"group":"cf-nel","max_age":604800}
content-language
en
x-download-options
noopen
cf-ray
83f1bd93e8c43f62-SIN
x-sorting-hat-podid
135
produce
monorail-edge.shopifysvc.com/v1/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.229.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
135.229.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
via
1.1 google
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
0c75ecac-3c25-4aea-8d5c-1d90eafff406
d280555d-43c9-4617-8a74-e00bdddc2217.json
refresh.pbstck.com/ 		25 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://refresh.pbstck.com/d280555d-43c9-4617-8a74-e00bdddc2217.json
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.0.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428d5ff7d482c7a121619b0fbcd931ffc8ae96a116c342b87ae51539708e5538

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
D917HGEC4S7QKRPT
alt-svc
h3=":443"; ma=86400
x-amz-id-2
V46PU7GfRW9in5CtA/1DoX2rFo3LWYIfBE9VID+G5fj/9MpsE+AwtU2K6ntWru49545f03LDcz8=
last-modified
Wed, 13 Dec 2023 22:30:30 GMT
server
cloudflare
etag
W/"9c4017ce73cd0e9f81195d76230a9c0b"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=14400
cf-ray
83f1bd932edd3fc9-SIN
cmp2.js
cmp.inmobi.com/tcfv2/ 		158 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.betootaadvocate.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-20.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:47:44 GMT
content-encoding
br
via
1.1 c49128c626a54e52d9677041ba76a534.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
17
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 06 Dec 2023 23:27:11 GMT
server
AmazonS3
etag
W/"996d26bedab319e9c7d582033f52619f"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
-eJ7aKkIHg2WgCca7-MDK9OmHwF9xJ6J7j-19zsf1nkpHdpO05kZ8A==
localstore.js
script.4dex.io/ 		483 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:01 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
369756
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNSAm7ECD6Iu%2BqcuHOGEypqyudI1EKfZ3iDNf0KMv1mGmpudxMZYkvRUqnEIp0krWZQXbuVhekFRcdD%2Fo13yKuQ2cEk%2Bgcq1KvfoFE5QPkImsO0wgK7MQ9GuSgb4Rtsx"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
83f1bd96c8a03de2-SIN
index.html
cdn.edkt.io/check/ Frame CA30 		163 B
462 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3de06d17189e15796e7e8f2640a21b655c2d1562e0fdb88df501f9f3138ad42b

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
46477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
163
content-type
text/html
date
Mon, 01 Jan 2024 19:53:23 GMT
etag
"47b2c3a6d225cdc377a1def2926ff28f"
expires
Tue, 02 Jan 2024 19:53:23 GMT
last-modified
Wed, 20 Dec 2023 18:08:06 GMT
server
UploadServer
x-goog-generation
1702391484337339
x-goog-hash
crc32c=WnJJJw== md5=R7LDptIlzcN3od7ykm/yjw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
163
x-guploader-uploadid
ABPtcPoZ8UYW-ilPmtQFwiOOsCwPzOF_hnCSvKp8-boBFxrui8im6BAWxAa9DaUA93acGoNel1t2h2_USw
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-21.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:43:08 GMT
content-encoding
gzip
via
1.1 0afae887d1f4306bda4c7ef1dea46b9a.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
36293
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
xCePRRdWuCZ_Ed7_icv6KuuiuZJsCq16D7Cda7bmJqAs-Mw1kfY2mA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-89-72.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 02 Jan 2024 01:30:10 GMT
Via
1.1 60781892a5625d9f8980c3ca1b8660a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN2-P2
Age
26272
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
3HQrEdmfN4lYwCDIvsw8DBGcHlVOVY6e8kBHmrW0vFzmnLhyBc3KPA==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 08:48:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
1248
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-qpg1251-QPG
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 23:16:00 GMT
content-encoding
gzip
age
725520
x-guploader-uploadid
ABPtcPrE_PgYOyevw86z9U63_JKrJG1X4VRo9tUvMC3-B7I5OIbypL4ZdLqxhdPRQXzdmGn972Yp2epxZg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 23 Dec 2024 23:16:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 08:48:01 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:40 GMT
server
cloudflare
age
477755
etag
W/"65833ec4-2d18"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f1bd9509b26017-SIN
expires
Fri, 05 Jan 2024 08:48:00 GMT
bid
s.seedtag.com/c/hb/ 		11 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704185280758&to=-480&aun=div-gpt-ad-1667393323304-0&pubcid=041af77d-d2c1-4e33-b0c5-c6ec5d48f569&t=be3eij5e&pi=2&gdprApplies=0&schain=1.0%2C1!snack-media.com%2CSNM_2980%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.betootaadvocate.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.betootaadvocate.com%2F&ns=10240
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.31.211 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-31-211.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
25e5b4968e452c220bf79304e9227cefb454b2148758a803f4d27a22a5b51fc2

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		248 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ac5bc3d42e95e3b8c86daa42653e3a6922d0b5a9a1f36e04721e69a38ffa430c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:00 GMT
an-x-request-uuid
fee1b708-6067-4c22-a48c-b29eab5c724f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
248
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 02 Jan 2024 08:48:01 GMT
c
prebid.a-mo.net/a/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
fbd75ec890cb1d8ac4303161022edc5d5c361a54725d32fb293572e877fe1b3e

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
89
content-length
538
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1704185280771
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.177.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-177-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
928b32acd96edf814334c8e140ab7f46b6a80f2891434a6e1d9a4ad3bb757597

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Tue, 02 Jan 2024 08:48:01 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		338 B
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11106&site_id=118386&zone_id=2873482&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!snack-media.com,SNM_2980,1,,,&eid_pubcid.org=041af77d-d2c1-4e33-b0c5-c6ec5d48f569%5E1&rf=https%3A%2F%2Fwww.betootaadvocate.com%2F&tg_i.domain=betootaadvocate.com&tg_i.page=https%3A%2F%2Fwww.betootaadvocate.com%2F&tk_flint=pbjs_lite_v8.20.0&x_source.tid=2823652a-5d35-4b05-b71a-8f43b784538d&l_pb_bid_id=165377a2cb445dd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0086e1d6-5766-483e-a1c4-b6de27e366be&rp_maxbids=1&slots=1&rand=0.09862515748840783
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
719a236d6524155eca8905f401750a035ae0372d2c7d971356dd6f9f96aeffca

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		315 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11106&site_id=118386&zone_id=2873482&size_id=2&gdpr=0&rp_schain=1.0,1!snack-media.com,SNM_2980,1,,,&eid_pubcid.org=041af77d-d2c1-4e33-b0c5-c6ec5d48f569%5E1&rf=https%3A%2F%2Fwww.betootaadvocate.com%2F&tg_i.domain=betootaadvocate.com&tg_i.page=https%3A%2F%2Fwww.betootaadvocate.com%2F&tk_flint=pbjs_lite_v8.20.0&x_source.tid=2823652a-5d35-4b05-b71a-8f43b784538d&l_pb_bid_id=17082b775977fad&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8a230bd5-523e-4c4e-90d5-ce3c00459450&rp_maxbids=1&slots=1&rand=0.2685078276756523
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
516b82ba6258e1d7fd91513504b2a3d4d3c9cba9082633f1d16aeb3a5f41224d

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
315
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=905384
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88f999464deea967047392a7a08ac5799155fbf40e63c6f99c8496be21086aa

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsyJLfbEuxwtwW7vzzfjP1%2FfSQz4LdDeqtSC88%2FXGiyVfBxxcG7CRxdyIaxBMnzShkQLpRugRd15N74rNaxBkLeZHX%2BWpqaDpnTFW8RkDK%2FDYiXxLRGUm%2BXpnVw1eN7Q6dsLoqLc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83f1bd955963405f-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
b967e61616e1b2654e2e0a4adc38963397330e74104b3058fbdc3671be92e70f

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:48:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Tue, 02 Jan 2024 08:48:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
763 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.20.0&referrer=https%3A%2F%2Fwww.betootaadvocate.com%2F&tmax=3000&gdpr=false
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.10.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-10-176.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
29
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prober.html
cdn.edkt.io/check/ Frame CA30 		235 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/prober.html
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/check/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
38a94dca5d95c210a670a327db5f38030f7b42da54d7ee832a3dd77265b249a0

Request headers

Referer
https://cdn.edkt.io/check/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
72380
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
235
content-type
text/html
date
Mon, 01 Jan 2024 12:41:40 GMT
etag
"a4b889b9bfd92bab5cf5d117cc7d6cd0"
expires
Tue, 02 Jan 2024 12:41:40 GMT
last-modified
Wed, 20 Dec 2023 18:08:07 GMT
server
UploadServer
x-goog-generation
1703095687324716
x-goog-hash
crc32c=WnrwwA== md5=pLiJub/ZK6tc9dEXzH1s0A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
235
x-guploader-uploadid
ABPtcPpea5KCPUe93v4o6QpfFiWL1_zGI9UYfkOzt9YzCwfSs73nCw_GQmr3050oTdzgUtyevg
map
bcp.crwdcntrl.net/6/ 		235 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.194.25 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
227ca39844920b0d66ca72b9dff9440d853efc6241423d54b0de4e978cee2ca4

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache
x-server
10.42.29.203
access-control-allow-credentials
true
content-length
235
expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/7dDzS0/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51270
x-xss-protection
0
server
cafe
etag
8718844908200143372
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 08:48:01 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
24ed25142796cc746b1347ecffd7f8baa4f16d81fffdddbca11f5e8c2a3916cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-b2zPo5RWSAXgAhFwhAcj7xe764Y"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.betootaadvocate.com
location
/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:01 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
431737
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCUYccIHPHEPc7SVQINek2jzHPEnazQuYB4FiSKAUwxDmYEidrjf99f0Sb5Pa8QZpbyAitGtl2TsUvsNHeiyFqI%2FKkzRKWxEfULEviFPuX9l1p3%2BvSUVyRrRRe9pCMyb"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
83f1bd991f253f6c-SIN
syncframe
gum.criteo.com/ Frame B808 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:48:00 GMT
server
Kestrel
server-processing-duration-in-ticks
676953
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
pd
google-bidout-d.openx.net/w/1.0/ Frame 18D5 		615 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8c4666657c89669c936d114a1ebfcf66c7f56113857f788dad3830e6a586f296

