oreosea.com Open in urlscan Pro
178.128.22.35  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://9224723.fls.doubleclick.net/activityi;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z89182227760za201zb9182227760;gcs=G111;gcd=13t3t3t3t5;dma=0;epver=2;~oref=https%3A%2F%2Foreosea.com%2Fpokemon HTTP 302
• https://9224723.fls.doubleclick.net/activityi;dc_pre=CMmVwPaPpoYDFRWgrAId6K0Ghw;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z89182227760za201zb9182227760;gcs=G111;gcd=13t3t3t3t5;dma=0;epver=2;~oref=https%3A%2F%2Foreosea.com%2Fpokemon

Request Chain 30

• https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1731236565.1716548084&url=https%3A%2F%2Foreosea.com%2Fpokemon&dma=0&npa=0&gtm=45He45m0n91NBPFS4TVv9182227760za200&auid=1717570883.1716548084 HTTP 302
• https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1731236565.1716548084&url=https%3A%2F%2Foreosea.com%2Fpokemon&dma=0&npa=0&gtm=45He45m0n91NBPFS4TVv9182227760za200&auid=1717570883.1716548084

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pokemon Show response oreosea.com/	24 KB 7 KB	189ms 46ms	Document text/html	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash c484ceb34dbfad290c46cfeedc32bc6cec8dc277c7878a6fa474cf4349fea930 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate no-cache, private content-encoding gzip content-length 5869 content-security-policy frame-ancestors 'self'; content-type text/html; charset=UTF-8 date Fri, 24 May 2024 10:54:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	app.min.css oreosea.com/assets/css/	67 KB 10 KB	42ms 40ms	Stylesheet text/css	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://oreosea.com/assets/css/app.min.css Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash c70c6642873edff44ed4c1ca34cda0f81e2135df5b23b5eea184822abbd0f891 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 10284 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "10b9d-664c2e8a-37eba8;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	19533831.js Show response js.hs-scripts.com/	1 KB 1 KB	809ms 171ms	Script application/javascript	104.16.140.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/19533831.js Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.140.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3731158ff53cbb9b08ef2c862fce2b86a102720147e1959a68983b958f91d202 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-hubspot-correlation-id 0af8fb79-5832-41f3-a56f-11238e762a14 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=1556 age 32 x-envoy-upstream-service-time 5 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 0af8fb79-5832-41f3-a56f-11238e762a14 cf-bgj minify last-modified Fri, 24 May 2024 10:54:10 GMT server cloudflare access-control-max-age 3600 vary origin, Accept-Encoding content-type application/javascript;charset=utf-8 access-control-allow-origin https://oreosea.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-sxctz x-evy-trace-virtual-host all access-control-allow-credentials true cache-control public, max-age=90 cf-ray 888cbfca9a6c6591-SIN expires Fri, 24 May 2024 10:56:12 GMT
GET H2	200	menu.svg oreosea.com/assets/img/	643 B 289 B	42ms 41ms	Image image/svg+xml	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/menu.svg Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash 7121083509d2dda243d169b9773022f4a3511ccc3398477d27777edd09267d9d Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 204 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "283-664c2e8a-372aeb;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	logo.svg oreosea.com/assets/img/	1 MB 734 KB	43ms 42ms	Image image/svg+xml	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/logo.svg Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash e7fc843d719571f8ccc97c6cfc972ab633b74c0c31fce472004ab548689bfa08 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 751384 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "1256ce-664c2e8a-372ad4;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	icon-close.webp oreosea.com/assets/img/	2 KB 2 KB	140ms 139ms	Image image/webp	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/icon-close.webp Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash 373c5645f1cb4158dd26c3448b703fa61a94f0bd998dcbc106cde660b14b687b Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-security-policy frame-ancestors 'self'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 1950 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "79e-664c2e8a-372acc;;;" x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type image/webp access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	icon-ig.svg oreosea.com/assets/img/	971 B 461 B	147ms 144ms	Image image/svg+xml	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/icon-ig.svg Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash f39c047f07b655792a6bcdc9089d519c18a3f12cfbf0a2377cf21595bf9a833f Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 388 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "3cb-664c2e8a-372adb;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	