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
379
content-type
text/html
date
Tue, 02 Jan 2024 08:48:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 18D5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0&gdpr_consent=
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=5bae609d-9fe3-7957-deb9-df9a671f59a1&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 08:48:01 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 18D5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZPNwcCo5swAAPrW-nYAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZPNwcCo5swAAPrW-nYAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 02 Jan 2024 08:48:01 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"220.255.107.253","key":"ZZPNwcCo5swAAPrW-nYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad342"}
X-SO-Key
ZZPNwcCo5swAAPrW-nYAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad342
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZPNwcCo5swAAPrW-nYAAAAA
Cache-Control
private
X-SO-HostName
m-ad342.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-IP
220.255.107.253
sd
jp-u.openx.net/w/1.0/ Frame 18D5
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab1Up4Fz0FO2ks8AEDxkG0XDE88AAAGMyVu8xA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab1Up4Fz0FO2ks8AEDxkG0XDE88AAAGMyVu8xA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Ab1Up4Fz0FO2ks8AEDxkG0XDE88AAAGMyVu8xA
cache-control
no-cache
content-length
0
x-amz-cf-id
mFs49aFeawdhpC84ZgjLVym0QqCbEmK5wJ3oTEJQbdyN-ix-cQ92gQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 18D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdjMWIzNTctNTY5NC0yN2YzLWNiNTktODUyM2FkZmQ5N2Mx
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdjMWIzNTctNTY5NC0yN2YzLWNiNTktODUyM2FkZmQ5N2Mx&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdjMWIzNTctNTY5NC0yN2YzLWNiNTktODUyM2FkZmQ5N2Mx&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdjMWIzNTctNTY5NC0yN2YzLWNiNTktODUyM2FkZmQ5N2Mx&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 18D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELMRuTt773b_46EC2NnKVpo&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELMRuTt773b_46EC2NnKVpo&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELMRuTt773b_46EC2NnKVpo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1905111820770339&correlator=2058854661008081&eid=31080129%2C31080057%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6428571%3A91222893%2Cbetootaadvocate.com-Unit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704185281494&lmt=1704182320&adxs=315&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.betootaadvocate.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1683639413.1704185278&ga_sid=1704185282&ga_hid=923124473&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDk1M2JkODcwY2QxZjI4YThiOTY5NmRjM2YzNjMxODVjYTAyYzE3NWFmYWIyNzgyOWM2YzZiNjQzOGE2MTllM2IYpPPuyswxSAASGwoMMzNhY3Jvc3MuY29tGNfx7srMMUgAUgIIZBI7CgpwdWJjaWQub3JnEiQwNDFhZjc3ZC1kMmMxLTRlMzMtYjBjNS1jNmVjNWQ0OGY1NjkY0PTuyswxSAASHQoOZXNwLmNyaXRlby5jb20Y1_HuyswxSABSAghkEhkKCnVpZGFwaS5jb20Y1vHuyswxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWFVRktabmhFV210U2NVTkZZbmhrZVVGNmFIRllRVDA5SW4wPRjX9u7KzDFIAA..&dlt=1704185274464&idt=5513&cust_params=testgroup%3D31&adks=2520725984&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
855a9fb612f660dc3bf968d6eba5fd6e4f5112bd44ff96c4aadccb6b0892695e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14311
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1905111820770339&correlator=2058854661008081&eid=31080129%2C31080057%2C31079525%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6428571%3A91222893%2Cbetootaadvocate.com-Desktop-Sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704185281516&lmt=1704182320&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.betootaadvocate.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=1683639413.1704185278&ga_sid=1704185282&ga_hid=923124473&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDk1M2JkODcwY2QxZjI4YThiOTY5NmRjM2YzNjMxODVjYTAyYzE3NWFmYWIyNzgyOWM2YzZiNjQzOGE2MTllM2IYpPPuyswxSAASGwoMMzNhY3Jvc3MuY29tGNfx7srMMUgAUgIIZBI7CgpwdWJjaWQub3JnEiQwNDFhZjc3ZC1kMmMxLTRlMzMtYjBjNS1jNmVjNWQ0OGY1NjkY0PTuyswxSAASHQoOZXNwLmNyaXRlby5jb20Y1_HuyswxSABSAghkEhkKCnVpZGFwaS5jb20Y1vHuyswxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWFVRktabmhFV210U2NVTkZZbmhrZVVGNmFIRllRVDA5SW4wPRjX9u7KzDFIAA..&dlt=1704185274464&idt=5513&cust_params=testgroup%3D31&adks=4188313527&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
7d269437b016a4c55782cb76e5f07d09a19b9e75909891e5889585d64bbbdd3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21981
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A5E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:48:01 GMT
expires
Wed, 01 Jan 2025 08:48:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame B808 		462 B
573 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=betootaadvocate.com&sn=ChromeSyncframe&so=0&topUrl=www.betootaadvocate.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5054ef0fb19c01698578e251584c1e47f82cf88eb69cba038f4ddbdee460ed67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1395116
expires
0
container.html
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC68 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:48:02 GMT
expires
Wed, 01 Jan 2025 08:48:02 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auction
intake.pbstck.com/v1/intake/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?tId=d280555d-43c9-4617-8a74-e00bdddc2217&c=2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.0.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 08:48:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83f1bd9d9d393fc9-SIN
alt-svc
h3=":443"; ma=86400
bl-ed6e5a5-f4205783.js
tagan.adlightning.com/valnet-snackmedia/ Frame EC68 		65 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/bl-ed6e5a5-f4205783.js
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-110.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f26191cfd3aef0f16f81a7277021628731cf074a2126a096a20c14ee0e9cacb2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:42:34 GMT
content-encoding
gzip
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
x-amz-version-id
_bZy0ueqLXHDAcOhX6qSHn3X2Fvir4nS
x-amz-cf-pop
SIN2-P2
age
25528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28386
x-amz-meta-git_commit
ed6e5a5
last-modified
Tue, 02 Jan 2024 01:40:16 GMT
server
AmazonS3
etag
"bd6d7df6ea7f832c8d02ce1471f262ea"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gX0tnXvwYT4kVs1LXtAq5tcgqWAFhGKRbZUlCpyT6uynHHleiEd0ig==
b-ed6e5a5-f14e3344.js
tagan.adlightning.com/valnet-snackmedia/ Frame EC68 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-110.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b18cb4de3cb893295b438e4ab5cebdcb5b6ca1e79e8be22d40c5366ecec3b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 15:43:56 GMT
content-encoding
gzip
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
x-amz-version-id
zRZj8aTc5kxHhPSIW0t1yqe89G23gVTR
x-amz-cf-pop
SIN2-P2
age
320646
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26804
x-amz-meta-git_commit
ed6e5a5
last-modified
Fri, 29 Dec 2023 15:43:44 GMT
server
AmazonS3
etag
"2ad4edeeb3f5e06e6a37c5c6eb2e36e0"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kHs4vjtbawe4Efc3fKjMDxoxlU81cnwIUuwjdmfn95BXLm7cTg04cQ==
nmedianet.js
contextual.media.net/ Frame EC68 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUL26IV2&ydspr=1
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e815d1c163b77de570acdbbc72f9c10c5e1b8d246d158fc219670c8b873b1bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
22-5h9m
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 02 Jan 2024 08:48:02 GMT
server
Apache
etag
"55b5d2a5d6cfba835c0a7078c7788f1e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
36442
expires
Tue, 02 Jan 2024 08:53:02 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame EC68 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 02 Jan 2024 08:48:02 GMT
x-guploader-uploadid
ABPtcPpi-npoJB9VzHfVnPDnzh2vfYeFMMx5EpUjE2s0JkjCVVrmbG0CaJC-MnCaQZq4nXe6Fz8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Tue, 02 Jan 2024 09:48:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EC68 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 05:33:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
11653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 05:33:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EC68 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:33:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 08:33:20 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC68 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
26892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Jan 2025 01:19:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC68 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 08:48:02 GMT
b-ed6e5a5-f14e3344.js
tagan.adlightning.com/valnet-snackmedia/ Frame D652 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-110.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b18cb4de3cb893295b438e4ab5cebdcb5b6ca1e79e8be22d40c5366ecec3b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 15:43:56 GMT
content-encoding
gzip
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
x-amz-version-id
zRZj8aTc5kxHhPSIW0t1yqe89G23gVTR
x-amz-cf-pop
SIN2-P2
age
320646
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26804
x-amz-meta-git_commit
ed6e5a5
last-modified
Fri, 29 Dec 2023 15:43:44 GMT
server
AmazonS3
etag
"2ad4edeeb3f5e06e6a37c5c6eb2e36e0"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
s4tTNKnmDDKpMfQlQKd8WA99nWYCzeIFtqz87QhMEdU5a0bs_IFo3w==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame D652 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 30 Dec 2023 22:45:39 GMT
age
208944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 Dec 2024 22:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D652 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 27 Dec 2023 01:55:06 GMT
age
543177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Dec 2024 01:55:06 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D652 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 27 Dec 2023 01:53:35 GMT
age
543268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Dec 2024 01:53:35 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D652 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 27 Dec 2023 01:53:35 GMT
age
543268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Dec 2024 01:53:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D652 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 30 Dec 2023 03:41:52 GMT
age
277571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 29 Dec 2024 03:41:52 GMT
css
fonts.googleapis.com/ Frame D652 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 08:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 08:06:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 08:48:02 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D652 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 23:31:22 GMT
x-content-type-options
nosniff
server
cafe
age
33400
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Tue, 02 Jan 2024 23:31:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D652 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:18:04 GMT
x-content-type-options
nosniff
server
cafe
age
16198
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 03 Jan 2024 04:18:04 GMT
l
www.google.com/ads/measurement/ Frame D652 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQg5AK0aJeIHhQoISoEYDOpGohOMb2WVSNb2ajnpVhaU6CB0foZYLFxpSfV7uR43-52-B_sVVu94Z_3aLBGX2MPrmMejg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/13760508069558242871/ Frame D652 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13760508069558242871/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
2e57e8f62f2714d6a281bfadf716a041f87aecacbbd08d894f23beffd5271ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 08:01:09 GMT
date
Tue, 02 Jan 2024 08:01:09 GMT
x-content-type-options
nosniff
age
2813
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21903
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 23:16:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame D652 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D652 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D652 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32bf80a3e850a72c08c318994024340039d08ae96f6320521e6122ec2afc58d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 4A66 		75 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3342&&kkdd=HH%7C3%7C*AnH9&Qc=!aE)!57.5.55*E75).!&h-JP=E&tDJ9=E&W-Q=!!)E&4DWF=vZ__&Wc-=583v._Yo.&WJW-=E_n)*CNcmOLYwm!UZRV7tb%3D%3D&WPc-=7!Z!))_!7&DcGF=a.5~*E&WW=6m&W1wt=AbLSuy(&Jc-=5suO_g5o)&4Jc-=28S(.H2&144JD=!&PPP=4GLf1vWXfv5mayrZTFYxCS9lxSFWv2g2y_OmSgBDEwNVv5mJ77V2KU%3D%3D&wDF=7&XU=!&0h-=)&9-4!=583))LZau&9-4.=aZa!)55_a&l-949=el~xXFw%3D!.ZEel1J%3DEelc-%3DEkE.Eel~x9wWFD4CP%3DZf.M7fZM!5fZM.Ef.el~x9Dw%3D*7E_el~xF~J%3DEel~xhcwD0%3DEel~xcw4t-%3DEel~xP1%3D)aRrnJT5AHel~xPJW%3DEE!EEEEel~xDcGF%3Da.5~*Eel~x4t9~%3D.7Eel~x4tXxD0jjc~%3D%2FeWc4V%3D6YymbsuLreWBxjX%3D.e-W%3DhWJf9J9WfDF!fle-ttx-!%3DEe-ttx-!E%3DEe-ttx-!.%3DZe-ttx-!)%3DEe-ttx-!7%3D!e-ttx-!_%3DZe-ttx-!a%3D!e-ttx-!5%3D57e-ttx-!*%3D!EEEe-ttx-.%3D2e-ttx-.!%3Df!e-ttx-..%3DEkE7e-ttx-.)%3D7e-ttx-.7%3D-Fjx-Fje-ttx-.5%3D7e-ttx-.*%3DEkEEe-ttx-Z%3DEe-ttx-ZE%3DEe-ttx-Z.%3DEe-ttx-ZZ%3DEe-ttx-Z_%3Dybe-ttx-Za%3D2e-ttx-)%3DEEe-ttx-)E%3DEe-ttx-).%3DEe-ttx-)Z%3DEe-ttx-))%3DJPC-e-ttx-)7%3DEe-ttx-)_%3DLe-ttx-7!%3DEe-ttx-7.%3DEkEEe-ttx-7_%3DEe-ttx-a%3DEe-ttx-5%3DEe-ttxX%3DEkE77e-ttxt!%3DEkE))e-ttxt!E%3D!kEEEe-ttxt!!%3DEk*5ae-ttxt!.%3D!k)!Ze-ttxt!Z%3D!kEEEe-ttxt!)%3D!kEEEe-ttxt!7%3D!kE!!e-ttxt!_%3DEkE75e-ttxt.%3DEkEZ*e-ttxt.!%3D!kEEEe-ttxt.Z%3D!kEEEe-ttxt.)%3D!kEE5e-ttxt.7%3D!kEEEe-ttxt.a%3D)e-ttxt.*%3D!kEEEe-ttxtZ%3D!kEEEe-ttxtZE%3D!kEEEe-ttxtZ.%3DEkE!Ee-ttxtZ)%3D!kEEEe-ttxtZ7%3D)kEEEe-ttxtZ_%3D)kEEEe-ttxtZ*%3D7ZkEEEe-ttxt)E%3D7ZkEEEe-ttxt7%3D!kEEEe-ttxt7!%3D)kEEEe-ttxt7.%3DEk*EEe-ttxt7Z%3DEkEa*e-ttxt7)%3D7kEEEe-ttxt77%3DEk7EEe-ttxt7a%3D!kEEEe-ttxt7*%3D!kEEEe-ttxt_%3D!kEEEe-ttxta%3D!k)E!e-ttxtaZ%3D)kEEEe-ttxta)%3D)kEEEe-ttxt*%3D!kEEEe-ttxP%3DEkEa*eFxPJt%3DEkE))eFPJt%3DEkE))e1W%3DE%20%2B%20Eec19%3DEec4VJF%3DbRqePxWW%3D6mePxcJ%3D..Ek.77k!EakEePxDW%3DE!ePlC%3D7xZePFjxWw4%3DEeDFXXFPx49hxc-%3D)!55Z!Z7.aeD4-%3D)!55Z!Z7.aeQlP%3DEeWl-J%3DEkE!!eD-%3D!ec4VJFxc-%3D!aeDFXXFPx49hxc-%3D)!55Z!Z7.aeD0JJXVx49hxc-%3De-F4FW4F-x49hxc-%3DeQcFU9lcXc4V%3DEk*eJCD%3D!eW4P%3DEkEe9Wx4VJF%3D!e9-lXB%3D)!55Z!Z7.ae9tJ%3D!eChlc-%3DEkE.EeljXP%3DEkE!EeD0c-%3D8br6rHdVGHuAb.LBuq38wSdCCqUe-4W%3D9J9WxDhe-ttxFPJt%3Dj9XDFe-tt%3D19PtCwVel-JW9J-%3DEe-9Xh%3D0wcDCw!.eDClJ%3De~c-%3DbRqfJ0lf7Za.__!.__Z_!!E7e14tX%3D!e-W04%3D)7e-Chl%3DEf!eFWJx0DF-%3DlFXCUxKE7eFWJxJE7%3DEkE.E*_)_7.)E*E.!)7.eFWJxJ!E%3DEkE)!ZZ_E7)!_!)E*_7eFWJxJ!7%3DEkE_)*Z7__!)7_*).*eFWJxJ.E%3DEkE*Z*_)Z5)a)Ea._E7eFWJxJ.7%3DEk!!_*a5!7!a__.7!Z_eFWJxJZE%3DEk!Za**!.!5_!5_Z_..eFWJxJZ7%3DEk!_ZE!55Ea5Z7E!7aeFWJxJ)E%3DEk!57)E!7_aa..!!5!ZeFWJxJ)7%3DEk.!._7Z5EE*ZZaa*_)eFWJxJ7E%3DEk.)Za_*E).!a7_5._7eFWJxJ77%3DEk.aa775)EE!Z7.77.ZeFWJxJ_E%3DEkZ!_._))aE)7*_777_eFWJxJ_7%3DEkZ7_!E*7E).5!.))*)eFWJxJaE%3DEkZ**Ea*77.!..Za!)eFWJxJa7%3DEk)7Z*5.57.a*5)5E*)eFWJxJ5E%3DEk7_!!a_5)*EEEE75aeFWJxJ57%3DEka7E.5E!*EE!a!))aeFWJxJ*E%3D!kE_7.aZ5)E7EE77aZeFWJxJ*7%3D!k5Z.a.57._ZE*!E7eFWJxJ**%3D_k.Ea!5)7ZE)Z_*E!eclW%3D!e&w4Q=E&ttt=uEHW_vKKDPSxtssGFhwvouF0~Pn)sVX6Fyd)A6JA7uVPa9zVA)nQth%3D%3D&cU=a.5&cwYjP=!&l-PY-=)_.&lc-=Z)*E_7&B44XF=69jFdP9tF%208Cw49cwFP&tWj=a_7*.&V-DJP=!&l9F=H~FyHKGhKHeH~FyHKGKKHe)FF&B94JPF=!&B94lc-=f!EZ&W9-Ct9cw=4GLf1vWXfvfA61y).f00jqJOF07dGjuPGU0)Dm(zhbmzTJKfxdnOwb%3D%3D&VJXJ=!&cDc-=7&9-Q=YwDc-FP%2081CcWFD&DDtWPxQFP=7&Jhc-=JE.!._*..Z.54.E.)E!E.E5)5&DDX-=%7B%22DDcJ%22%3A%22..Ek.77k!EakE%22%2C%22DDWW%22%3A%226m%22%2C%22DDDW%22%3A%22E!%22%2C%22DDW4V%22%3A%22Dcwh9JCPF%22%7D&14tXDPW=!&sflct=6078620&4WjxWtJ=!&ure=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f51c8dc32b26be857334ca4517f5ab9e1a0f76106c33dfee88ca931f3edd7875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
30746
content-type
text/html
date
Tue, 02 Jan 2024 08:48:03 GMT
expires
Tue, 02 Jan 2024 08:48:03 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-sgs4
bping.php
lg3.media.net/ Frame EC68 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2958&&vgd_cdv=1140&vgd_cage=10&vgd_tsce=L366&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUL26IV2&crid=513144615&vi=1704185282889058421&ugd=4&lf=6&cc=SG&lper=100&wsip=170785131&r=1704185282940&rrr=tzR-hLcl-L8G7NE3jeI_oMab_MecLTWTN6JGMWks0nKyL8Gp55yTqw%3D%3D&requrl=https%3A%2F%2Fwww.betootaadvocate.com%2F&vgde_bdata=~G-MjJzvufA9~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvAof*XoA*uWoA*f9of~G-M1QzviX9F~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvhfW-i9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjvf~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9X~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9XX~OYYMYuv9.9HH~OYYMYu9vu.999~OYYMYuuv9.iWh~OYYMYufvu.HuA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9uu~OYYMYuFv9.9XW~OYYMYfv9.9Ai~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.99W~OYYMYfXvu.999~OYYMYfhvH~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvH.999~OYYMYAFvH.999~OYYMYAivXA.999~OYYMYH9vXA.999~OYYMYXvu.999~OYYMYXuvH.999~OYYMYXfv9.i99~OYYMYXAv9.9hi~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhvu.H9u~OYYMYhAvH.999~OYYMYhHvH.999~OYYMYivu.999~OYYMLv9.9hi~JMLEYv9.9HH~JLEYv9.9HH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evff9.fXX.u9h.9~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvHuWWAuAXfh~Q7OvHuWWAuAXfh~eGLv9~NGOEv9.9uu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvHuWWAuAXfh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.i~EmQvu~N7Lv9.9~1NM75EJvu~1OGjUvHuWWAuAXfh~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov%3DK4b4Rs5lRaqKfDUatP%3DzcsmmtB~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGoXAhfFFufFFAFuu9X~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOvGJjmBM%209X~JNEME9Xv9.9f9iFHFXfH9i9fuHXf~JNEMEu9v9.9HuAAF9XHuFuH9iFX~JNEMEuXv9.9FHiAXFFuHXFiHfi~JNEMEf9v9.9iAiFHAWHhH9hfF9X~JNEMEfXv9.uuFihWuXuhFFfXuAF~JNEMEA9v9.uAhiiufuWFuWFAFff~JNEMEAXv9.uFA9uWW9hWAX9uXh~JNEMEH9v9.uWXH9uXFhhffuuWuA~JNEMEHXv9.fufFXAW99iAAhhiFH~JNEMEX9v9.fHAhFi9HfuhXFWfFX~JNEMEXXv9.fhhXXWH99uAXfXXfA~JNEMEF9v9.AuFfFHHh9HXiFXXXF~JNEMEFXv9.AXFu9iX9HfWufHHiH~JNEMEh9v9.Aii9hiXXfuffAhuH~JNEMEhXv9.HXAiWfWXfhiWHW9iH~JNEMEW9v9.XFuuhFWHi9999XWh~JNEMEWXv9.hX9fW9ui99uhuHHh~JNEMEi9vu.9FXfhAWH9X99XXhA~JNEMEiXvu.WAfhfWXfFA9iu9X~JNEMEiivF.f9huWHXA9HAFi9u~8GNvu~&ssld=%7B%22QQ8E%22%3A%22ff9.fXX.u9h.9%22%2C%22QQNN%22%3A%22bZ%22%2C%22QQQN%22%3A%229u%22%2C%22QQN75%22%3A%22Q8zy1EmLJ%22%7D&vgd_bid=349065&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9506&vgd_rakh=1704185282194295152&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_pgid=p02126922328t202401020848&vgd_pgids=1&vgd_uspa=0&hvsid=00001704185282937037077268451771&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 08:48:03 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 08:48:03 GMT
checksync.php
contextual.media.net/ Frame 44F1 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6709a8cd8e07e7c4e5d6c3c35c4758c42c972bf41d4daf9a14abf6f5be0a59bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9651
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 08:48:03 GMT
expires
Thu, 04 Jan 2024 08:48:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame EC68 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6495&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=SG&cid=8CU44R37O&reqid=53kzsiY0Ttf2OEfoUkNAIQ&vid=53kzsiY0Ttf2OEfoUkNAIQ&dn=betootaadvocate.com&rawDn=betootaadvocate.com&requrl_dn=betootaadvocate.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fwww.betootaadvocate.com&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=01&ct=singapore&zip=148943&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-7b5f7c8b78-nlblz.SG&dtc=apac_sg&zone=b&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=9506&sckfl=1&suid=CAESEBFyzBOHA2RkOXUCnMFooXw&sckfl2=0&smbrid=adx-unknown&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm7s52489QenmWY23HmkTnq2w8H5eSmqowASlhK8p0KHFPyxItGNyrUkVpLtZxea2iL9&pexid=ADX-pub-5372661266361105&geoll=false&is_ortb=false&commit_id=8fc9a08a&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-29+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=SG&ipcc=SG&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=31&req_tid_present=false&pvid=462&prvAccId=513144615&prvApiId=8CUL26IV2&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=737148867&prspt=headerBid&prvReqId=35045406969010_485984651_73714886714621&size=728x90&chnl=HARMONY&bdp=0.020&bid_uuid=5c904cc4817b2fc9076e81fa14e531a7&cbdp=0.011&og_cbdp=0.020&ogbdp=0.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.insiderchoices.net&dfpBd=0.011&dsrc=-2&dp=0&dbf=1&epc=513144615&s=1&snm=SUCCESS&pcrid=8CUL26IV2-513144615-1-9&tpbTkn=false&exid=220&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=90&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1704185281644&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700090000738200728009010000300&strg=HARMONY&vls=0&scrid=1700090000738200728009010000300&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUL26IV2&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CU44R37O&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=728x90&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_UCC=1&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=99ce163106&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23prll_req%3Afalse%23%23TargetingV1Default%3ADisabled%23%23bsNed%3AnoAdd%23%23BF_store%3AGCS%23%23launchexp%3Atoken2%23%23NedCkflWithData%3ANoBlk%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&acid=9617fb35ec6e844d7064fde77591d0ac&rtime=15.0&wsip=mowx-756495c765-pmwfk&ltime=26.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=4188313527&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=9617fb35ec6e844d7064fde77591d0ac_1&policy_enf=2&pub_blk_enf=1&req_size=728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&skadidfl=0&feedback_id=53kzsiY0Ttf2OEfoUkNAIQ_1&supplyTagId=4188313527&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-01-02+08%3A48%3A01&__expireat=1704185881897&mview=1&lo_pvid=%5B462%5D&lo_dp=0&lo_bdp=0.020&lo_cbdp=0.011&actltime=26&rme=adm&bdata=~bx_len%3D1230~bhp%3D0~bid%3D0.020~bx_ancestor%3D3-2*5-3*18-3*20-2~bx_asn%3D9506~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010000~bx_size%3D728x90~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DSINGAPORE~ck_fl%3D2~dc%3Dgcp-apac-se1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D3~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.05~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.055~dmm_m1%3D0.044~dmm_m10%3D1.000~dmm_m11%3D0.987~dmm_m12%3D1.413~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.011~dmm_m16%3D0.058~dmm_m2%3D0.039~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.008~dmm_m25%3D1.000~dmm_m27%3D4~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m35%3D4.000~dmm_m36%3D4.000~dmm_m39%3D53.000~dmm_m40%3D53.000~dmm_m5%3D1.000~dmm_m51%3D4.000~dmm_m52%3D0.900~dmm_m53%3D0.079~dmm_m54%3D5.000~dmm_m55%3D0.500~dmm_m57%3D1.000~dmm_m59%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.401~dmm_m73%3D4.000~dmm_m74%3D4.000~dmm_m9%3D1.000~dmm_r%3D0.079~e_rpm%3D0.044~erpm%3D0.044~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DSG~r_ip%3D220.255.107.0~r_sc%3D01~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D4188313527~std%3D4188313527~vbr%3D0~cbdp%3D0.011%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D4188313527%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.9%7Epos%3D1%7Ectr%3D0.0%7Eac_type%3D1%7Eadblk%3D4188313527%7Eamp%3D1%7Eogbid%3D0.020%7Ebflr%3D0.010%7Esuid%3DCAESEBFyzBOHA2RkOXUCnMFooXw%7Edtc%3Dapac_sg%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison12%7Esobp%3D%7Exid%3DADX-pub-5372661266361105%7Ehtml%3D1%7Edcut%3D45%7Edogb%3D0-1%7Eecp_used%3Dbelow_q05%7Eecp_p05%3D0.020964652409021452%7Eecp_p10%3D0.04133605416140965%7Eecp_p15%3D0.0649356614569429%7Eecp_p20%3D0.09396438474072605%7Eecp_p25%3D0.11697815176625136%7Eecp_p30%3D0.13799121861863622%7Eecp_p35%3D0.1630188078350157%7Eecp_p40%3D0.18540156772211813%7Eecp_p45%3D0.21265380093377964%7Eecp_p50%3D0.24376904217568265%7Eecp_p55%3D0.27755840013525523%7Eecp_p60%3D0.31626447045965556%7Eecp_p65%3D0.35610950428124494%7Eecp_p70%3D0.3990795521223714%7Eecp_p75%3D0.45398285279848094%7Eecp_p80%3D0.5611768490000587%7Eecp_p85%3D0.7502801900171447%7Eecp_p90%3D1.0652738405005573%7Eecp_p95%3D1.832728526309105%7Eecp_p99%3D6.207184530436901~ibc%3D1~&utime=1371&sf=0&cpr=0.8405119695022198
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 08:48:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3788 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
84171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 09:25:12 GMT
etag
48472445140208031
expires
Tue, 02 Jan 2024 09:25:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D652 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 08:12:25 GMT
x-content-type-options
nosniff
age
261338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 08:12:25 GMT
truncated
/ Frame EC68 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dee88fe4746d985abd39e386867bde211d02212656051b8f003648386a6e753

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame EC68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj3Z9wc2TZbGgIpCV4t4P4aeFqAas1_3wZLT2qJPiC8CNtwEQASAAYL8FggEXY2EtcHViLTUzNzI2NjEyNjYzNjExMDXIAQngAgCoAwHIAwKqBLoCT9CR0QokH-Yk8rp9Y7lQJq_b7v24IXwXz2FrkgHqWkgSCkXb2ZYdBfVMal4GevfAKz0loMvKEIba6Vuz-E8MP4hH4uHm7Rg0bxbsLpcHED6dm3LdE1BgGQnK4m6t_fwriRyi0rPgqriR8jOZVNzc7F0Tk4eWcGAhGnG1CB56DRbvc9LFBCC0nUQIJ7zOUISVHpzDW1sSCFrtkymRfoWkjEMJTeNuVp1AEohSlA6MBIBoiLqzeogVORayCnkYSlfk5U7WYwByEynFJvnqPBkB1KnKRsX9gvhiXWk4XzYAAdvKwRoru3UXJclin0RfI1iOEMxufLFayYnjvOyQCSBE_46h9a_Ch6cofShXtY09ZG2_eR-yB1-QcUaQlrF5Pzu5zCh06qGqH_8NY8uHb--iGMLuLu-_KPmhwXrgBAGABojFsLqFzePuFaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliLxNnyqL6DA4AKA_oLAggBgAwB4g0TCMH12fKovoMDFZCK2AUd4VMBZdAVAYAXAbIXHAoaEhRwdWItNTM3MjY2MTI2NjM2MTEwNRj72hE&sigh=sdWpY9Crln0&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_c6AkRo4DYzqncKm0arsBzNCNPCycGPSq0E3EuyuA1Si9JtCHajaINdE_aKUMCM8BFS6ry5PbGAE&cbvp=2&vis=1
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
log
hblg.media.net/ Frame EC68 		35 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjM1MDQ1NDA2OTY5MDEwXzQ4NTk4NDY1MV83MzcxNDg4NjcxNDYyMUA5NjE3ZmIzNWVjNmU4NDRkNzA2NGZkZTc3NTkxZDBhY5wHexSuR-F6lD8-aHR0cHM6Ly93d3cuYmV0b290YWFkdm9jYXRlLmNvbQRTR4Cs-88b6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMjkgU2FmYXJpLzUzNy4zNiZiZXRvb3RhYWR2b2NhdGUuY29tEjhDVTQ0UjM3TwgMNzI4eDkwCjAuMDExDmFwYWNfc2cGQURYCAhudXJsAAAAAAAAgFZA2PHdlZljAjEAAAAAAAAAADxydGItY29tbW9uLTdiNWY3YzhiNzgtbmxibHouU0c-MTcwMDA5MDAwMDczODIwMDcyODAwOTAxMDAwMDMwMAIQOGZjOWEwOGECYgI&cbvp=2
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Tue, 02 Jan 2024 08:48:03 GMT
log
qsearch-a.akamaihd.net/ Frame EC68 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=9617fb35ec6e844d7064fde77591d0ac&algo=unison12&bdp=0.0200&bidfp=0.0100&capd=0&cc=SG&cid=8CU44R37O&crid=737148867&ct=singapore&dc=apac_sg&dfpbd=0.0110&dn=betootaadvocate.com&infl=flr&iwb=1&ogcbdp=0.0200&other_bids=0.02&other_prv=462&pbshr=100.0000&prdp=0.0110&requrl=betootaadvocate.com%2F&sat=1&sc=01&sc_pvid=462&send_erpm=true&server=1&size=728x90&strg=harmony&totalTime=2832889&ugd=4&ver=9.6.4&cliIP=-587240704&time_stamp=2024-01-02%2008%3A48%3A01&seat=462&itype=adx&req_id=53kzsiY0Ttf2OEfoUkNAIQ&dim4=exploration&dfp_bucket=0.0&level_base=0&bdp_bucket=0.0&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_2-cid_2&ogerpm=0.0000&ogerpm_used=false&rawbid=0.0200&totalTimeBucket=2&as_cache=1&sub_bidder=0&current_day=2.0&current_hour=8&cut=45&floor_bucket=0.00&model_version=202401011819_generic_adx_2-cid_2&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.9000&pvid_seat=462_462&ckfl=0&mnckfl=0&sd=1&predicted_wr=89.3914&bdp_wider_bucket=1&adblk=4188313527&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=45&dmm_d36=NA&advurl=related.insiderchoices.net%2F&dmm_d10=0.0000&dmm_d22=0.05&bdmm_m5=1.0000&bdmm_m6=1.0000&bdmm_m7=1.4010&bdmm_m12=1.4130&dmm_l=0.0790&dmm_r=0.0790&e_rpm=0.0440&bdr_typ=2&clisp=rtb-common-7b5f7c8b78-nlblz.SG&dmm_m1=2024-01-02%2008%3A48%3A01.645516839&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700090000738200728009010000300&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=0.24376904217568265&ecp_p75=0.45398285279848094&ecp_avg=0.02&ecp_status=Success&ecp_used=below_q05&ecp_rtime=751.0&sfm_key=mowx_8CU44R37O_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-756495c765-pmwfk&rel_cut_bkt=90&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.11697815176625136&ecp_p60=0.31626447045965556&ecp_p70=0.3990795521223714&ecp_p80=0.5611768490000587&ecp_p85=0.7502801900171447&ecp_p90=1.0652738405005573&ecp_p95=1.832728526309105&ecp_p99=6.207184530436901&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.60.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-60-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:03 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 02 Jan 2024 08:48:03 GMT
cksync
cs.media.net/ Frame 44F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MTg2ODgzMjY4NDUyNzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEC-oSVakl3ypD-xliotTbH8&google_cver=1
57 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEC-oSVakl3ypD-xliotTbH8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 08:48:03 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEC-oSVakl3ypD-xliotTbH8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics
api.edkt.io/ 		0
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/7dDzS0/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Edkt-Load-Id
2b9a721e-81ec-4a89-a4e5-df536c3cf164
Referer
https://www.betootaadvocate.com/
X-Edkt-Api-Key
rEtH1NV2wMPwBAnnGqBv
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 02 Jan 2024 08:48:03 GMT
via
1.1 google
server
Google Frontend
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
cache-status
uncacheable
vary
Origin
access-control-max-age
86400
content-type
text/html
access-control-allow-origin
https://www.betootaadvocate.com
x-cloud-trace-context
282ce3f9190202f481d93fc4ecca3df8
access-control-allow-credentials
true
cache-id
SIN-20b7a9d3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
analytics
api.edkt.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-edkt-api-key,x-edkt-load-id
Access-Control-Request-Method
POST
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-edkt-api-key,x-edkt-load-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.betootaadvocate.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-id
SIN-20b7a9d3
cache-status
uncacheable
content-length
0
content-type
text/html
date
Tue, 02 Jan 2024 08:48:03 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
4beb6375fe5229ead10a8b37656e8787
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D652 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 23:31:22 GMT
x-content-type-options
nosniff
server
cafe
age
33401
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Tue, 02 Jan 2024 23:31:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D652 		344 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:18:04 GMT
x-content-type-options
nosniff
server
cafe
age
16199
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 03 Jan 2024 04:18:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D652 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckxttwc2TZZ_BNdSW3LUP5siDkAStubjVdMKyromiDd7ZHhABIJvBxR1gvwWgAdC_9M0DyAEJqQJthRGu8WCpPuACAKgDAcgDCqoE0AJP0L25c_MtLiq8ig9jz0tqIzWIvAL9ePI_TAYBUeUnTA57hnhF81nZ2lxfIDPuC9jaXIS_5xXue_DRxzoiOI3FlFbP_xTFwj3PlJwOEOxEQs-hSFxfGURqUbjb3V-KYnM3tgg3i26ZBRlAJjNaPQP4qol0_KmaknpxmQ2TD18Gqv4mQ8Cp8Tv--iFN1tRgO1lE91ipqLCGms6wBLqt1g-e_Vg1yPa8AES1zztf4_bzPKPxC_ke3zGuFG27XCqVcesOnOL_Kee46lDpspddWt7iH1upLLpzxUrkI3G6de5QomSLGCAao5sGp324-j8Z6yRoBA6U66TrHHhxDmWvPjTwuyn_4kLMZNXluKdI-r792lloY_kEn2gQqlklignOPzl0FJR3auVd0f1TEvYWtC9lN3tftSZCVU2YsWjYKk9l6Df4_zxFWIrEv5Bvtj6tW8HABIrBxqu6A-AEAYgFstSt4S2SBQQIBBgBkgUECAUYBKAGLoAHmMCLMqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJHiDtIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY6MPZ8qi-gwOaCSxodHRwczovL3dpaGFyZGphLmNvbS5zZy9iZWQtcm9vbS9iZWQtZnJhbWVzL4AKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLELDQq_3N9dCB0AESAgED4g0TCNSD2vKovoMDFVQLtwAdZuQAQtgTDIgUCNAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTIxNDA2NzQwOTMyMzQ3GPvaEQ&sigh=4vpfPCIA16g&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_e6FKZjB_ewl-5BVChttQMQDvUXeLzgYO7k6c55im3R5U5KoufUD9WU2QUn7ItP_4e7pz3SUEGAE&template_id=5000&cbvp=2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
truncated
/ Frame 4A66 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4A66 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4A66 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 4A66 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6246&&vgd_canary=0&vgd_l2type=scs_newfl&fp=q2MjnjJBcgCSO5F88uy2xKbpNCucOIL8TlPS0LWhaMuVTc8OitpeC60CXsrLgkuQUuVAmJu_H9MDxi4woa4sENw64djo-hdUnTPMyRRV-gAT-smmFf63ihSrraziAkBQdkXMIjFkVU6Ll_RLlUadBQ%3D%3D&cme=Hw3U0Ighjl3gXa8vMc4nK-qylyQB14xKOOIp9TNoQT7HBXGhD58JtokIvDrOclBtzrUvKJV_2QXT-qYQ07YRa_xk63H-cdAaxRFPNxVYUpgRc7OUXHrxLwEU8D72Pwp2yynbjW45FTdh0r9Kt1Zr1gn7bcP8OdWm1CXtLsjnYxCQLAIj4kBA46prYA9THR5kT7KUgK9VyP_Q8h5QHoR7HdM_by5w-kvEei2NUQ3PvY7Z6FgLjVCCXg%3D%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CgUmnLZJoSfTQkANxVd4QimaFiQlml45mQyI9L43qrH6RQB5P_VZRrL03y9AIXiCzozOcITsRZdPzgic-gZQbIPJEPPao_tYQPF7bCnUNykq3XGpw1b8DQ1_G8Wk0zPfCz0Xapav2FaM97fhJU94VJoDRV1oqeLVS8W-FbZLb40sipCqiqSPkmr7uvygJChbh5hoORRuOmcUM0qiGVrmJwuJYX19q6bDte2ZSrqePOUx2iQ-6-qOvM-vtHcpG8hKKyQJ1ceLEqFJ5x3XrMR0Ah9s2h1V3OJ6V%7Cu8A6SM53vAe1MU7xgTo35mvrNAzAitjE%7CHZdN3z6UKeEWWvNXWyqUfHSeN0ypIGUY%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD6ASqXHhJuVwWfwEBgGtidxsq5zrybhLeDSG7CFNZ3bGQ%3D%3D%7C&subBdr=99&bdrid=462&ksu=224&fdkt=475&vgde_kbbh=fuoyxQBuG&kwd[]=United+Healthcare+Medicare+Plans+AARP&kwt[]=475&kbc[]=dfebdbf9a1d600592ee16564a1e41e05.d2s&kwp[]=1&kid[]=472749608&kbc2[]=eset%3D1%7Ce_st%3D394%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D010114%7C13%3D0.0104%7C14%3D010123%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D0.998%7C1%3D0.01%7C2%3D0.07&ktd[]=824650895616&kwd[]=Free+Clothes+Samples&kwt[]=475&kbc[]=dfebdbf9a1d600592ee16564a1e41e05.d2s&kwp[]=2&kid[]=316681450&kbc2[]=eset%3D1%7Ce_st%3D8%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D010114%7C13%3D0.0106%7C14%3D010123%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D0.998%7C1%3D0.04%7C2%3D0.18&ktd[]=274911858944&kwd[]=Free+Dental+Implants+for+Veterans&kwt[]=475&kbc[]=dfebdbf9a1d600592ee16564a1e41e05.d2s&kwp[]=3&kid[]=352067925&kbc2[]=eset%3D1%7Ce_st%3D869%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D010114%7C13%3D0.0277%7C14%3D010123%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D0.998%7C1%3D0.02%7C2%3D0.08&ktd[]=824650895616&kwd[]=In-Home+Care+Service&kwt[]=475&kbc[]=dfebdbf9a1d600592ee16564a1e41e05.d2s&kwp[]=4&kid[]=327995117&kbc2[]=eset%3D1%7Ce_st%3D893%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D010114%7C13%3D0.0090%7C14%3D010123%7Cokt%3D475%7Cbdkt%3D475%7Cps%3D0.998%7C1%3D0.02%7C2%3D0.15&ktd[]=274895081728&v=1&geo=1.33%7C103.95&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=SG&wsip=170762498&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22bZ%22%2C%22QQN75%22%3A%22Q8zy1EmLJ%22%2C%22QQ8E%22%3A%22ff9.fXX.u9h.9%22%2C%22QQQN%22%3A%229u%22%7D&cid=8CUL26IV2&vi=1704185282889058421&vsid=3471868832684592&tdAdd[]=asnum%3D9506&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=10&vgd_tsce=L366-S366&vgd_l3_sc=04&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3001c86a&vgd_nrrsf=scrr&vgd_cty=singapore&vgd_ifrmode=14&sttm=1704185282937&upk=1704185283.17055&hvsid=00001704185282937037077268451771&verid=3111299&sbdrId=99&tsrc=entity&vgd_l1rakh=1704185282194295152&vgd_ecrid=1700090000738200728009010000300&vgd_isiolc=1&kbbq=%26asn%3D9506&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3471868832684592&vgde_bdata=~G-MjJzvufA9~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvAof*XoA*uWoA*f9of~G-M1QzviX9F~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvhfW-i9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjvf~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9X~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9XX~OYYMYuv9.9HH~OYYMYu9vu.999~OYYMYuuv9.iWh~OYYMYufvu.HuA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9uu~OYYMYuFv9.9XW~OYYMYfv9.9Ai~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.99W~OYYMYfXvu.999~OYYMYfhvH~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvH.999~OYYMYAFvH.999~OYYMYAivXA.999~OYYMYH9vXA.999~OYYMYXvu.999~OYYMYXuvH.999~OYYMYXfv9.i99~OYYMYXAv9.9hi~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhvu.H9u~OYYMYhAvH.999~OYYMYhHvH.999~OYYMYivu.999~OYYMLv9.9hi~JMLEYv9.9HH~JLEYv9.9HH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evff9.fXX.u9h.9~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvHuWWAuAXfh~Q7OvHuWWAuAXfh~eGLv9~NGOEv9.9uu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvHuWWAuAXfh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.i~EmQvu~N7Lv9.9~1NM75EJvu~1OGjUvHuWWAuAXfh~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov%3DK4b4Rs5lRaqKfDUatP%3DzcsmmtB~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGoXAhfFFufFFAFuu9X~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOvGJjmBM%209X~JNEME9Xv9.9f9iFHFXfH9i9fuHXf~JNEMEu9v9.9HuAAF9XHuFuH9iFX~JNEMEuXv9.9FHiAXFFuHXFiHfi~JNEMEf9v9.9iAiFHAWHhH9hfF9X~JNEMEfXv9.uuFihWuXuhFFfXuAF~JNEMEA9v9.uAhiiufuWFuWFAFff~JNEMEAXv9.uFA9uWW9hWAX9uXh~JNEMEH9v9.uWXH9uXFhhffuuWuA~JNEMEHXv9.fufFXAW99iAAhhiFH~JNEMEX9v9.fHAhFi9HfuhXFWfFX~JNEMEXXv9.fhhXXWH99uAXfXXfA~JNEMEF9v9.AuFfFHHh9HXiFXXXF~JNEMEFXv9.AXFu9iX9HfWufHHiH~JNEMEh9v9.Aii9hiXXfuffAhuH~JNEMEhXv9.HXAiWfWXfhiWHW9iH~JNEMEW9v9.XFuuhFWHi9999XWh~JNEMEWXv9.hX9fW9ui99uhuHHh~JNEMEi9vu.9FXfhAWH9X99XXhA~JNEMEiXvu.WAfhfWXfFA9iu9X~JNEMEiivF.f9huWHXA9HAFi9u~8GNvu~&vgd_cfud=230323&vgd_scsver=307&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1140&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_l1rhst=contextual.media.net&hvsid=00001704185282937037077268451771&rc=0&rand=1704185283488&acid=9617fb35ec6e844d7064fde77591d0ac&matm=1704185283488&vgd_ltimesrc=1&vgd_ltime=1072&vgd_rtime=1066&vgd_etm=8&vgd_l1hcsd=S5h9m%7C8680&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=6556&vgd_pgid=p02126922328t202401020848&vgd_csip=rtb-common-7b5f7c8b78-nlblz.SG&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7Ccfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=bcat%3D16u%2Ca%2Ch%2Cgo%2Ci2%2Cy5%2Cmk%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3342&&kkdd=HH%7C3%7C*AnH9&Qc=!aE)!57.5.55*E75).!&h-JP=E&tDJ9=E&W-Q=!!)E&4DWF=vZ__&Wc-=583v._Yo.&WJW-=E_n)*CNcmOLYwm!UZRV7tb%3D%3D&WPc-=7!Z!))_!7&DcGF=a.5~*E&WW=6m&W1wt=AbLSuy(&Jc-=5suO_g5o)&4Jc-=28S(.H2&144JD=!&PPP=4GLf1vWXfv5mayrZTFYxCS9lxSFWv2g2y_OmSgBDEwNVv5mJ77V2KU%3D%3D&wDF=7&XU=!&0h-=)&9-4!=583))LZau&9-4.=aZa!)55_a&l-949=el~xXFw%3D!.ZEel1J%3DEelc-%3DEkE.Eel~x9wWFD4CP%3DZf.M7fZM!5fZM.Ef.el~x9Dw%3D*7E_el~xF~J%3DEel~xhcwD0%3DEel~xcw4t-%3DEel~xP1%3D)aRrnJT5AHel~xPJW%3DEE!EEEEel~xDcGF%3Da.5~*Eel~x4t9~%3D.7Eel~x4tXxD0jjc~%3D%2FeWc4V%3D6YymbsuLreWBxjX%3D.e-W%3DhWJf9J9WfDF!fle-ttx-!%3DEe-ttx-!E%3DEe-ttx-!.%3DZe-ttx-!)%3DEe-ttx-!7%3D!e-ttx-!_%3DZe-ttx-!a%3D!e-ttx-!5%3D57e-ttx-!*%3D!EEEe-ttx-.%3D2e-ttx-.!%3Df!e-ttx-..%3DEkE7e-ttx-.)%3D7e-ttx-.7%3D-Fjx-Fje-ttx-.5%3D7e-ttx-.*%3DEkEEe-ttx-Z%3DEe-ttx-ZE%3DEe-ttx-Z.%3DEe-ttx-ZZ%3DEe-ttx-Z_%3Dybe-ttx-Za%3D2e-ttx-)%3DEEe-ttx-)E%3DEe-ttx-).%3DEe-ttx-)Z%3DEe-ttx-))%3DJPC-e-ttx-)7%3DEe-ttx-)_%3DLe-ttx-7!%3DEe-ttx-7.%3DEkEEe-ttx-7_%3DEe-ttx-a%3DEe-ttx-5%3DEe-ttxX%3DEkE77e-ttxt!%3DEkE))e-ttxt!E%3D!kEEEe-ttxt!!%3DEk*5ae-ttxt!.%3D!k)!Ze-ttxt!Z%3D!kEEEe-ttxt!)%3D!kEEEe-ttxt!7%3D!kE!!e-ttxt!_%3DEkE75e-ttxt.%3DEkEZ*e-ttxt.!%3D!kEEEe-ttxt.Z%3D!kEEEe-ttxt.)%3D!kEE5e-ttxt.7%3D!kEEEe-ttxt.a%3D)e-ttxt.*%3D!kEEEe-ttxtZ%3D!kEEEe-ttxtZE%3D!kEEEe-ttxtZ.%3DEkE!Ee-ttxtZ)%3D!kEEEe-ttxtZ7%3D)kEEEe-ttxtZ_%3D)kEEEe-ttxtZ*%3D7ZkEEEe-ttxt)E%3D7ZkEEEe-ttxt7%3D!kEEEe-ttxt7!%3D)kEEEe-ttxt7.%3DEk*EEe-ttxt7Z%3DEkEa*e-ttxt7)%3D7kEEEe-ttxt77%3DEk7EEe-ttxt7a%3D!kEEEe-ttxt7*%3D!kEEEe-ttxt_%3D!kEEEe-ttxta%3D!k)E!e-ttxtaZ%3D)kEEEe-ttxta)%3D)kEEEe-ttxt*%3D!kEEEe-ttxP%3DEkEa*eFxPJt%3DEkE))eFPJt%3DEkE))e1W%3DE%20%2B%20Eec19%3DEec4VJF%3DbRqePxWW%3D6mePxcJ%3D..Ek.77k!EakEePxDW%3DE!ePlC%3D7xZePFjxWw4%3DEeDFXXFPx49hxc-%3D)!55Z!Z7.aeD4-%3D)!55Z!Z7.aeQlP%3DEeWl-J%3DEkE!!eD-%3D!ec4VJFxc-%3D!aeDFXXFPx49hxc-%3D)!55Z!Z7.aeD0JJXVx49hxc-%3De-F4FW4F-x49hxc-%3DeQcFU9lcXc4V%3DEk*eJCD%3D!eW4P%3DEkEe9Wx4VJF%3D!e9-lXB%3D)!55Z!Z7.ae9tJ%3D!eChlc-%3DEkE.EeljXP%3DEkE!EeD0c-%3D8br6rHdVGHuAb.LBuq38wSdCCqUe-4W%3D9J9WxDhe-ttxFPJt%3Dj9XDFe-tt%3D19PtCwVel-JW9J-%3DEe-9Xh%3D0wcDCw!.eDClJ%3De~c-%3DbRqfJ0lf7Za.__!.__Z_!!E7e14tX%3D!e-W04%3D)7e-Chl%3DEf!eFWJx0DF-%3DlFXCUxKE7eFWJxJE7%3DEkE.E*_)_7.)E*E.!)7.eFWJxJ!E%3DEkE)!ZZ_E7)!_!)E*_7eFWJxJ!7%3DEkE_)*Z7__!)7_*).*eFWJxJ.E%3DEkE*Z*_)Z5)a)Ea._E7eFWJxJ.7%3DEk!!_*a5!7!a__.7!Z_eFWJxJZE%3DEk!Za**!.!5_!5_Z_..eFWJxJZ7%3DEk!_ZE!55Ea5Z7E!7aeFWJxJ)E%3DEk!57)E!7_aa..!!5!ZeFWJxJ)7%3DEk.!._7Z5EE*ZZaa*_)eFWJxJ7E%3DEk.)Za_*E).!a7_5._7eFWJxJ77%3DEk.aa775)EE!Z7.77.ZeFWJxJ_E%3DEkZ!_._))aE)7*_777_eFWJxJ_7%3DEkZ7_!E*7E).5!.))*)eFWJxJaE%3DEkZ**Ea*77.!..Za!)eFWJxJa7%3DEk)7Z*5.57.a*5)5E*)eFWJxJ5E%3DEk7_!!a_5)*EEEE75aeFWJxJ57%3DEka7E.5E!*EE!a!))aeFWJxJ*E%3D!kE_7.aZ5)E7EE77aZeFWJxJ*7%3D!k5Z.a.57._ZE*!E7eFWJxJ**%3D_k.Ea!5)7ZE)Z_*E!eclW%3D!e&w4Q=E&ttt=uEHW_vKKDPSxtssGFhwvouF0~Pn)sVX6Fyd)A6JA7uVPa9zVA)nQth%3D%3D&cU=a.5&cwYjP=!&l-PY-=)_.&lc-=Z)*E_7&B44XF=69jFdP9tF%208Cw49cwFP&tWj=a_7*.&V-DJP=!&l9F=H~FyHKGhKHeH~FyHKGKKHe)FF&B94JPF=!&B94lc-=f!EZ&W9-Ct9cw=4GLf1vWXfvfA61y).f00jqJOF07dGjuPGU0)Dm(zhbmzTJKfxdnOwb%3D%3D&VJXJ=!&cDc-=7&9-Q=YwDc-FP%2081CcWFD&DDtWPxQFP=7&Jhc-=JE.!._*..Z.54.E.)E!E.E5)5&DDX-=%7B%22DDcJ%22%3A%22..Ek.77k!EakE%22%2C%22DDWW%22%3A%226m%22%2C%22DDDW%22%3A%22E!%22%2C%22DDW4V%22%3A%22Dcwh9JCPF%22%7D&14tXDPW=!&sflct=6078620&4WjxWtJ=!&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 08:48:03 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Tue, 02 Jan 2024 08:48:03 GMT
i.match
s.tribalfusion.com/z/ Frame 3788
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMR4sxfnlrUTrW45lPoPINA&google_cver=1&google_push=AXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMR4sxfnlrUTrW45lPoPINA&google_cver=1&google_push=AXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram...
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMR4sxfnlrUTrW45lPoPINA&google_cver=1&google_push=AXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f1bdaabb17600b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
118
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMR4sxfnlrUTrW45lPoPINA&google_cver=1&google_push=AXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTdBQrd254aBa_-6ZDVOOOdCFU2ox7ICYE3SuvtOTnitbW1mZw3FdLu39iLnvUxu1pbgwbtsCQT8dK8vT7TuOaEPQKtram89x0fM3ca1ZJjvKuBjTAd53nH2sZdZlq4_C6_zZN41QX3bCNy7-r54lI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f1bda9689c600b-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3788
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOgoVbSmNSq4o27SOp_MzQE&google_cver=1&google_push=AXcoOmQWbOrOASyEB1A16_5qvKdmsMuGKJONtjHoKynIamqBVPjQO-TvY9R47yGWogYYY-D0Xo1hr...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQWbOrOASyEB1A16_5qvKdmsMuGKJONtjHoKynIamqBVPjQO-TvY9R47yGWogYYY-D0Xo1hrt0TpazwQPUk4YDBabIQkukzgC5LnfBm3DU6Np1u4-1aLc5sjZp8QT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQWbOrOASyEB1A16_5qvKdmsMuGKJONtjHoKynIamqBVPjQO-TvY9R47yGWogYYY-D0Xo1hrt0TpazwQPUk4YDBabIQkukzgC5LnfBm3DU6Np1u4-1aLc5sjZp8QTvzwmI5WpPjhOEuCmdpS3P0l2Q
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 08:48:03 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EF82AFBE32FB47E1AD6791270D2DE02C Ref B: SG1EDGE0110 Ref C: 2024-01-02T08:48:04Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQWbOrOASyEB1A16_5qvKdmsMuGKJONtjHoKynIamqBVPjQO-TvY9R47yGWogYYY-D0Xo1hrt0TpazwQPUk4YDBabIQkukzgC5LnfBm3DU6Np1u4-1aLc5sjZp8QTvzwmI5WpPjhOEuCmdpS3P0l2Q
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8o5/TizA4Z2ooWNUKw==
pixel
cm.g.doubleclick.net/ Frame 3788
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmT-CtvQhw5qpvYCqXe1b9kgWScuH6HPFSSZdjmIQ57D-XgxbhfPqpEU0UQBd3aZg4l0T4VSjTOVSXlgRAwWvEDlxSJeF38GhHZHsAzh08Tz3xXYwIeZWpiGahQ0ccBMhDTfl-eONTy3wY...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmT-CtvQhw5qpvYCqXe1b9kgWScuH6HPFSSZdjmIQ57D-XgxbhfPqpEU0UQBd3aZg4l0T4VSjTOVSXlgRAwWvEDlxSJeF38GhHZHsAzh08Tz3xXYwIeZWpiGahQ0ccBMh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmT-CtvQhw5qpvYCqXe1b9kgWScuH6HPFSSZdjmIQ57D-XgxbhfPqpEU0UQBd3aZg4l0T4VSjTOVSXlgRAwWvEDlxSJeF38GhHZHsAzh08Tz3xXYwIeZWpiGahQ0ccBMhDTfl-eONTy3wY0ARBm8lvQ&google_hm=AYtK54dY6921ks8AEDxkG0XDE8A
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmT-CtvQhw5qpvYCqXe1b9kgWScuH6HPFSSZdjmIQ57D-XgxbhfPqpEU0UQBd3aZg4l0T4VSjTOVSXlgRAwWvEDlxSJeF38GhHZHsAzh08Tz3xXYwIeZWpiGahQ0ccBMhDTfl-eONTy3wY0ARBm8lvQ&google_hm=AYtK54dY6921ks8AEDxkG0XDE8A
cache-control
no-cache
content-length
0
x-amz-cf-id
9sWmK2XwvjjVJwkbhqWqMmg0s-lFR5j1wEIyzee_hgShEWxa2GJUkg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3788
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=41cc-wKjTQWY3BqSMmr6Wg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=41cc-wKjTQWY3BqSMmr6Wg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT6KVBqErJEO9k_MQCH49uJnn3mPsegHwiezWAbie5qJJyeVcWrOBse9zxgBU6Y0Ud3EoZ2eBZYmjPxa9LozSSbucqX5U1FQL7yAB8ms6kSVSOP_7RPJUpIqlB8DV9JSDz8XYEFHhDlNxFO-6oATcs
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=41cc-wKjTQWY3BqSMmr6Wg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT6KVBqErJEO9k_MQCH49uJnn3mPsegHwiezWAbie5qJJyeVcWrOBse9zxgBU6Y0Ud3EoZ2eBZYmjPxa9LozSSbucqX5U1FQL7yAB8ms6kSVSOP_7RPJUpIqlB8DV9JSDz8XYEFHhDlNxFO-6oATcs
date
Tue, 02 Jan 2024 08:48:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 3788 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEBX_eNsXG7tOiWrEr2K-dOU&google_cver=1&google_push=AXcoOmQT-1rzumGNa3uiSTBkrAlYQv02e2U8-JA6OAdBwYTJSe1FoEhmgseCgmejOuhLMJ1s_fh3WYGoJN7Mc8Kns7P1gIYQYK24semAco3U9gDkLEHo8qERHG_e8qvoE8_z6WUEp48Xb_-dfuuI8kaLFaU
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:04 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3788
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEB7YMrKRSv7eJN5wW2swGy0&google_cver=1&google_push=AXcoOmTH4Oz29YF72j5oPr4RE_i6elRyxdQNi6wM7_peuw0zDHIHYq0h5Cqyu0-w-6-RB8PZ9O68z_0jXKx-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTH4Oz29YF72j5oPr4RE_i6elRyxdQNi6wM7_peuw0zDHIHYq0h5Cqyu0-w-6-RB8PZ9O68z_0jXKx-ArOxzCvMxaX5fB94awBwh1bAEgwqSZPy_HaS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTH4Oz29YF72j5oPr4RE_i6elRyxdQNi6wM7_peuw0zDHIHYq0h5Cqyu0-w-6-RB8PZ9O68z_0jXKx-ArOxzCvMxaX5fB94awBwh1bAEgwqSZPy_HaSFA90FE7mMpe8hpreKhk90kqqndqmdosvMg
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTH4Oz29YF72j5oPr4RE_i6elRyxdQNi6wM7_peuw0zDHIHYq0h5Cqyu0-w-6-RB8PZ9O68z_0jXKx-ArOxzCvMxaX5fB94awBwh1bAEgwqSZPy_HaSFA90FE7mMpe8hpreKhk90kqqndqmdosvMg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 3788
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJG573adaucg4CHs_LmXHfA&google_cver=1&google_push=AXcoOmRk9OS8LfHgU7IszYqPPLnrAnw2zuHQ0uesl8HGRcKGn0aFkUnhMOXUQNR40O-deqzd2nF_3u...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRk9OS8LfHgU7IszYqPPLnrAnw2zuHQ0uesl8HGRcKGn0aFkUnhMOXUQNR40O-deqzd2nF_3uGAA__2wYd92HV3HRLvpYjazazn7kbMaBMg_6nhfQ2MB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRk9OS8LfHgU7IszYqPPLnrAnw2zuHQ0uesl8HGRcKGn0aFkUnhMOXUQNR40O-deqzd2nF_3uGAA__2wYd92HV3HRLvpYjazazn7kbMaBMg_6nhfQ2MBdOlOqP6Q6ChHCrU-U4yRNG6NFojDNbriKM&google_hm=MzI2NjE0MTk0NDE2NzkxMTU5Ng%3D%3D
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRk9OS8LfHgU7IszYqPPLnrAnw2zuHQ0uesl8HGRcKGn0aFkUnhMOXUQNR40O-deqzd2nF_3uGAA__2wYd92HV3HRLvpYjazazn7kbMaBMg_6nhfQ2MBdOlOqP6Q6ChHCrU-U4yRNG6NFojDNbriKM&google_hm=MzI2NjE0MTk0NDE2NzkxMTU5Ng%3D%3D
date
Tue, 02 Jan 2024 08:48:03 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3788 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwjwPROUJFbmYDrwpuz16wKW7EDAdBSdmcdlcR8mJPivcAteg022o5u9b6WDPGJgLpYpWV
Requested by
Host: cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
URL: https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
8d4204857a62869dbefad7233472f39a5b83bd4493833a8b7cfc6a688f8951aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12162
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 08:48:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC68 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu50A2hd93bvtmCbeaSjAvP1_w3T2asezbeKIbtv5ijVWBpjTx9oO6c0VYlYORpjiJc7_mKDngYQdkrYfhehrbUaLj5TXVswnTP7NyuqTL4u6vJaczw_jAS&sig=Cg0ArKJSzAsd0HLnmacgEAE&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=4188313527&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704185282134&rpt=947&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/b-ed6e5a5-f14e3344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame EC68 		35 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDk2MTdmYjM1ZWM2ZTg0NGQ3MDY0ZmRlNzc1OTFkMGFjhv__vgWcBwRTRyZiZXRvb3RhYWR2b2NhdGUuY29tEjhDVTQ0UjM3TwAMNzI4eDkwDmFwYWNfc2cEMjMGQURYEjhQUjExM0pHQwY0NjIAAAIwPHJ0Yi1jb21tb24tN2I1ZjdjOGI3OC1ubGJsei5TRz4xNzAwMDkwMDAwNzM4MjAwNzI4MDA5MDEwMDAwMzAwAjAAIgAQRVhDSEFOR0UCAmI&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
48
expires
Tue, 02 Jan 2024 08:48:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D652 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJmU9UFSl4-s27xSmVnmP5LAFryYe9ICFMEcEzJ7_6Fe0P-SdJ-un9BlK__OGExml2QdSS46pzna1n2dlxE1KmfKLrh23g3bigl4c6eG4hHU_WQb_aCH4VY4H2adPQel1gj2d3LJ1fuDjjdcvdfgCpdzGw&sai=AMfl-YSpXVOEi9_M5jLd9919vyxnvNXLIkIfvOSbJq3SrgPvKaSp3tyV1WZA8ik6ONo63snOOJMK_DYAtFV73jrtjEOup35exMCio8F1APU19E-X_fKaQOPnR280_jk&sig=Cg0ArKJSzClJ_bpj3iuWEAE&cid=CAQSOwAvHhf_e6FKZjB_ewl-5BVChttQMQDvUXeLzgYO7k6c55im3R5U5KoufUD9WU2QUn7ItP_4e7pz3SUEGAE&id=ampim&o=315,190&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=955&tls=1956&g=100&h=100&tt=1956&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.betootaadvocate.com%2F&domain=www.betootaadvocate.com&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 Jan 2024 08:48:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
323467
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		479 B
756 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.betootaadvocate.com%2F&domain=www.betootaadvocate.com&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7c0209ad30ba6b9bc23d2f6228a4065ab777b889dd982a8c17d459ec702be926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
903486
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=269&_it=prebid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f87a150d1d48758c8bcb85523b461d603f07ba6aac1a2d9aafe4e6b4c1c666b