icon-fb.svg oreosea.com/assets/img/	451 B 361 B	147ms 144ms	Image image/svg+xml	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/icon-fb.svg Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash df408a2b4cc077c57fd3a8caaf436eca9161fdc328a34ec4fff4b40a522d805f Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 288 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "1c3-664c2e8a-372aed;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	icon-yt.svg oreosea.com/assets/img/	654 B 394 B	147ms 145ms	Image image/svg+xml	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/icon-yt.svg Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash e45bfc87e9073c6916eb07cc6f49ddb54e9d976d4c5952f443e4da5817b5b6c0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 322 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "28e-664c2e8a-372ae6;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	footer-mondelez.svg oreosea.com/assets/img/	13 KB 10 KB	148ms 146ms	Image image/svg+xml	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/footer-mondelez.svg Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash ec4e87b22ed00e395c39ec862f8a91c77552273cdc19c7a51a0c0ef841e53a60 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 10051 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "3566-664c2e8a-37eb99;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	desktop.webp oreosea.com/assets/img/webp/	476 KB 476 KB	148ms 147ms	Image image/webp	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://oreosea.com/assets/img/webp/desktop.webp Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash 48fa2073c3f678168709411f923a176f0df11ce816b6c93bc56c80d949767f68 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-security-policy frame-ancestors 'self'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 487308 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "76f8c-664c2e8a-3819ba;;;" x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type image/webp access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	app.min.js Show response oreosea.com/assets/js/	340 KB 72 KB	143ms 140ms	Script application/x-javascript	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://oreosea.com/assets/js/app.min.js Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash f4ba29ae344251b6d6e6cef96c9d3492ee73b441a5f6fd0753aea97866772815 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-encoding br x-content-type-options nosniff content-security-policy frame-ancestors 'self'; strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 74053 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "55004-664c2e8a-37eba9;br" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/x-javascript access-control-allow-origin * access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	gtm.js Show response www.googletagmanager.com/	307 KB 97 KB	926ms 163ms	Script application/javascript	172.253.118.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBPFS4TV Requested by Host: oreosea.com URL: https://oreosea.com/pokemon Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f97.1e100.net Software Google Tag Manager / Resource Hash 9ac9f1c7dcd733456a5242524e1dda577c03118df7e7e580e95eda26f000ae13 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:42 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 99223 x-xss-protection 0 last-modified Fri, 24 May 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 May 2024 10:54:42 GMT
GET H2	200	icielpluto-black.otf oreosea.com/assets/fonts/	76 KB 76 KB	677ms 677ms	Font application/x-font-woff	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://oreosea.com/assets/fonts/icielpluto-black.otf Requested by Host: oreosea.com URL: https://oreosea.com/assets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash e4f313c278f24f748bbb5f4ce66b31e59b22bd97e2ffe550d67cee4cc1f9cb6c Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/assets/css/app.min.css Origin https://oreosea.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:41 GMT content-security-policy frame-ancestors 'self'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 78092 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "1310c-664c2e8a-37eba5;;;" x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type application/x-font-woff access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