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
83f1bdaeb8c63fb6-SIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
ffa8224d00f5beeb81f99ee4320499e896e07cf2dfa3690db9f0351d285bb62b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Tue, 02 Jan 2024 08:48:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		152 B
824 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17227
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.194.25 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d1d9e6edd39d1da52124a02d6e80694aa03753a5ce0b10bd65dd9379fc99a0b4

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache
x-server
10.42.18.126
access-control-allow-credentials
true
content-length
152
expires
0
sync
eb2.3lift.com/ Frame C5AD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
23497944e02b08b1d8878ca3dd565199cff1d66aae241e8419d3e93c10cb7c0f

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1339
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:04 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
snackmedia-d.openx.net/w/1.0/ Frame C557 		544 B
621 B 		Document
General
Check archive.org
Download Go to
Full URL
https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0437d15c303173bb2b2d7123ae01fa20722bf581ec9c5dc4b43cb47328172f06

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
315
content-type
text/html
date
Tue, 02 Jan 2024 08:48:04 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame FC1B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11767
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 02 Jan 2024 08:48:04 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
299, 87931
X-Served-By
cache-lga13626-LGA, cache-qpg1250-QPG
X-Timer
S1704185285.962886,VS0,VE0
usersync
usersync.gumgum.com/ Frame 543C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=3710105856933683394&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=3710105856933683394&gdpr=0&gdpr_consent=
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 02 Jan 2024 08:48:05 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=3710105856933683394&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
ixmatch.html
js-sec.indexww.com/um/ Frame 1BFD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
1092
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83f1bdac5944a11c-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 08:48:04 GMT
expires
Tue, 02 Jan 2024 12:48:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0B44 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.198.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-198-23.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 08:48:04 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7075 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=156581
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 02 Jan 2024 08:48:04 GMT
expires
Thu, 04 Jan 2024 04:17:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0D5B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM
  • https://usersync.gumgum.com/usersync?b=atm&i=ZZPNxAALYQFAIAAM&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZZPNxAALYQFAIAAM&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 02 Jan 2024 08:48:04 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZZPNxAALYQFAIAAM&gdpr=0&gdpr_consent=&_test=ZZPNxAALYQFAIAAM
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-qpg1260-QPG
x-timer
S1704185285.867207,VS0,VE0
sync
pre.ads.justpremium.com/v/1.0/t/ Frame EEFD 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=aclh60e1704185281267
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.177.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-177-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
374b289d88f83b909d367cce96d58508c70185125c29fbdf46d9c5bf1fa776bf

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:04 GMT
isyn
prebid.a-mo.net/ Frame 85AC 		2 KB
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CvYBShd3d3cuYmV0b290YWFkdm9jYXRlLmNvbVILYWFzLWZjMjU1OGFaCHBiYTEuMy4zahd3d3cuYmV0b290YWFkdm9jYXRlLmNvbfoBBjguMjAuMOgCAYgDwJvPrAaoAyPqAyQ2NzU2M2VkZS1lZmNhLTRiZDYtYTIzNC03NjNkYTdhZTYwNDiqBANJU1CyBQNVU0TSBQkxMDUxOTk1NDbYBQDgBQHqBQdkZXNrdG9w-gUDc2dw0gYgNUZFMEQyRTk5RDU3OEFBN0FCQjVDQjI1RkNBOUNDREaqBwN3ZWLKBxNiZXRvb3RhYWR2b2NhdGUuY29t4AcB
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
113ff743ffe227ee0c9ae35ea6912f164d5e0cf0d9a3af11e52eccff87f04395

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
635
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:03 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
3
bqi.php
lg3.media.net/ Frame EC68 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3072&lf=3&&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_tsce=L366&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349065&vgd_cdv=1140&vgd_cage=10&vgd_rensize=728_90&vgde_bdata=~G-MjJzvufA9~GwEv9~G8Ov9.9f9~G-M1zNJQ7mLvAof*XoA*uWoA*f9of~G-M1QzviX9F~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvhfW-i9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjvf~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9X~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9XX~OYYMYuv9.9HH~OYYMYu9vu.999~OYYMYuuv9.iWh~OYYMYufvu.HuA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.9uu~OYYMYuFv9.9XW~OYYMYfv9.9Ai~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.99W~OYYMYfXvu.999~OYYMYfhvH~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvH.999~OYYMYAFvH.999~OYYMYAivXA.999~OYYMYH9vXA.999~OYYMYXvu.999~OYYMYXuvH.999~OYYMYXfv9.i99~OYYMYXAv9.9hi~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhvu.H9u~OYYMYhAvH.999~OYYMYhHvH.999~OYYMYivu.999~OYYMLv9.9hi~JMLEYv9.9HH~JLEYv9.9HH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evff9.fXX.u9h.9~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvHuWWAuAXfh~Q7OvHuWWAuAXfh~eGLv9~NGOEv9.9uu~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvHuWWAuAXfh~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.i~EmQvu~N7Lv9.9~1NM75EJvu~1OGjUvHuWWAuAXfh~1YEvu~myG8Ov9.9f9~GkjLv9.9u9~Qx8Ov%3DK4b4Rs5lRaqKfDUatP%3DzcsmmtB~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~QmGEv~-8OvKrtoExGoXAhfFFufFFAFuu9X~w7Yjvu~ONx7vHX~OmyGv9ou~JNEMxQJOvGJjmBM%209X~JNEME9Xv9.9f9iFHFXfH9i9fuHXf~JNEMEu9v9.9HuAAF9XHuFuH9iFX~JNEMEuXv9.9FHiAXFFuHXFiHfi~JNEMEf9v9.9iAiFHAWHhH9hfF9X~JNEMEfXv9.uuFihWuXuhFFfXuAF~JNEMEA9v9.uAhiiufuWFuWFAFff~JNEMEAXv9.uFA9uWW9hWAX9uXh~JNEMEH9v9.uWXH9uXFhhffuuWuA~JNEMEHXv9.fufFXAW99iAAhhiFH~JNEMEX9v9.fHAhFi9HfuhXFWfFX~JNEMEXXv9.fhhXXWH99uAXfXXfA~JNEMEF9v9.AuFfFHHh9HXiFXXXF~JNEMEFXv9.AXFu9iX9HfWufHHiH~JNEMEh9v9.Aii9hiXXfuffAhuH~JNEMEhXv9.HXAiWfWXfhiWHW9iH~JNEMEW9v9.XFuuhFWHi9999XWh~JNEMEWXv9.hX9fW9ui99uhuHHh~JNEMEi9vu.9FXfhAWH9X99XXhA~JNEMEiXvu.WAfhfWXfFA9iu9X~JNEMEiivF.f9huWHXA9HAFi9u~8GNvu~&vgd_lbt=500&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUL26IV2&crid=513144615&rrr=tzR-hLcl-L8G7NE3jeI_oMab_MecLTWTN6JGMWks0nKyL8Gp55yTqw%3D%3D&requrl=https%3A%2F%2Fwww.betootaadvocate.com%2F&vi=1704185282889058421&ugd=4&cc=SG&bdrid=462&subBdr=99&startTime=1704185282929&l1ch=1&l1hcsd=l1!S5h9m|8680&mmm=O0Bc6LqqsrM_mPPzegnLVOeuxrQ4PylSeNF4HSpH5Oyr7aZyH4Qvmg==&buid=349065&sttm=1704185282937&upk=1704185283.17055&hvsid=00001704185282937037077268451771&acid=9617fb35ec6e844d7064fde77591d0ac&verid=3111299&infr=1&twna=1&stime=1704185282431&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704185282194295152&vgd_ecrid=1700090000738200728009010000300&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p02126922328t202401020848&vgd_pgids=1&vgd_end=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 08:48:04 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 02 Jan 2024 08:48:04 GMT
cframe.js
assets.a-mo.net/js/ Frame 85AC 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CvYBShd3d3cuYmV0b290YWFkdm9jYXRlLmNvbVILYWFzLWZjMjU1OGFaCHBiYTEuMy4zahd3d3cuYmV0b290YWFkdm9jYXRlLmNvbfoBBjguMjAuMOgCAYgDwJvPrAaoAyPqAyQ2NzU2M2VkZS1lZmNhLTRiZDYtYTIzNC03NjNkYTdhZTYwNDiqBANJU1CyBQNVU0TSBQkxMDUxOTk1NDbYBQDgBQHqBQdkZXNrdG9w-gUDc2dw0gYgNUZFMEQyRTk5RDU3OEFBN0FCQjVDQjI1RkNBOUNDREaqBwN3ZWLKBxNiZXRvb3RhYWR2b2NhdGUuY29t4AcB
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
via
1.1 23632109ecb3eb8245f17822f97fa88e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SIN5-C1
age
533
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
83f1bdaeded54080-SIN
x-amz-cf-id
cCY2gVab6b_lNU7itymWg5RkdMKzukhz0w_hP1PeogzcELtGj5a89A==
expires
Tue, 02 Jan 2024 09:48:04 GMT
jp
rtb.gumgum.com/usync/ Frame 3E08 		2 KB
878 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=aclh60e1704185281267
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.124.92 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-124-92.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
32c2cfb308a229ab5f6fd5238c4c2ae2315cf80d5302ba18b09e822fb7081166

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 02 Jan 2024 08:48:05 GMT
etag
W/"0c68e7d5df2fb6043c78080414796cf9a"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame EEFD
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&us_privacy=
  • https://match.justpremium.com/match/gg?jp_uid=r-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705&ex_uid=a_f84f14a8-c89d-4001-a78c-a3223816d238
43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705&ex_uid=a_f84f14a8-c89d-4001-a78c-a3223816d238
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=aclh60e1704185281267
Protocol
H2
Server
13.112.177.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-177-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705&ex_uid=a_f84f14a8-c89d-4001-a78c-a3223816d238
date
Tue, 02 Jan 2024 08:48:05 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
zh-SG
sd
us-u.openx.net/w/1.0/ Frame C557
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=e8ieAQpAX-9IbIzWoAISu9z_a_0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=e8ieAQpAX-9IbIzWoAISu9z_a_0
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=e8ieAQpAX-9IbIzWoAISu9z_a_0
Date
Tue, 02 Jan 2024 08:48:05 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
cf6906d9-0f4f-eb1e-ef6e-c96f984894e8
pr-bh.ybp.yahoo.com/sync/openx/ Frame C557 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/cf6906d9-0f4f-eb1e-ef6e-c96f984894e8?gdpr=0
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.146.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-146-191.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame C557 		0
0
dds
rtb.openx.net/sync/ Frame C557
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=hPjqoTZlwHk4zZMttAZjGw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame C557 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:05 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
us-u.openx.net/w/1.0/ Frame C557
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3515932829652169944&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3515932829652169944&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3515932829652169944&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=75b0f43b-d089-4345-98db-2dafdee0ed2d&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=75b0f43b-d089-4345-98db-2dafdee0ed2d&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=75b0f43b-d089-4345-98db-2dafdee0ed2d&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 08:48:04 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTIzMjA4ODQyNjg0NTc4NzQ3MzQ1
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHsoM_bBUB6Rfh5tyZK4H6A&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHsoM_bBUB6Rfh5tyZK4H6A&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHsoM_bBUB6Rfh5tyZK4H6A&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C5AD
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTIzMjA4ODQyNjg0NTc4NzQ3MzQ1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTIzMjA4ODQyNjg0NTc4NzQ3MzQ1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTIzMjA4ODQyNjg0NTc4NzQ3MzQ1
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame C5AD 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=523208842684578747345&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D9454709BF074EF09D114FF219146D82 Ref B: SG1EDGE0110 Ref C: 2024-01-02T08:48:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8o6IWveGokXT5x8vug==
xuid
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/523208842684578747345?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-g5LlawxE2oS1nBYfKeXLS2ovYIhM4jHgrHuqFIl3gw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-g5LlawxE2oS1nBYfKeXLS2ovYIhM4jHgrHuqFIl3gw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 08:48:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-g5LlawxE2oS1nBYfKeXLS2ovYIhM4jHgrHuqFIl3gw--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=523208842684578747345&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=523208842684578747345&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7454654908275200369&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 08:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 02 Jan 2024 08:48:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=fc4b2f2f-acdf-4824-896a-fb9642bd0a7e&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=fc4b2f2f-acdf-4824-896a-fb9642bd0a7e&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=fc4b2f2f-acdf-4824-896a-fb9642bd0a7e&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
895852
content-length
0
expires
Tue, 02 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C5AD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2737469907082529874&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2737469907082529874&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
an-x-request-uuid
925a2850-1a6a-474a-bd29-f89c3026c69e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=2737469907082529874&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame C5AD 		43 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=523208842684578747345
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
an-x-request-uuid
6b62ea96-4827-43d2-a422-cc0ccdae8dca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0B44 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.198.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-198-23.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79eb9a84a4f56ccd0cd60a97bad994a72dbd734a10af460dff80881cdcce0059

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jan 2024 04:34:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71206
Connection
keep-alive
Content-Length
13173
Expires
Wed, 03 Jan 2024 04:34:50 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7075 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87766042&p=160628&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
805d453d41d213c363330533fed25c739d767430e7f4148727b55ed3a5d70c02

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 08:46:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame CDB2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7cfe6593-cdc5-4700-a0b6-c43cc195b207&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3710105856933683394
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dpubmatic%26uid%3DE3571CFB-02A3-4D05-9...
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=pubmatic&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=pubmatic&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 02 Jan 2024 08:48:05 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
4

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 02 Jan 2024 08:48:06 GMT
location
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=pubmatic&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C6AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2737469907082529874&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2737469907082529874&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 05:23:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
c845b51b-319d-4a05-8922-240b31b68c85
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:04 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2737469907082529874&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame F32D 		43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:05 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 3FF6
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12xuc8vbo64n
1 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12xuc8vbo64n
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 00:05:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Tue, 02 Jan 2024 08:48:09 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12xuc8vbo64n
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7075
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=41cc-wKjTQWY3BqSMmr6Wg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=156581
accept-ranges
bytes
content-length
5622
expires
Thu, 04 Jan 2024 04:17:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 7075
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=92a1f33d-6522-4d5f-9122-fa9fde06217a%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=92a1f33d-6522-4d5f-9122-fa9fde06217a%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=92a1f33d-6522-4d5f-9122-fa9fde06217a%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=75b0f43b-d089-4345-98db-2dafdee0ed2d&ttd_puid=92a1f33d-6522-4d5f-9122-fa9fde06217a%2C%2C
date
Tue, 02 Jan 2024 08:48:05 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 7075 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.47.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-47-187.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.0.180
content-length
49
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame 7075 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Tue, 02 Jan 2024 08:48:11 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 7075
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTM1NzFDRkItMDJBMy00RDA1LTk4REMtMUE5MjMyNkFGQTVB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 04:39:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7075
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBgpYvahqHkTOpxKrp_kNgw&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBgpYvahqHkTOpxKrp_kNgw&google_cver=1
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 04:59:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBgpYvahqHkTOpxKrp_kNgw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7075 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 01 Jan 2024 08:48:04 GMT
E3571CFB-02A3-4D05-98DC-1A92326AFA5A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7075 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E3571CFB-02A3-4D05-98DC-1A92326AFA5A?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.146.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-146-191.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 7075
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=
42 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 08:48:04 GMT
server
Kestrel
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame 7075
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4596796740221088984&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4596796740221088984&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 05:23:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4596796740221088984&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
khaos.json
token.rubiconproject.com/ Frame 0B44 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
async_usersync
ib.adnxs.com/ Frame FC1B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
an-x-request-uuid
2fc03e1e-9afe-4a4d-ad81-0961cdc26f6a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
d94061dbd26c3173a6dcac09d426cff5c441f183f51762f17d5ed2eee0d92332
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Tue, 02 Jan 2024 08:48:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usersync
usersync.gumgum.com/ Frame 3E08
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2737469907082529874
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2737469907082529874
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
an-x-request-uuid
2c92683b-2958-49bc-92c0-c4bc2e71033d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2737469907082529874
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3E08
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_f84f14a8-c89d-4001-a78c-a3223816d238&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_f84f14a8-c89d-4001-a78c-a3223816d238&gdpr=0&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=JQ4d8HBfR_U-Ckf0KgwJpisCE6I-ChT7IwtXNs4x
  • https://usersync.gumgum.com/usersync?b=bsw&i=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 02 Jan 2024 08:48:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3E08
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=ac93c4ed-b7f6-4101-b9c2-cf77af4f58e7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=ac93c4ed-b7f6-4101-b9c2-cf77af4f58e7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 02 Jan 2024 08:48:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=ac93c4ed-b7f6-4101-b9c2-cf77af4f58e7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3E08
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7bc89e01-0a40-5fef-486c-8cd6a00212bb$ip$220.255.107.253
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-7bc89e01-0a40-5fef-486c-8cd6a00212bb$ip$220.255.107.253
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-7bc89e01-0a40-5fef-486c-8cd6a00212bb$ip$220.255.107.253
Date
Tue, 02 Jan 2024 08:48:05 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3E08
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-9KUjfr9E2pf3OG6oK2kK3aW9UpqZkN61Gq1D~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-9KUjfr9E2pf3OG6oK2kK3aW9UpqZkN61Gq1D~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:05 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-9KUjfr9E2pf3OG6oK2kK3aW9UpqZkN61Gq1D~A
content-length
0
usersync
usersync.gumgum.com/ Frame 3E08
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5e555364-505d-44f8-a8fc-8d1d1c908f27
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5e555364-505d-44f8-a8fc-8d1d1c908f27
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5e555364-505d-44f8-a8fc-8d1d1c908f27
Date
Tue, 02 Jan 2024 08:48:06 GMT
Connection
keep-alive
X-CI-RTID
1cf8161f-5a3e-4e1d-bb37-34f6e4994f9e
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 47EB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=2478682083756549096&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=2478682083756549096&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 02 Jan 2024 08:48:05 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=2478682083756549096&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 5E6B 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9mODRmMTRhOC1jODlkLTQwMDEtYTc4Yy1hMzIyMzgxNmQyMzg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:48:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B53C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=156580
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 02 Jan 2024 08:48:05 GMT
expires
Thu, 04 Jan 2024 04:17:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C4FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=75b0f43b-d089-4345-98db-2dafdee0ed2d
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=75b0f43b-d089-4345-98db-2dafdee0ed2d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 02 Jan 2024 08:48:05 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=75b0f43b-d089-4345-98db-2dafdee0ed2d
server
Kestrel
usersync
usersync.gumgum.com/ Frame 3DBF
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZPNxcCo5swAAPrWAaEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZPNxcCo5swAAPrWAaEAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:05 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 08:48:05 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZPNxcCo5swAAPrWAaEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40209.dc2p.scaleout.jp
X-SO-IP
220.255.107.253
X-SO-Key
ZZPNxcCo5swAAPrWAaEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"220.255.107.253","key":"ZZPNxcCo5swAAPrWAaEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40209"}
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40209
idl.js
assets.a-mo.net/js/ Frame 85AC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.betootaadvocate.com&e=27&uid=579e1990-04d4-43eb-a67b-0d837a94c9d4
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
via
1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SIN5-C1
age
191
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
83f1bdb0a96f4080-SIN
x-amz-cf-id
VWlaiq4-IEhAUZmymG8rS5HiSvJS4-c_VrINgPcNoaXlqmny6I_4xg==
expires
Tue, 02 Jan 2024 09:48:05 GMT
usync.html
eus.rubiconproject.com/ Frame 7CC1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.198.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-198-23.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://prebid.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 08:48:05 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 02 Jan 2024 08:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
setuid
prebid.a-mo.net/ Frame 85AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=579e1990-04d4-43eb-a67b-0d837a94c9d4&gdpr=0&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=579e1990-04d4-43eb-a67b-0d837a94c9d4&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=1---
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=2e63cf67-d2f6-42dd-9a85-f21cecdb03a9&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Tue, 02 Jan 2024 08:48:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 85AC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=579e1990-04d4-43eb-a67b-0d837a94c9d4
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-luyBdH9E2uE5kx89wPgbZJrI3aUaCvebyvJ9A.Q-~A
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-luyBdH9E2uE5kx89wPgbZJrI3aUaCvebyvJ9A.Q-~A
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-luyBdH9E2uE5kx89wPgbZJrI3aUaCvebyvJ9A.Q-~A
date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
u
id.a-mx.com/ Frame 85AC 		0
0
setuid
prebid.a-mo.net/ Frame 85AC
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=openx&uid=6270ef52-267c-4abe-b535-1f8fe6449b2c
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=openx&uid=6270ef52-267c-4abe-b535-1f8fe6449b2c
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=openx&uid=6270ef52-267c-4abe-b535-1f8fe6449b2c
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
cookie
cm.adform.net/ Frame 85AC 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dadform%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:06 GMT
server
nginx
content-length
43
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 85AC
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-whF8IdlE2uVRpi4tB1YtZiynWbEW7hQ-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-whF8IdlE2uVRpi4tB1YtZiynWbEW7hQ-~A&gdpr=0
Protocol
H2
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-whF8IdlE2uVRpi4tB1YtZiynWbEW7hQ-~A&gdpr=0
date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame 85AC
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=index_rtb&uid=ZZPNxVRj8TKbV0Sreid4DgAA%264874
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=index_rtb&uid=ZZPNxVRj8TKbV0Sreid4DgAA%264874
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FG1iyNqJ869KtPXdVffcF194vF6jbuh7SdwgZ1iFWkcbBHnMVoPxvPRjOE1mfi7U9H2YoNOXMQ2hXnfyICSbYHW0isZoV17ys4BEKLVhYIfXBg1KXB2L2S0O2jX070d4thlETT9"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=index_rtb&uid=ZZPNxVRj8TKbV0Sreid4DgAA%264874
cache-control
no-cache
cf-ray
83f1bdb10a94405f-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 85AC
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=sovrn&uid=H7FQCLZHgPpM_pD1SdSQ3FmA
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=sovrn&uid=H7FQCLZHgPpM_pD1SdSQ3FmA
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Tue, 02 Jan 2024 08:48:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=sovrn&uid=H7FQCLZHgPpM_pD1SdSQ3FmA
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 85AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=appnexus&uid=2737469907082529874
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=appnexus&uid=2737469907082529874
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
an-x-request-uuid
3fc88694-2b79-4945-a1ff-da45528ded3c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=579e1990-04d4-43eb-a67b-0d837a94c9d4&bidder=appnexus&uid=2737469907082529874
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 85AC 		0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=579e1990-04d4-43eb-a67b-0d837a94c9d4&do=www.betootaadvocate.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 85AC 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=579e1990-04d4-43eb-a67b-0d837a94c9d4&do=www.betootaadvocate.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.179 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
an-x-request-uuid
50a07419-20e3-4e53-b68a-7726e18c323e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
220.255.107.253; 220.255.107.253; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ada4b727-14f5-4d72-873d-635c03d978af
https://prebid.a-mo.net/ Frame 85AC 		184 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/ada4b727-14f5-4d72-873d-635c03d978af
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4630dc55ee52862f23a35326383d7e1539f50d29c0aa82661ecd1eef339b9693