GET H2	200	banner.js Show response js.hs-banner.com/v2/19533831/	71 KB 26 KB	450ms 50ms	Script text/javascript	172.64.153.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/19533831/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/19533831.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc91c382ce353e8e62e6141d67610ea7a13715135e25500394d5720a34a0a1d1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:43 GMT x-amz-version-id NqQV7vm7WOnho_xeQK_O9OFyq7.r3HS4 content-encoding gzip cf-cache-status HIT x-amz-request-id N7YFZKAB1YDGGGC4 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 09269799-8a79-486d-9a1b-9edc0fc5cf8f age 146 x-envoy-upstream-service-time 20 x-amz-id-2 7AVRnfKLYNAqAfrn2cNsvJdNrowNijQbwkxPqJfiRjUu0qhbSqoLMyGV4N2yhnVC6OooBdURIDQ= x-evy-trace-listener listener_https x-request-id 09269799-8a79-486d-9a1b-9edc0fc5cf8f x-evy-trace-route-configuration listener_https/all last-modified Thu, 16 May 2024 07:16:27 GMT server cloudflare etag W/"64e8b5a646a3815e6e297e730c2bf291" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://oreosea.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 888cbfd3b97f3de4-SIN expires Fri, 24 May 2024 10:57:17 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 25 KB	708ms 293ms	Script application/javascript	104.16.107.254 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/19533831.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Origin https://oreosea.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT x-amz-version-id WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W via 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status EXPIRED x-amz-cf-pop IAD12-P3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 809148f8-ddb4-4af1-9cb7-3dfeda6762f5 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=888cbfd3dead3f65-SIN x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 1 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 809148f8-ddb4-4af1-9cb7-3dfeda6762f5 last-modified Wed, 15 May 2024 14:34:44 UTC server cloudflare etag W/"7d377a186677c174f204d466b8fa5fdb" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc cf-ray 888cbfd3dead3f65-SIN x-amz-cf-id j8VOzvoSyS3llGCm8nr-nb_0MvLUNK8Z8lxVXkgZoXe4Lk1Hhc8UDw== x-hs-target-asset collected-forms-embed-js/static-1.503/bundles/project.js
GET H2	200	19533831.js Show response js.hs-analytics.net/analytics/1716547800000/	71 KB 24 KB	443ms 49ms	Script text/javascript	104.16.160.168 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1716547800000/19533831.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/19533831.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b61b0289003d10b5380abc7a9b645c4d4bf73c29c4ec1de2bef54d74ba82cff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:43 GMT x-amz-version-id null content-encoding gzip cf-cache-status HIT x-amz-request-id 9C05EK3646F4XWY6 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 57783eb6-eac6-4e29-bd09-9ccd4832f16f age 228 x-envoy-upstream-service-time 31 x-amz-id-2 y2TnbCKhTIu6Kw13kHXtKUQQ6CZNy0evkYelhl2j9lZo0Vjj+1OY2IPoPa8xH9epxg8xKDQsRE0= x-evy-trace-listener listener_https x-request-id 57783eb6-eac6-4e29-bd09-9ccd4832f16f x-evy-trace-route-configuration listener_https/all last-modified Thu, 16 May 2024 07:16:29 GMT server cloudflare etag W/"d2a34ec93467db3bacbdf22a0bf98cbb" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs cache-control max-age=300,public access-control-allow-credentials false cf-ray 888cbfd3bf495c33-SIN expires Fri, 24 May 2024 10:55:55 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	432ms 47ms	Script application/javascript	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=018ebd62-6ab8-7088-9cff-09d9e420532a Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBPFS4TV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:43 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Dw6K+rTuf8kOuPIEBw1QQA== age 47981 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6881 x-ms-lease-status unlocked last-modified Thu, 23 May 2024 06:07:35 GMT server cloudflare etag 0x8DC7AEEA478CDA1 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5758aee0-b01e-003b-0844-ad0337000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfd3edf181f5-SIN
GET H2	200	js Show response www.googletagmanager.com/gtag/	309 KB 102 KB	256ms 254ms	Script application/javascript	172.253.118.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GY78W40MXC&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBPFS4TV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f97.1e100.net Software Google Tag Manager / Resource Hash 36f1abd92a1948256b5f147a77432e8ce30e968549b5bcb92c0e0fb89204b7eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104736 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 May 2024 10:54:43 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	199 KB 73 KB	288ms 287ms	Script application/javascript	172.253.118.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-9224723&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBPFS4TV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f97.1e100.net Software Google Tag Manager / Resource Hash 65afc71610d112632c520a6f9dc49a8ac518c339a1e70b45e897c644fcd1b94d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74158 x-xss-protection 0 last-modified Fri, 24 May 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 May 2024 10:54:43 GMT