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
184
Content-Type
ecm3
s.amazon-adsystem.com/ Frame 0B44
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zDX-X0VFTviHei87C9pD_g&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zDX-X0VFTviHei87C9pD_g&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zDX-X0VFTviHei87C9pD_g&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1SGF7J5EWX7CA32J4WY3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=zDX-X0VFTviHei87C9pD_g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0B44
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=&expires=30
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=75b0f43b-d089-4345-98db-2dafdee0ed2d&gdpr=0&gdpr_consent=&expires=30
date
Tue, 02 Jan 2024 08:48:05 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 0B44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFXM1dZVDgtMU8tNk9CTw==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEPj125v2i5pgFMaxcN_iOlE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXM1dZVDgtMU8tNk9CTw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXM1dZVDgtMU8tNk9CTw==&google_push=&gdpr=0
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXM1dZVDgtMU8tNk9CTw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 0B44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LQW3WYT8-1O-6OBO&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQW3WYT8-1O-6OBO&ex=d-rubiconproject.com&status=ok&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
THRN5PQBSPJ1JAB6RXRP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQW3WYT8-1O-6OBO&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
setuid
px.ads.linkedin.com/ Frame 0B44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQW3WYT8-1O-6OBO&gdpr=0
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQW3WYT8-1O-6OBO&gdpr=0
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B3F67E46CE2D45FC8D08F5632DA742E0 Ref B: SG1EDGE0110 Ref C: 2024-01-02T08:48:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8o6U/XiCDC23SxXl9g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQW3WYT8-1O-6OBO&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0B44
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6SlTqSySQniq9cmQHkDjjA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6SlTqSySQniq9cmQHkDjjA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6SlTqSySQniq9cmQHkDjjA&gdpr=0
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NSKPV2FQ9F5FQTA3REN7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6SlTqSySQniq9cmQHkDjjA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0B44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZmWS-Daw0OOBAQW3YIv7jsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Gerl_NE2oJYRqg2DtI9ZWLcHj_LPlrzihyFIg--~A
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Gerl_NE2oJYRqg2DtI9ZWLcHj_LPlrzihyFIg--~A
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2Gerl_NE2oJYRqg2DtI9ZWLcHj_LPlrzihyFIg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 0B44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECDUW-NX52ddE1ZIVY1uc3s&google_cver=1
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECDUW-NX52ddE1ZIVY1uc3s&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESECDUW-NX52ddE1ZIVY1uc3s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczMThmZjY0MDcyNTg5YzdlNjE0N2Y3MjgyNjRjZjIyOWRkNGUyMg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczMThmZjY0MDcyNTg5YzdlNjE0N2Y3MjgyNjRjZjIyOWRkNGUyMg&gdpr=0
Protocol
H3
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzczMThmZjY0MDcyNTg5YzdlNjE0N2Y3MjgyNjRjZjIyOWRkNGUyMg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0B44
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJVck7LJ5wAABPkih7-3A&expires=30&gdpr=0
91 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJVck7LJ5wAABPkih7-3A&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
content-length
91
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJVck7LJ5wAABPkih7-3A&expires=30&gdpr=0
Date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame 0B44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQW3WYT8-1O-6OBO&gdpr=0
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQW3WYT8-1O-6OBO&gdpr=0
Protocol
H2
Server
18.140.29.15 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-29-15.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQW3WYT8-1O-6OBO&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
pixel
capi.connatix.com/us/ Frame 0B44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQW3WYT8-1O-6OBO&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LQW3WYT8-1O-6OBO&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQW3WYT8-1O-6OBO&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f1bdb4b9804cbf-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQW3WYT8-1O-6OBO&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f1bdb36f7a4cbf-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
cksync
hb.yahoo.net/ Frame 0B44
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQW3WYT8-1O-6OBO&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQW3WYT8-1O-6OBO&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HYnVoWk5oRTJ1R0Q3dEpJNjNCcVZlX2M1bVM4dEVSVn5B&gdpr=0&ovsid=LQW3WYT8-1O-6OBO&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HYnVoWk5oRTJ1R0Q3dEpJNjNCcVZlX2M1bVM4dEVSVn5B&gdpr=0&ovsid=LQW3WYT8-1O-6OBO&dpid=58160
Protocol
H2
Server
72.247.127.240 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-127-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 08:48:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 08:48:06 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HYnVoWk5oRTJ1R0Q3dEpJNjNCcVZlX2M1bVM4dEVSVn5B&gdpr=0&ovsid=LQW3WYT8-1O-6OBO&dpid=58160
date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 0B44
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b4215b4-a51b-4bcd-96eb-e9f4aee38a9a&expires=30&gdpr=0
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b4215b4-a51b-4bcd-96eb-e9f4aee38a9a&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4290507b7388fb86809e552482e2fff0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b4215b4-a51b-4bcd-96eb-e9f4aee38a9a&expires=30&gdpr=0
Date
Tue, 02 Jan 2024 08:48:06 GMT
Connection
keep-alive
X-CI-RTID
1fcb1092-63d5-426b-8ba4-21d95732a7b8
Content-Length
155
Content-Type
text/html; charset=utf-8
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 0B44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQW3WYT8-1O-6OBO&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQW3WYT8-1O-6OBO
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQW3WYT8-1O-6OBO&ckls=true&ci=hrIXjNUhGw&nc=false&trid=-1340290794
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQW3WYT8-1O-6OBO&ckls=true&ci=hrIXjNUhGw&nc=false&trid=-1340290794
Protocol
H2
Server
13.224.250.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-83.sin52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:06 GMT
via
1.1 0afae887d1f4306bda4c7ef1dea46b9a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
93B9r4MpHNc4U-Ehye-Egjfzh4gJSQ62fleSVjF_BU8hnLWY0_FCmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:06 GMT
via
1.1 0afae887d1f4306bda4c7ef1dea46b9a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQW3WYT8-1O-6OBO&ckls=true&ci=hrIXjNUhGw&nc=false&trid=-1340290794
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
rSIdcReIsn8MWUJwg3e5Zwnp_4gnImPJvS1jFHW7EYrngUOKXL_ylw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0B44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LQW3WYT8-1O-6OBO&gdpr=0
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQW3WYT8-1O-6OBO&gdpr=0
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 08:48:06 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQW3WYT8-1O-6OBO&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
fed
ups.analytics.yahoo.com/ups/58771/ Frame 85AC 		316 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=579e1990-04d4-43eb-a67b-0d837a94c9d4
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.betootaadvocate.com&e=27&uid=579e1990-04d4-43eb-a67b-0d837a94c9d4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
b65ca5916c78276ffc4a505611855c3c9a8bf9b2584cd2f8a370826433b32c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02C5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
266694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Dec 2023 06:43:11 GMT
expires
Sun, 29 Dec 2024 06:43:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A93A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f105.1e100.net
Software
GSE /
Resource Hash
5dc0f00f5f7195833e712e8c8f5cf4c701e79bfbc1c0d4c46d1a76b000e97678
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D0nwUnhMIZ4dGlzBNfKdVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-D0nwUnhMIZ4dGlzBNfKdVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:48:05 GMT
expires
Tue, 02 Jan 2024 08:48:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 7CC1 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.198.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-198-23.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
79eb9a84a4f56ccd0cd60a97bad994a72dbd734a10af460dff80881cdcce0059

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 08:48:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jan 2024 04:34:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71205
Connection
keep-alive
Content-Length
13173
Expires
Wed, 03 Jan 2024 04:34:50 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 02C5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:35:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
7973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 06:35:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A93A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=1905111820770339&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
khaos.json
token.rubiconproject.com/ Frame 7CC1 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQW3WYT8-1O-6OBO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
generate_204
tpc.googlesyndication.com/ Frame 02C5 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G4hTbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
211.json
id5-sync.com/g/v2/ 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/211.json
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.20.0-std_v1.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
4052d2f9bdf62ab431c352ee70e244daa27677e422bff7b7c8b5af594b8f476c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Tue, 02 Jan 2024 08:48:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
magnite
prebid.a-mo.net/setuid/ Frame 7CC1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&khaos=LQW3WYT8-1O-6OBO
  • https://prebid.a-mo.net/setuid/magnite?uid=LQW3WYT8-1O-6OBO&gdpr=0&gdpr_consent=undefined
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQW3WYT8-1O-6OBO&gdpr=0&gdpr_consent=undefined
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQW3WYT8-1O-6OBO&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=1905111820770339&bg=!WVqlWhXNAAY3kmNgF5I7ADQBe5WfOGwnqjhLPqiIY0VJD-uvnTRqDzaduToKphaWAZEkPOVGvjNukcBOPZqRiNVioducAgAAAHJSAAAABGgBB5kDCF8Kl2oKTW5R8cnNGMGidqNlt7aYS9iHXYeXN8RzpPUWJg1Tz1cBNIB19HcD6c3FE5Hs8fTKtAhvTPEtvHl_mI-ZXMdMzAMxFK2CX59v8Gl-eDsKmD_rUAAo1psrrFLcQ94IzWZTDicxpChXsDCgsUq4Ej6XRm5b1j80w5Ln1-h122VqgiznBDUifkd_EdcpdLHYNQIp0YM7UUtx9Yp0q7HhGJALauSlFHUBvcO2EEfJv4Zhj8dczQr2qUy04Wbe78fvUmx6WQihuht6UgPRVfBtXtQ5FQhC3vIOw4BW6rz4EoF62blcUii85ElF7ztX_6I9pO4bb9Gspa3Y1Ee8czjMVSMozrKOf33EQmcEUlAkIZX3DGyN07UHRhZr-0WqPd6kF32gOr2-DXxzamINI5J8AS9KMbhkm48zDk2D_z0UNrrYEXXVA2wHWHORxQBvjfrQOtbAekei5kLLOTZgZx5y_7CJhqhqSUvLO9_7leMMZhNzzioMrOo5gKZeoBEo3hCoceW6BGBex-AXYfO58Nr38dOmbnrjbbwbBHJLCDChEc1F1mAYNmoPxjNefrT39eN_RbwHCvK29ugmbKt2l3r5hoY_TTASis3fXLIWOTiPoDKSRkk5IMW2yzfxOePJ8GHxWyzPDtgIrIO0d4yvA_IktdCxaKG3qVWJYaVSzA61HPMh5GEZGh71rkhe5bqqYlMREhdLQj6X8krW02c3BGiycCQq2WAoKvEfjVxpgacKmUxl21xEt8-W87lLvdjYcKmAC3npexBz-tQKDjNVDT_gA_NS_Rn65Nae31lU9uWeh89qrGF3gYvYWC-mC865U-PhoKr5GZ7YStTvEwBZU7AWcTqcxOOaa5sm6s48TIcSQz3V042bDfBYi541jFTHGH7BnbsH6ctSCx6dyCAdGyeGhLYdN7OQWzDqBIbAE1ZLyAyczia9ijhqPuxfb-7JC3MtWLWUcSDclvBvtd6g9LNlkXjGBSfFLEpvf6mYfNUwgjjB7fdqGDp62ZBgjwTtH4OqAqdejW__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 7075 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160628&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:08:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4ZLLC2NYSG&gtm=45je3bt0v9118813431&_p=1704185274905&gcd=11l1l1l1l1&dma=0&tcfd=1000g&cid=1683639413.1704185278&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1704185278&sct=1&seg=0&dl=https%3A%2F%2Fwww.betootaadvocate.com%2F&dt=The%20Betoota%20Advocate%20-%20Australia%27s%20Oldest%20And%20Favourite%20Newspaper&_s=2&tfd=14044
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZLLC2NYSG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7075 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12116365&p=160628&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
a36ae4ea91fb224b5a0e69845225fc86fea55bce6a7ae8032ee25c8ed7a8c6f2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 02 Jan 2024 08:48:07 GMT
content-length
1907
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 6E7A 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 02 Jan 2024 08:48:08 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 3D15
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zf6_R5iv5ULW-uVDwvyrEcPysRXW-rZMy_vvIne8
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zf6_R5iv5ULW-uVDwvyrEcPysRXW-rZMy_vvIne8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 00:05:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 02 Jan 2024 08:48:07 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zf6_R5iv5ULW-uVDwvyrEcPysRXW-rZMy_vvIne8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5810 		85 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 02 Jan 2024 08:48:08 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qpg1260-QPG
x-timer
S1704185288.871339,VS0,VE239
Pug
simage2.pubmatic.com/AdServer/ Frame BE17
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=94db73f9c99b46ca8a764e6915bed4f8
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=94db73f9c99b46ca8a764e6915bed4f8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 05:23:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 02 Jan 2024 08:48:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=94db73f9c99b46ca8a764e6915bed4f8
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 19D5 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 02 Jan 2024 08:48:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame E93A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=e8ieAQpAX-9IbIzWoAISu9z_a_0&gdpr=0&gdpr_consent=
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=e8ieAQpAX-9IbIzWoAISu9z_a_0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 08:48:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jan 2024 08:48:08 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=e8ieAQpAX-9IbIzWoAISu9z_a_0&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 2F52 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1A79
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:26:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:48:07 GMT
expires
Tue, 02 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
617017
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
bridge
cm.adgrx.com/ Frame 5F28 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.207.233 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Tue, 02 Jan 2024 08:48:08 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame E2C6
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03b569d23337494db4e0f677c814d5e9
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03b569d23337494db4e0f677c814d5e9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 08:48:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03b569d23337494db4e0f677c814d5e9
pragma
no-cache
server
Tengine
458249.gif
idsync.rlcdn.com/ Frame 7075
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEUzNTcxQ0ZCLTAyQTMtNEQwNS05OERDLTFBOTIzMjZBRkE1QRAAGg0IyJvPrAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=bbcbf5db640f3e99cb90a3a134e29ebe8591d85cad41d686691d810db70add3b791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYmNiZjVkYjY0MGYzZTk5Y2I5MGEzYTEzNGUyOWViZTg1OTFkODVjYWQ0MWQ2ODY2OTFkODEwZGI3MGFkZDNiNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYmNiZjVkYjY0MGYzZTk5Y2I5MGEzYTEzNGUyOWViZTg1OTFkODVjYWQ0MWQ2ODY2OTFkODEwZGI3MGFkZDNiNzkxNDI2YjU0MTdkY2UyMRAAGgwIyJvPrAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c078117e-e11a-4aa3-93ea-7a622558a132
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c078117e-e11a-4aa3-93ea-7a622558a132
Protocol
H3
Server
35.244.154.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 02 Jan 2024 08:48:09 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=c078117e-e11a-4aa3-93ea-7a622558a132
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame 7075
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=11d9c4379d3122a3&is_secure=true&networkId=17100&version=1&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALBIaOC9EYdwMKwjM5AAAAAAA&expiration=1704271688&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&...
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALBIaOC9EYdwMKwjM5AAAAAAA&expiration=1704271688&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 08:48:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 08:48:08 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALBIaOC9EYdwMKwjM5AAAAAAA&expiration=1704271688&nuid=E3571CFB-02A3-4D05-98DC-1A92326AFA5A&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame B53C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=655862&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
166e8bae9bd25be42e86b766beeacdd23767f7a0bd941afe94b96a79d50dfb68

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 02 Jan 2024 08:48:08 GMT
content-length
1726
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 2038
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KTuKH6lEDae2vDwIyM2TZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KTuKH6lEDae2vDwIyM2TZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 05:23:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:08 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KTuKH6lEDae2vDwIyM2TZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 5AC1 		0
0
pxd
dps.jp.cinarra.com/ Frame 9E2E 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.38.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
0
date
Tue, 02 Jan 2024 08:48:08 GMT
i.match
a.tribalfusion.com/ Frame CBF8 		43 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83f1bdc3cd95600b-SIN
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 08:48:08 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame 8CD5 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:09 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-fef242492fc4@version_1.579
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 8D59
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 08:48:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 02 Jan 2024 08:48:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame 6D2F 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
0
date
Tue, 02 Jan 2024 08:48:08 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame E9F8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F655E287F89F41D8B9D92802968BC439&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F655E287F89F41D8B9D92802968BC439&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 05:23:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 02 Jan 2024 08:48:08 GMT
expires
Mon, 01 Jan 2024 08:48:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F655E287F89F41D8B9D92802968BC439&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 5ED9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:itrM51611RkAru5&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:itrM51611RkAru5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 04:39:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 08:48:07 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:itrM51611RkAru5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0ad8138d56a9ec354@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame B309
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292556411330
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292556411330
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 04:39:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 02 Jan 2024 08:48:08 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2020216292556411330
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
usersync
usersync.gumgum.com/ Frame D6F5 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:08 GMT
Expires
0
Pragma
no-cache
index-1703210416.html
a.mailmunch.co/forms-cache/103219/1003311/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/1003311/index-1703210416.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2471045353e554eac4522b9a4a0073547383ba21daf6e97a131c2d58bb3f9d9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:04:45 GMT
content-encoding
gzip
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
974605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 02:00:22 GMT
server
AmazonS3
etag
W/"e6559c0d7980c32367b7e065bca9faa9"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
JXhbx2rgduW4pdFHkANmX8LkTcuthstV4T_4f9gKuAudrfW36_4DKg==
index-1632148025.html
a.mailmunch.co/forms-cache/103219/608252/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/608252/index-1632148025.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-46.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e89e0e3e1852e0edbdcd2d2941118bf99f4d1a7fb8bc20b11239f2f31d59353

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 12:13:13 GMT
content-encoding
gzip
via
1.1 a29e907d5a7ced98e0f8ec2a4ffc01b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
8886897
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 08 Sep 2023 01:01:55 GMT
server
AmazonS3
etag
W/"e8e0e9ad399039a464d1ff13886aa063"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
hSSDUbxIBuvIdAWe_pKPBepamAjWgWEDyPZMtOissKl7qlVikjeuHg==
SPug
simage4.pubmatic.com/AdServer/ Frame 7075 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160628&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160628&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame B53C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame B53C 		139 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95505463&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
7e1ae5367ac5f55e7abb5a8d84d12605c22f5312223ed690f151c5277ae2e507

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 02 Jan 2024 08:48:11 GMT
content-length
139
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5B4A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1704185291690
  • https://ad.turn.com/r/cs?pid=45&rndcb=8369198798
  • https://sync.1rx.io/usersync/turn/3515932829652169944?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 04:59:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 02 Jan 2024 08:48:12 GMT
etag
RX4b8e0800d2ad4684b256a16c78845dc1004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4b8e0800-d2ad-4684-b256-a16c78845dc1-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
usersync
usersync.gumgum.com/ Frame DAAF 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=E3571CFB-02A3-4D05-98DC-1A92326AFA5A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 02 Jan 2024 08:48:11 GMT
Expires
0
Pragma
no-cache
SPug
simage4.pubmatic.com/AdServer/ Frame B53C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:48:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13244
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
id.a-mx.com
URL
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Damx_com%26uid%3D
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D

Verdicts & Comments Add Verdict or Comment

475 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| documentPictureInPicture object| _wpemojiSettings object| Give_Recurring_Vars undefined| $ function| jQuery object| webpackChunkgive_recurring object| _mmunch object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdsDateFormat object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer function| cnxps object| block_tdi_13 object| block_tdi_28 object| block_tdi_29 object| block_tdi_32 object| block_tdi_52 object| block_tdi_54 object| block_tdi_57 string| sbiajaxurl object| postIdsNoAds object| give_stripe_vars object| webpackChunkStripeJSouter function| noop function| Stripe object| give_global_vars object| giveApiSettings object| GiveDonationSummaryData object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| webpackChunkgive function| iFrameResize function| give_open_form_modal function| give_fl_trigger function| give_change_html5_form_field_validation_message function| update_profile_state_field function| addDynamicEventListener object| Give object| iFrameResizer object| GiveDonationSummary function| _ object| sb_instagram_js_options object| tdbAutoload object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdHeader object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdReadingProgressBar object| tdTabbedContent object| tdListMenu object| tdConfirm function| removeAds undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdbLocationFinder object| tdbLocationDisplay object| tdbFormTaxonomies object| tdbFormFileUpload object| tdbFormGallery object| tdbPostsList object| tdbModal object| tdbFilters object| tdbFiltersLoop object| tdbFiltersList object| tdbFiltersDropdown object| tdbReviewsList object| tdbCustomForms object| tdbTOC object| tdbFavourites boolean| sbi_js_exists function| Hammer function| $f function| onYouTubeIframeAPIReady object| addComment object| tdcPostSettings function| tdbGetMobileTemplates function| sbi_init object| td_res_context_registered_atts object| give_float_labels function| date object| sbi function| _classCallCheck function| mailmunchGetMethodChain function| mailmunchGetOrCreateMethodChain function| MailMunchBaseForm function| _createClass object| _mailmunchInstances function| MailmunchMethodChain function| MailmunchUrlChangeTracker object| MailMunchDeviceDetect object| MailMunchAjax object| MailMunchHelpers object| mailmunch object| MailMunchWidgets object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| __tcfapi function| __uspapi number| sbiWindowWidth number| sbi_photo_width_manual function| ShopifyBuy object| googletag object| gaGlobal object| twemoji object| WebFont function| _mJquery object| jQuery111301842614383081309 object| gaplugins object| gaData number| tcf_loops number| tcf_maxLoops number| tcf_loopDuration number| tcf_cmpIsReady function| snack_consent string| sn_gg_dt_unit string| sn_gg_mob_unit number| randomNumberOzone object| ozoneCustom object| snack_data function| getQueryParams object| query undefined| snack_debug_mode function| snack_debug function| deleteCookie function| setCookie function| getCookie function| snack_adds_init function| snack_add_tag function| snack_display_tag function| snack_setup_ads function| aps_setup_ads function| snack_enqueue_script boolean| pbSnackMobile boolean| pbSnackTablet boolean| pbSnackDevice object| snack_head_scripts object| snack_body_scripts string| snack_base_url object| me_script string| me_script_src object| filled_slots number| max_refresh number| times_refreshed object| snack_tags_present object| snack_tags_lazyload object| snack_tags_not_present object| AD_UNITS_TOGGLE_OFF number| PREBID_TIMEOUT object| pbjs undefined| tcf_debug_mode object| gpt_script function| snack_load_gpt undefined| ref_source function| no_pubcid number| requires_schain string| schain_sid object| sloader object| schain_obj object| snack_tags object| snack_site_config object| adUnits object| nano_kw string| nano_kw_str object| bid function| start_snack_ads function| snack_start_pb object| ads_already_loaded function| lazyload_inview object| times_refreshed_arr function| refresh_init function| refresh_loop object| slots object| test_slots function| refreshBid function| killSlot object| isMobile object| sublime number| u number| b object| m4462M function| m4462q object| xop object| -qzy99t9klj4 object| -de2c7mgupz4 object| hOM87v2 function| hOM87v3 function| xblocker function| MailMunchEmbedded function| MailMunchPopover function| MailMunchSidebar object| OqtkkY function| Oqtkkl object| xblacklist object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| invibes object| edktInitializor object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| pbstck object| pbstckQ object| Pubstack function| __tcfapiui function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| ox_esp object| pbstckrefresh object| __uid2SecureSignalProvider object| __uid2 object| criteo_pubtag object| criteo_identitytag_146 object| Criteo object| Criteo_identitytag_146 object| criteo_syncframe_state number| google_unique_id object| sas object| apntag object| _ADAGIO boolean| DFPMessageEnabled object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

140 Cookies

Domain/Path Name / Value
cdn.edkt.io/check Name: 3pc
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQtJDvyswxCgoIkQIQtJDvyswxCgoItAIQtJDvyswxCgoI5gEQtJDvyswxCgoIhwIQtJDvyswxCgoItwIQtJDvyswxCgkIOhC0kO_KzDEKCgiMAhC0kO_KzDEKCQhfELSQ78rMMQoJCB8QtJDvyswx
m.stripe.com/ Name: m
Value: aa476d9e-1629-4616-96b5-e911c9a6924b84ea1b
.www.betootaadvocate.com/ Name: __stripe_mid
Value: b68a599b-f140-4e7d-b62c-3275ad9d4de3f5c9b0
.www.betootaadvocate.com/ Name: __stripe_sid
Value: dd51e197-8c9d-4c46-be1c-c783e78b977f1d3373
www.betootaadvocate.com/ Name: _y
Value: c95bc148-6CB0-4478-0900-4F540312F8CD
www.betootaadvocate.com/ Name: _shopify_y
Value: c95bc148-6CB0-4478-0900-4F540312F8CD
www.betootaadvocate.com/ Name: _s
Value: c95bc155-5986-46F0-D77C-B51B44CAE3A3
www.betootaadvocate.com/ Name: _shopify_s
Value: c95bc155-5986-46F0-D77C-B51B44CAE3A3
.betootaadvocate.com/ Name: _ga
Value: GA1.2.1683639413.1704185278
.betootaadvocate.com/ Name: _gid
Value: GA1.2.1347550707.1704185278
.betootaadvocate.com/ Name: _gat_gtag_UA_56468053_1
Value: 1
.betootaadvocate.com/ Name: sharedid
Value: 041af77d-d2c1-4e33-b0c5-c6ec5d48f569
.betootaadvocate.com/ Name: sharedid_cst
Value: kSylLAssaw%3D%3D
.betootaadvocate.com/ Name: lotame_domain_check
Value: betootaadvocate.com
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 3e63e0177f23e0c59d442c32fe8cc3e5
.betootaadvocate.com/ Name: _cc_id
Value: 3e63e0177f23e0c59d442c32fe8cc3e5
.betootaadvocate.com/ Name: panoramaId
Value: 953bd870cd1f28a8b9696dc3f363185ca02c175afab27829c6c6b6438a619e3b
.betootaadvocate.com/ Name: panoramaIdType
Value: panoDevice
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1704185280_1704185280
.a-mo.net/ Name: amuid2
Value: 579e1990-04d4-43eb-a67b-0d837a94c9d4
.prebid.a-mo.net/ Name: sd_amuid2
Value: 579e1990-04d4-43eb-a67b-0d837a94c9d4
.3lift.com/ Name: tluid
Value: 523208842684578747345
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 88025fc4-3664-46a0-846f-177203386a5c|1704185281
.justpremium.com/ Name: jpxumaster
Value: r-4870d6e7-5530-4ed5-9f8d-a2d7e6dca81a-35122-734411705
.justpremium.com/ Name: jpxsession
Value: r-f9fbe841-da43-4cb8-a360-afe6e9f5b6d5-35122-734460973
.justpremium.com/ Name: jpxuuid
Value: r-7de19361-d166-4d9a-a4a8-288e13666cf6-35122-734495571
.justpremium.com/ Name: 158203_527041
Value: 0_0_0
.justpremium.com/ Name: 158203_527042
Value: 0_0_0
.justpremium.com/ Name: 158203_527043
Value: 0_0_0
.justpremium.com/ Name: 158203_527045
Value: 0_0_0
.justpremium.com/ Name: 158203_527046
Value: 0_0_0
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: a_f84f14a8-c89d-4001-a78c-a3223816d238
.rubiconproject.com/ Name: khaos
Value: LQW3WYT8-1O-6OBO
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: fc4b2f2f-acdf-4824-896a-fb9642bd0a7e
.adsrvr.org/ Name: TDID
Value: 75b0f43b-d089-4345-98db-2dafdee0ed2d
.openx.net/ Name: univ_id
Value: 537072971|75b0f43b-d089-4345-98db-2dafdee0ed2d|1704185281597659
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: 6X0gU361PFikizSDWUqFKBA8ZBtFwxM
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzA0MTg1MjgxfQ
.doubleclick.net/ Name: IDE
Value: AHWqTUleCN96qWmMdfkbLylGiYqqv6unsmi2W9isWj_XneLL-QBtCBmfbe3jYjNOhs4
.betootaadvocate.com/ Name: __gads
Value: ID=0e3c71436f96fed5:T=1704185281:RT=1704185281:S=ALNI_MYhZxXbTBVcJiAhea6WLV5bzZymaw
.betootaadvocate.com/ Name: __gpi
Value: UID=00000ccff3cf07d3:T=1704185281:RT=1704185281:S=ALNI_MaQKeTAos-maWliry4RNmG6tzrv0A
.betootaadvocate.com/ Name: _ga_4ZLLC2NYSG
Value: GS1.1.1704185278.1.0.1704185282.0.0.0
.media.net/ Name: visitor-id
Value: 3471868832684592000V10
.media.net/ Name: data-g
Value: CAESEC-oSVakl3ypD-xliotTbH8~~6
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E3571CFB-02A3-4D05-98DC-1A92326AFA5A
.ladsp.com/ Name: lum
Value: CO2K78rMMRIFCAEQqAESBQgDEKgE
.smartadserver.com/ Name: pid
Value: 3266141944167911596
.linkedin.com/ Name: bcookie
Value: "v=2&d6308848-552f-4b91-888a-4ab9316ee3e6"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2812:u=1:x=1:i=1704185284:t=1704271684:v=2:sig=AQFGN7HWRnKCyjYHEet54zlJGLNQsQK5"
www.betootaadvocate.com/ Name: _lr_retry_request
Value: true
www.betootaadvocate.com/ Name: _lr_env_src_ats
Value: false
.tribalfusion.com/ Name: ANON_ID
Value: a3ntuJM0ing9PBmSTEpS77oqmxSEUEnDPCs1cZbPHn7pQTE9jRnHbZagZaoq8UXX9pLq0CZaBp6JemTHqZcuq9wNCi2kI
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME41M041MDQ3TzMC0smmlikmJkbJxkZpqRbJycappgxAkDr57BEQDQUAWjYLbA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInXz2CJCCAgAfFwKK"
.betootaadvocate.com/ Name: panoramaId_expiry
Value: 1704790084483
.openx.net/ Name: pd
Value: v2|1704185281.3|lYvOjEiuhI.iawJuIjIlQlU
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 2737469907082529874
.pubmatic.com/ Name: DPSync3
Value: 1705363200%3A201_245_226%7C1704240000%3A248
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZPNxAALYQFAIAAM
.ambientdsp.com/ Name: _aGeoIp
Value: SG-Singapore
.ambientdsp.com/ Name: _aUID
Value: 12xuc8vbo64n
.betootaadvocate.com/ Name: cto_bundle
Value: 4GG03F9MMUhHWmVDbUowcU40cEdOUTVIYkt5ZzRLY1oxcVp4M1hpUFdUcExsbUpRVDh1eThhYVdacnpSJTJCRkFoZ21nQUVMVVhnaWxoYkd4M3ZZV3QlMkJpM296TTdCSWFSMnliNW11UGl2T0s0V0pwYkF0ZHp1YWhYMnklMkZhbiUyQjQzRVZjRHFzTUZmR3lJbFM1NFV1b2FtMnBNaiUyQmNLdmVZYkpIekhRMVJqSGhUckNVRzFBJTNE
.betootaadvocate.com/ Name: cto_bidid
Value: DIztWV82N0VtWVdnU3JiSnJvdWM2MHdjU0ZFMSUyQkdWJTJCJTJCaTZFTkRUbnNiZnZRVmJqa2lhVEIwTGs4QldHa29UTEZmcDFiaXVHSXdOanpqcEhicTR3alNTREpZWE5RMFNVS0tCOUxUdk0lMkJVa05yJTJCbGg5ZEpDS3dHQm9HZ1M5ZmUwZnhYUGI
.simpli.fi/ Name: suid
Value: F655E287F89F41D8B9D92802968BC439
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2737469907082529874&KRTB&23339-2737469907082529874
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12xuc8vbo64n
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-75b0f43b-d089-4345-98db-2dafdee0ed2d&KRTB&22918-75b0f43b-d089-4345-98db-2dafdee0ed2d&KRTB&22926-75b0f43b-d089-4345-98db-2dafdee0ed2d&KRTB&23031-75b0f43b-d089-4345-98db-2dafdee0ed2d
.linkedin.com/ Name: li_sugr
Value: ba381328-8c95-4ca3-8ed3-5ce7f7a7f4fb
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBgpYvahqHkTOpxKrp_kNgw&KRTB&23025-CAESEBgpYvahqHkTOpxKrp_kNgw&KRTB&23386-CAESEBgpYvahqHkTOpxKrp_kNgw
.tapad.com/ Name: TapAd_TS
Value: 1704185284967
.tapad.com/ Name: TapAd_DID
Value: 92a1f33d-6522-4d5f-9122-fa9fde06217a
.yahoo.com/ Name: A3
Value: d=AQABBMXNk2UCEHY98XWFzpryVlRo62VoYY8FEgEBAQEflWWdZQAAAAAA_eMAAA&S=AQAAAi64kysZnvQAeFoffKQJqEI
.turn.com/ Name: uid
Value: 3515932829652169944
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4596796740221088984&KRTB&23150-4596796740221088984&KRTB&23527-4596796740221088984
.justpremium.com/ Name: jpxumatched
Value: gg
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!56
.socdm.com/ Name: SOC
Value: ZZPNxcCo5swAAPrWAaEAAAAA
.casalemedia.com/ Name: CMID
Value: ZZPNxVRj8TKbV0Sreid4DgAA
.casalemedia.com/ Name: CMPS
Value: 4874
.casalemedia.com/ Name: CMPRO
Value: 4874
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M40<DYRWSF']wIg2Hb7MKV`B!A#F8(3<Syd5yN>S^'o+0$14-Gm0ucD>Ig_D>IymD?bSqGlsq8EK8lZGdD1Ne_0CHP'QqW=`/1k'7x1DJ>GtE=U]!k?o5?>h05Es'<sf=gsH`)SyFY.#LKk-)jw_E!!$9*.$f3#
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI1MjMyMDg4NDI2ODQ1Nzg3NDczNDUiLCJleHBpcmVzIjoiMjAyNC0wNC0wMVQwODo0ODowNFoifSwiYW14Ijp7InVpZCI6IjU3OWUxOTkwLTA0ZDQtNDNlYi1hNjdiLTBkODM3YTk0YzlkNCIsImV4cGlyZXMiOiIyMDI0LTA0LTAxVDA4OjQ4OjA1WiJ9fSwiYmlydGhkYXkiOiIyMDI0LTAxLTAyVDA4OjQ4OjA0WiJ9
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCIrIjJSy3sU8EAUSFwoIcHVibWF0aWMSCwigovOUst7FPBAFEhYKB3J1Ymljb24SCwj43deZst7FPBAFGAEgAigCMgsIzvmgxcjexTwQBTgBWgZndW1ndW1gAg..
.pubmatic.com/ Name: pi
Value: 158355:3
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.bidswitch.net/ Name: c
Value: 1704185285
.bidswitch.net/ Name: tuuid_lu
Value: 1704185285
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiNTc5ZTE5OTAtMDRkNC00M2ViLWE2N2ItMGQ4MzdhOTRjOWQ0IiwiZXhwaXJlcyI6IjIwMjQtMDEtMTZUMDg6NDg6MDUuNDg2MjA4ODIzWiJ9fX0=
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.mathtag.com/ Name: uuid
Value: 7cfe6593-cdc5-4700-a0b6-c43cc195b207
.bidswitch.net/ Name: tuuid
Value: 2e63cf67-d2f6-42dd-9a85-f21cecdb03a9
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:7cfe6593-cdc5-4700-a0b6-c43cc195b207
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7bc89e01-0a40-5fef-486c-8cd6a00212bb.Nl6BBLUe8ZKB9TB%2BmakALv8%2BdpZyUXNEHZUYmZpuGkA
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7bc89e01-0a40-5fef-486c-8cd6a00212bb.Nl6BBLUe8ZKB9TB%2BmakALv8%2BdpZyUXNEHZUYmZpuGkA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ae8ieAQpAX-9IbIzWoAISu9z_a_0.xFM5RHTBB976L0Wwy6Ec60lABKHleaQ5ZV%2B%2FWv36Shc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ae8ieAQpAX-9IbIzWoAISu9z_a_0.xFM5RHTBB976L0Wwy6Ec60lABKHleaQ5ZV%2B%2FWv36Shc
.pubmatic.com/ Name: SyncRTB3
Value: 1704758400%3A2_223%7C1705363200%3A7_71_54_56_247_3_220_13_21%7C1705017600%3A63
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "196y~2fy8:18z8~2fy8:18vk~2fy8:19e0~2fy8"
.bidr.io/ Name: bito
Value: AAJVck7LJ5wAABPkih7-3A
.bidr.io/ Name: bitoIsSecure
Value: ok
.sharethrough.com/ Name: stx_user_id
Value: a5e0155b-b20a-445e-85fd-8b6b969fe4f5
.lijit.com/ Name: ljt_reader
Value: H7FQCLZHgPpM_pD1SdSQ3FmA
.connatix.com/ Name: cnx_userId
Value: 894c4733b97e4d07a53c5e3dbd6fac83
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIONJ19JGa2TJ-1wncOFmL01RknlmZON_vMolppOqhFpYEAEYAyDFm8-sBjABOgT90vuTQgS-x_IK.Vh67hasbEjN%2B9ZdYGgUCaHptW9XKD3wimY3lmxpz7HE
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIONJ19JGa2TJ-1wncOFmL01RknlmZON_vMolppOqhFpYEAEYAyDFm8-sBjABOgT90vuTQgS-x_IK.Vh67hasbEjN%2B9ZdYGgUCaHptW9XKD3wimY3lmxpz7HE
.adform.net/ Name: uid
Value: 3710105856933683394
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3710105856933683394&KRTB&23263-3710105856933683394&KRTB&23481-3710105856933683394
.pubmatic.com/ Name: PugT
Value: 1704173030
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.quantserve.com/ Name: d
Value: ECUBDQHnKv7KwQA
.quantserve.com/ Name: mc
Value: 6593cdc6-1c797-e897a-10800
.pubmatic.com/ Name: SPugT
Value: 1704185286
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.primis.tech/ Name: csuuid
Value: 6593cdc629906
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 7f39dcb4-2365-7de2-b155-43454ec29a46#1704185286181#1
.hb.yahoo.net/ Name: visitor-id
Value: 3471868862684575000V10
.hb.yahoo.net/ Name: data-mag
Value: LQW3WYT8-1O-6OBO~~63
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ipredictive.com/ Name: cu
Value: 3b4215b4-a51b-4bcd-96eb-e9f4aee38a9a|1704185286293
.amazon-adsystem.com/ Name: ad-id
Value: A13hX37ir0wBlYwWqTFqiYk
.lijit.com/ Name: _ljtrtb_80
Value: LQW3WYT8-1O-6OBO
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKjuTKj1DC+o7b9YIk8o9ILRkQX72pHr/m+U8Ns3eVUcnnnLd8S/067XvrScBDJPMYmIjECCV1W2uBxGCOXoSK13JVirmTB2nGyqVI1k5poNA==
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: hrIXjNUhGw

58 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security warning URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEBX_eNsXG7tOiWrEr2K-dOU&google_cver=1&google_push=AXcoOmQT-1rzumGNa3uiSTBkrAlYQv02e2U8-JA6OAdBwYTJSe1FoEhmgseCgmejOuhLMJ1s_fh3WYGoJN7Mc8Kns7P1gIYQYK24semAco3U9gDkLEHo8qERHG_e8qvoE8_z6WUEp48Xb_-dfuuI8kaLFaU
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.betootaadvocate.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=13244' from origin 'https://www.betootaadvocate.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13244
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://omny.fm').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.stripe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://snackmedia-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://omny.fm').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.stripe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://snackmedia-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.betootaadvocate.com&e=27&uid=579e1990-04d4-43eb-a67b-0d837a94c9d4(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
network error URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJVck7LJ5wAABPkih7-3A&expires=30&gdpr=0
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D579e1990-04d4-43eb-a67b-0d837a94c9d4%26bidder%3Damx_com%26uid%3D
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mailmunch.co
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ajax.googleapis.com
analytics.mailmunch.co
ap.lijit.com
api.edkt.io
api.rlcdn.com
app.cauly.co.kr
assets.a-mo.net
bcp.crwdcntrl.net
betoota-advocate-shed.myshopify.com
betootaadvocate.com
boot.pbstck.com
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn-header-bidding.snack-media.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.edkt.io
cdn.jsdelivr.net
cdn.pbstck.com
cdn.prod.uidapi.com
cdn.shopify.com
ce.lijit.com
cfa3d40cc343e51b7a2df348b213f068.safeframe.googlesyndication.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cms.quantserve.com
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.com
cs.media.net
cs.nex8.net
csync.loopme.me
dis.criteo.com
dps.jp.cinarra.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
g2.gumgum.com
gocm.c.appier.net
google-bidout-d.openx.net
gum.criteo.com
hb.yahoo.net
hblg.media.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
intake.pbstck.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
js.stripe.com
lb.eu-1-id5-sync.com
lg3.media.net
live.primis.tech
m.stripe.com
m.stripe.network
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
monorail-edge.shopifysvc.com
o479328.ingest.sentry.io
oa.openxcdn.net
oajs.openx.net
omny.fm
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
qsearch-a.akamaihd.net
refresh.pbstck.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
script.4dex.io
sdks.shopifycdn.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snackmedia-d.openx.net
ssbsync.smartadserver.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
widgets.snack-projects.co.uk
www.betootaadvocate.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.omnycontent.com
x.bidswitch.net
api.rlcdn.com
cm-supply-web.gammaplatform.com
cs.nex8.net
id.a-mx.com
sync-dsp.ad-m.asia
103.229.10.211
103.43.90.179
104.18.25.173
104.18.35.167
104.18.36.155
104.18.41.104
104.19.158.19
104.20.107.62
104.22.0.93
104.22.4.69
104.22.51.212
104.26.8.169
104.65.228.208
104.83.196.24
104.83.197.63
104.83.198.23
107.178.254.65
119.9.108.180
13.107.42.14
13.112.177.149
13.112.54.241
13.224.250.128
13.224.250.20
13.224.250.21
13.224.250.83
13.227.254.23
13.250.207.233
13.251.194.25
13.251.47.187
13.33.33.49
13.33.88.110
13.33.88.71
13.33.89.72
131.153.206.101
133.186.161.88
138.199.46.68
141.95.33.120
142.251.10.138
142.251.10.157
15.197.193.217
151.101.1.108
151.101.129.229
151.101.192.176
151.101.2.49
162.19.138.120
172.105.221.240
172.217.194.105
172.217.194.155
172.253.118.132
172.253.118.157
172.64.149.180
172.67.21.25
172.67.25.151
18.136.146.191
18.138.18.111
18.140.29.15
18.143.106.89
18.205.36.100
182.161.73.129
182.161.73.136
182.161.73.146
185.146.173.20
185.84.60.20
195.5.165.20
198.8.71.130
207.65.33.78
207.65.33.82
207.65.34.74
207.65.34.87
209.191.163.208
211.120.53.206
220.150.223.50
23.106.127.52
23.227.38.74
23.227.60.200
23.36.48.24
23.49.60.130
23.50.93.199
34.102.146.192
34.102.229.135
34.111.113.62
34.120.107.143
34.120.111.33
34.120.195.249
34.126.167.117
34.149.50.64
34.98.64.218
34.98.67.3
35.186.193.173
35.213.12.39
35.214.187.199
35.227.252.103
35.244.154.8
35.244.159.8
35.79.38.31
37.157.6.237
44.239.215.175
50.116.239.135
51.79.152.81
52.223.2.229
52.46.151.131
52.74.26.171
52.77.10.176
52.84.45.14
54.150.124.92
54.158.172.237
54.165.166.176
54.187.159.182
54.192.150.46
54.199.31.211
54.250.9.123
54.91.59.199
64.233.170.132
64.233.170.95
67.199.150.81
67.199.150.82
67.220.226.232
69.173.158.64
69.173.158.65
72.247.127.240
74.118.186.107
74.121.140.211
74.125.130.95
74.125.200.154
74.125.24.157
74.125.68.94
74.125.68.97
8.18.47.7
82.145.213.8
89.207.22.140
00649438c71db3bee3f6d7680b8e1288b5da0e9bef701d42206f5f94b1225d5d
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
03b91cc6b7b75f6aa9e1015ded5196298213496512857cbba8ac41a23ae06c13
0437d15c303173bb2b2d7123ae01fa20722bf581ec9c5dc4b43cb47328172f06
04c1992406ec9c6f2aac5a686c636ed33dd24e80edc607559710ec293b571da2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089991f58410f646ce04fbb3e31e0a30eb1f2d2c810e9278385b04adf74d6843
0999d3a847dcd6a8461bfdbf98d6dc9335ac1bbd8c8c1a9a8acaf163e6a71645
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e89e0e3e1852e0edbdcd2d2941118bf99f4d1a7fb8bc20b11239f2f31d59353
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f6fa7a0a74259565845d52c122faf5cbcb04b6fea5d027b5731e8e0a59378e4
113ff743ffe227ee0c9ae35ea6912f164d5e0cf0d9a3af11e52eccff87f04395
130a03140ace422969a9a2dbfd4d3f2f07dea3c085c1a71bb4058f1f6ba99c77
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
166e8bae9bd25be42e86b766beeacdd23767f7a0bd941afe94b96a79d50dfb68
16cfab4b521c83685e4a84ac4c3f3292b40deab923a472e16447158af174c9e1
17d52e12ece0d784f97fc3aa0b2ddcb3982684c27bae40cfd84b387749cb0e30
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1957b85d70be39b9874c458e8eb77a62b5c4b37a2fc8909af9e11c3d40bab4c8
1f70cfa6983f31738d88a13d2df9dc04a031c242c00664151b1c4d6123493a24
227ca39844920b0d66ca72b9dff9440d853efc6241423d54b0de4e978cee2ca4
22b18cb4de3cb893295b438e4ab5cebdcb5b6ca1e79e8be22d40c5366ecec3b4
23497944e02b08b1d8878ca3dd565199cff1d66aae241e8419d3e93c10cb7c0f
24ed25142796cc746b1347ecffd7f8baa4f16d81fffdddbca11f5e8c2a3916cb
25e5b4968e452c220bf79304e9227cefb454b2148758a803f4d27a22a5b51fc2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26ab428b0c041295ab003ee3092e00f9daf7642156583063a046cce76590bd48
29ae932ebfc4ef85e75c9bb132f63952299a7cc2e28abf9324e9f8740e6131ce
2be45ef24dcc7af17aa1f676b5da114cdc62d5eb5e2836c83f07b47b9552abd1
2d1c1f074f56ec8caa2fe0f67c0933719bb6fe52ca11b3f6751ae62059404827
2d565feffce15b3c95db2e82c539c8c54fde9ca96e095ca87a77a0e3f3a882e6
2e57e8f62f2714d6a281bfadf716a041f87aecacbbd08d894f23beffd5271ece
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe62006eb24f633f53a11d09f19a42e22c7ce960ec2b3f471226fdb5bce3235
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32c2cfb308a229ab5f6fd5238c4c2ae2315cf80d5302ba18b09e822fb7081166
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374b289d88f83b909d367cce96d58508c70185125c29fbdf46d9c5bf1fa776bf
38a94dca5d95c210a670a327db5f38030f7b42da54d7ee832a3dd77265b249a0
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
396121521df8c4b2715023aa811a7212f8f155e01436c930f5e9ef641a363679
3b9e230825a5d69b1d2fb79b406439e1a5b9385cebd21ba8f1180afc09d5fba5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d230ded0d47548eca5bdbda2107399f501a5c06e2cdd900f449fee17541ee76
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de06d17189e15796e7e8f2640a21b655c2d1562e0fdb88df501f9f3138ad42b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f87a150d1d48758c8bcb85523b461d603f07ba6aac1a2d9aafe4e6b4c1c666b
3fd8f7782bd65dbe9537a6e74e66c4555782c72b0050d128f753f503843bed82
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4052d2f9bdf62ab431c352ee70e244daa27677e422bff7b7c8b5af594b8f476c
414dfd3a5fc7ec6781151178ba8a2eff8df15a0480a9766df5d7fe3e67aacc4a
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
428d5ff7d482c7a121619b0fbcd931ffc8ae96a116c342b87ae51539708e5538
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
4408d0a689912fd392cf3dc65ac22757182ac65b9bfd5c16596a3dfb936a1ebf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450b99a8f26cbeda4af46867bebc233cc126e696e321b8ba9a4d2e2e2d31dc63
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4630dc55ee52862f23a35326383d7e1539f50d29c0aa82661ecd1eef339b9693
463b3036e25536f8e798d083074b2d9dc1c26261387a4408847e9134ac073266
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be83055627b74d5779543f96c07a88b10bc29cab3434c6cb7e3cc4f9664e295
4dea00bf10e0e94309b80e6e574a91e18712ade7cbf6107b42093cf60c74f782
4dee88fe4746d985abd39e386867bde211d02212656051b8f003648386a6e753
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4ffc35ac4d5e3f1546a4c1a879f425f090ff3336e0fce31a39ae4973b5e8c127
50338bee5cd172d881b12eee82890858feaa42dec7a25654ca813be2691ad973
5054ef0fb19c01698578e251584c1e47f82cf88eb69cba038f4ddbdee460ed67
516b82ba6258e1d7fd91513504b2a3d4d3c9cba9082633f1d16aeb3a5f41224d
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51b6a9f57be93642c352f62db6b79ffdba1ec54df3ec966b07762b85a17a02d6
52b4e80322ceea83bdef8d7939564f86e48fb850683296423da0ed252aa0c3ee
52d0c294bd5a8c30d7b06359b6a35218c397b7e0dcef450f12d74a982552d9bb
52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91
5361633c9faadd6d759fb77e2648e3a693de4410f5da93196aa72401168686fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541f9b92f065902a54022422117ae72b1a13cf74f8d36bbe76a8c81a722b8a46
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b1c945b531e2d66c4fddd8ae74478abac63f7bd1c66f3246250ef4f35cdb92
561d75b69f4c05ef2d7335bfc99a1f0cad36d53cdc96d58e506426bc7b18c4dc
56237fb1a5631ed1c8bd4b8722dbd5cd9917e91eb91d4754ab2e66a6b1c0a714
57b0c7f1aa0ed9519020ccdca771a17cce9a709a460f62a88d996c156c975684
584ac38a54a8e9268303d5b2f97f804a9f5122543515f28d81f6a6065d912fe4
58e34717b0cec2a83b64079793a1e03e1db87c97066f8e6f07bbdae255c9c052
5dc0f00f5f7195833e712e8c8f5cf4c701e79bfbc1c0d4c46d1a76b000e97678
5ee9c933bc0a2e52d4b20efe0e5e5dcbb22aba49b48f7e54b31793839792f16c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c3a8de19d269904a6d72f0f3ccaa83528503d22280e43113d10911590b5c95
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
654baea258ef04690d4314f50aabe789ca5e7423f7381258446e64f20fe5581c
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6709a8cd8e07e7c4e5d6c3c35c4758c42c972bf41d4daf9a14abf6f5be0a59bb
684dda9fe41445cad9bc894d6f83c281c2e3c411856904273b7befb7719f34a9
68f9878ec0d1bcae87fa4f7c68767acd4058ec2107e4105646c87aee8334e936
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf9bb26263ea7f5b18ab30b3d6c86f7df14c3a0d97cb5a67eea10b485f4d338
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6ce2015d02806a5e4fb362b4e8da586684971de5213575b91cfd84149f64b139
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
719a236d6524155eca8905f401750a035ae0372d2c7d971356dd6f9f96aeffca
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15
787c7b022a6979a9f23834de008052625804b61bd2e0e0ae4d9361157d99887c
78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79eb9a84a4f56ccd0cd60a97bad994a72dbd734a10af460dff80881cdcce0059
7b536ded558ccf7c84991908c01dfea31e4a894e52f68356583027d78d35c706
7bfc5237e8e6346a55f519577142ef2ce4b84bd84c9bcf2c0675c520bacf1f13
7c0209ad30ba6b9bc23d2f6228a4065ab777b889dd982a8c17d459ec702be926
7d269437b016a4c55782cb76e5f07d09a19b9e75909891e5889585d64bbbdd3a
7e1ae5367ac5f55e7abb5a8d84d12605c22f5312223ed690f151c5277ae2e507
7fc04fa5a2d39a18d0d3ac9ae8c7e018d8e8e366c38a137799b96b8992cbf3d7
801d234ecf47cc73cdd0b98558c4e5aac85949921184f1cab6c964d5b073b2b0
802e9028483930a2cf1e6cc857183b4404451e72ec9e555845612bacdeec2490
805d453d41d213c363330533fed25c739d767430e7f4148727b55ed3a5d70c02
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b
82ba0b7c8f3191735eef2757df692b2f8f43f0b27bd7c211388e60672af4cf59
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
855a9fb612f660dc3bf968d6eba5fd6e4f5112bd44ff96c4aadccb6b0892695e
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
86390c182874ee78035b2929cf944aed9a4f50465b8380271574e4eaffd9cbe3
8752501a9c32832119ff9cddfe47b8f32e51c97d5abbd6d254d3646ca9e6d665
89c2d8502ad6af29342c37dcfe2864d2eccb53a7e545fbd05e7052b0d93826be
8c4666657c89669c936d114a1ebfcf66c7f56113857f788dad3830e6a586f296
8d4204857a62869dbefad7233472f39a5b83bd4493833a8b7cfc6a688f8951aa
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e0b9374e30c5c796d04169b8a461a2c5007ef7f4a86168d632d2e5ca3ec4508
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
928b32acd96edf814334c8e140ab7f46b6a80f2891434a6e1d9a4ad3bb757597
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
966360a88a7e084cfc9cb1372ab8443618fa9a8fa8bd89afeb0f67aff0c37452
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5b0f3e63c1c55ba61073a8139a048aaf9ec2962599e24596c61fdd4c3be43f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a36ae4ea91fb224b5a0e69845225fc86fea55bce6a7ae8032ee25c8ed7a8c6f2
a449caa094b77c960c3f97acc18efe61c21aefc21043d55b093f2eeab1c0eadb
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6eded00baf8989a00ae532498c24904285fcf42a8c7d727f2270ac74cd4d56b
a73756a678e8e2a8aa4c3ebec6843b379474c1ecb7bd3124f879157141746475
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa338f9f28f12ceffb790ce01497cb31c32a8265f59a82fce44b56ea6af525eb
aa39137f5c117eefa448e473cbf4520d4bce91c3b37dd4bbfb903613fbe96dc8
aa7e9ecc8d287db1d42d159a6a793e4c7ee763fe0d62e158aba5577e3aff1881
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac5bc3d42e95e3b8c86daa42653e3a6922d0b5a9a1f36e04721e69a38ffa430c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aeeb00b65c626157993b8aeb9e2071e54f0136b08b7a4b92bd98163fd4692a15
aef7b186c832637e1303d69cfe2b4f125969fe76f32d17cafd3ebaa4bf2c4247
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a74af641cea8c1f19fbaac8567d7a97624b393ab9b172a2b76737bf291de67
b10da3db8bd92838051a2f554d6d8dab5603d0367606f74610f901b0f18da4ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b39c8bde9930fccb03edab6958a0429a9c524da194f373a0454a34614eea9165
b4351bb8f000ae7aa9d6a168799c09e57a49e6564520b5f25be3488b5075513a
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5a134ac6c07dce8e5b5615f1948862b46cb25e2e621d45371b2dc5dadb16684
b65ca5916c78276ffc4a505611855c3c9a8bf9b2584cd2f8a370826433b32c58
b846ef170dfb8305947448dbeeec8b1054f73573346678f1a4f9f72f981a4c3d
b919dcb87ce9dd2e66882154d391c80a6f91ee4ba3d352fa88657729d61cd6c1
b967e61616e1b2654e2e0a4adc38963397330e74104b3058fbdc3671be92e70f
b9eb9d682cfcbdb21e287ae51acfe0d9caa18e35e0e5aab8508faaa509aaae9b
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba3b35e930a793b885887fc176ad38c7a21d7614f67748db6a872e027e4d35f4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3390a2cd5dc160e9a701ceb30e69572460f8d5540941b75684a807ce40b6a5
bee522edff65917a2a6bf73db010b8de5a7bd6a7c8e0dccd5ef39b0b28302e42
bf41f73936eefaed7c45ed6df28b056c2e1f7b44b0ffe63d56d07d081cf7f428
c00fc21fd70d52ae4d157e55768305f75110de0d445f53404461fbd6bbaf70f1
c03479e6f02504de844285fcb503c535c8b135b8f44c9acc01ca66a2815c2085
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23d5ca3e201d4c79f0b3f980beda9287a056df0f5c8c7ddb087a6d95f671210
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5d79d196a9c76038937d64e2dd9b8727408336c121da69a02fe4e1948b9918f
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c60cdce7ff6902c37326eb2f67d00d36340acdc0a77bd7c61f86a596dddaee4d
c6700c5a885f3443c90d50a4281ab9038d374b8c5edcfe6d7e3f5aa7e1870b7a
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7f111bc6ce54bf2d3b530b608bc20eee88ba646d14b65457c518ffc32892f6e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5
cd1df290aa60ed226b1014a450ef16b5466b8efc6e65bd0b3b0708be27b442d4
ce0f5368f00f93c1714d74a511deb48686ddf3d9e7f2efda684d7de8587bb9ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4c9fe6e06a31ba3c5e2bd5bba519cb89f527f84d4c491e35f88cd3613e7a78
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d1d9e6edd39d1da52124a02d6e80694aa03753a5ce0b10bd65dd9379fc99a0b4
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d32bf80a3e850a72c08c318994024340039d08ae96f6320521e6122ec2afc58d
d532f59bb8c5e5dca811745e90f42d0a2f598931315a284dcf7508cffc5689bc
d58a24d219366d5a18c44eed47fdbb7e5086923da65a20baef8aaf4592cdcbb9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d94061dbd26c3173a6dcac09d426cff5c441f183f51762f17d5ed2eee0d92332
da4fada3595750f81fdaa0208de38c9526ed2e992e3d9493b8ce5cec75626c30
dc3ce41c49e17e65163f0c7f24ddd048dbddb6633c0df7e84863e7b6f7d87eac
dc610eb574b3180f989113f123b006f07e53521f601cf1cde0a9531170838f77
dcad94b6a32ec5030d3516820428da0de61a374e46c97d555b087a78e0ab004a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6db3f903296e39abe266a621b7a1ed4f207d6089b5c84fb76ca23d602f6925
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfdbdd2efe65871253152bb33510817b4c98f246880918a4570df134935d21b9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0fb6230f4db2fd66dc9b75d2342d3584b1c0407be4b4683c789d22e904185c0
e22a50c334577787dd805c6fec9388d7001fd7bd4a0b92179e39b62b0179edb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5ce7fdceea5dc30cf5c939afabae2877284954f598965a4f8e0a950c6670927
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e815d1c163b77de570acdbbc72f9c10c5e1b8d246d158fc219670c8b873b1bf3
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e88f999464deea967047392a7a08ac5799155fbf40e63c6f99c8496be21086aa
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ecec378089aaab88b84f15debf5c3f28eb80d79d79a5f17971556b7b275b97d4
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed5297f04d86e06325abfc96f65e0f58b051d0b46eda17097408dbec355eb5b9
ee32231d5a875e40e49ccdbdcafb20fd26c2e9d86891a3ec1c7d539a54ae9e46
ee9768df988fbda1ed069b216b2c72939f1fb20a81d435eadff69101cf72fa7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3426ba2849e31dfd6553c8db9edf508e5c35fe34ea18f57177207f82193c47
f1bfedf7c882ca316abd64d03037a165b8c661d051c81b869b0a7100082119cc
f1fd2650b005a6d51b71ae221905b17632566f26c36b5fd2299fcb07125d68c1
f2471045353e554eac4522b9a4a0073547383ba21daf6e97a131c2d58bb3f9d9
f26191cfd3aef0f16f81a7277021628731cf074a2126a096a20c14ee0e9cacb2
f4463408f527c99cb3a9a33e746e7dd818cd7f6809d27a741de18ff604ba2fc3
f51c8dc32b26be857334ca4517f5ab9e1a0f76106c33dfee88ca931f3edd7875
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f718cc6a6c18df93ea1075582133c62e4b4edda836a9e137b2dd517f67ceab58
f858c1a94ec5d7ebc46acd4254265e5300514ca8817cdc19dd973cc91aca65b5
fa02b52b135a63852f2147fe383c39262ec17d17ca568601c881878f2644a562
fbd75ec890cb1d8ac4303161022edc5d5c361a54725d32fb293572e877fe1b3e
fc50ae4a94abda48ef61ad74dc8f42a6854eab50648ec8844a33b2439c9160f7
fd5c830eec6dc15ae270f6c0f4c6a517ff1fca2f3032a95796f04e0337635880
fd84760f0d592333d5d12f51a4ca2b38b77c81e71fad2fa3c0f83a9701275bee
ffa8224d00f5beeb81f99ee4320499e896e07cf2dfa3690db9f0351d285bb62b