GET H2	200	018ebd62-6ab8-7088-9cff-09d9e420532a.json Show response cdn.cookielaw.org/consent/018ebd62-6ab8-7088-9cff-09d9e420532a/	4 KB 2 KB	428ms 51ms	XHR application/x-javascript	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/018ebd62-6ab8-7088-9cff-09d9e420532a/018ebd62-6ab8-7088-9cff-09d9e420532a.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=018ebd62-6ab8-7088-9cff-09d9e420532a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2625ebda45e166fe613ff31c2c63c1cf642fa3754af910496a9468d577e25263 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 45987 content-md5 sb8brt7lzjXpRrumfxl5BA== content-length 1512 x-ms-lease-status unlocked last-modified Fri, 03 May 2024 10:15:05 GMT server cloudflare etag 0x8DC6B59E72EC092 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 92fd4fb4-401e-0061-7242-9d05b6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfd69d633e05-SIN expires Sat, 25 May 2024 10:54:44 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	696ms 300ms	Image image/gif	104.16.118.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-sg&bfp=77855058&v=1.1&a=19533831&pu=https%3A%2F%2Foreosea.com%2Fpokemon&t=Find+the+Oreo+Pok%C3%A9mon+Mew+cookie+now!&cts=1716548084143&vi=cb56b33ace488e8f548e99bebaa7c4c8&nc=true&u=191279349.cb56b33ace488e8f548e99bebaa7c4c8.1716548084137.1716548084137.1716548084137.1&b=191279349.1.1716548084137&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 3c5ea137-d0eb-4078-8cf3-1b46dafa52d8 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 8 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 3c5ea137-d0eb-4078-8cf3-1b46dafa52d8 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FdoyHWDyqJSIscswbh7HVZe3%2F8810mvcdfRBIInALJKr1usHKulsMkht9Y3KgBNUublwdo0ajAis3hl%2FtFz0dUV%2FWl4yUG3NCX%2BAx15d5hTxuqD7ZT6OgyYuYeGWJsOIpEQ%2B"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-c67ms x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 888cbfd88b5d469d-SIN x-robots-tag none
GET H2	200	__ptbe.gif track.hubspot.com/	45 B 741 B	743ms 347ms	Image image/gif	104.16.118.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptbe.gif?n=pe19533831_sign_up&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-sg&bfp=77855058&v=1.1&a=19533831&pu=https%3A%2F%2Foreosea.com%2Fpokemon&t=Find+the+Oreo+Pok%C3%A9mon+Mew+cookie+now!&cts=1716548084144&vi=cb56b33ace488e8f548e99bebaa7c4c8&nc=true&u=191279349.cb56b33ace488e8f548e99bebaa7c4c8.1716548084137.1716548084137.1716548084137.1&b=191279349.1.1716548084137&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id bf09a4ce-d036-454c-a88e-29a6d3e313cf p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 14 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id bf09a4ce-d036-454c-a88e-29a6d3e313cf server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gosqjVfv8liN3WC%2FL%2FBa1cAbxLuCZ%2F9L8e%2FJ8juQtJhs1Y2FdKPb%2B1DMRfsV87Y7NRmHgT1ggmlp%2B5YQ0qeFsi9AUV2q4c1PSJ54kL19W1CyMHwa4wSWH0j2PDC%2BOQwxjRv8"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-wmbn8 x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 888cbfd87b4f469d-SIN x-robots-tag none
GET H2	200	__ptbe.gif track.hubspot.com/	45 B 736 B	698ms 302ms	Image image/gif	104.16.118.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptbe.gif?n=pe19533831_t_m_click_event&_eventname=&_eventcategory=&_eventaction=&_eventlabel=&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=zh-sg&bfp=77855058&v=1.1&a=19533831&pu=https%3A%2F%2Foreosea.com%2Fpokemon&t=Find+the+Oreo+Pok%C3%A9mon+Mew+cookie+now!&cts=1716548084145&vi=cb56b33ace488e8f548e99bebaa7c4c8&nc=true&u=191279349.cb56b33ace488e8f548e99bebaa7c4c8.1716548084137.1716548084137.1716548084137.1&b=191279349.1.1716548084137&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 90283dfa-e6a0-45a2-ad5e-3bb0172a47fe p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 11 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 90283dfa-e6a0-45a2-ad5e-3bb0172a47fe server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udTLF2l%2F3EMU3eNGIoahJcUZ%2BGPlhXXglGqp7ptqESSrQkhn%2FIZ7n8MLjiKTJg45sLAmXPAtNiQZRQoAzcbxwcLUvFhatF0KiF80NXJg9KmQr3y3dAMTGRI0ej83Dxan1cxi"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-d8gbc x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 888cbfd87b4e469d-SIN x-robots-tag none
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	134 B 445 B	278ms 270ms	XHR application/json	104.16.107.254 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=19533831&utk=cb56b33ace488e8f548e99bebaa7c4c8 Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.107.254 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1b87d34c36a9d33a20202badb169a32457568349dda0b2d9b6bac74d7338f34 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 6a0da698-c59b-481f-9075-ceb563c8bdd6 x-envoy-upstream-service-time 6 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 6a0da698-c59b-481f-9075-ceb563c8bdd6 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://oreosea.com x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 888cbfd618703f65-SIN
GET H2	200	favicon.png oreosea.com/assets/img/	6 KB 6 KB	59ms 58ms	Other image/png	178.128.22.35 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://oreosea.com/assets/img/favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.128.22.35 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash f881b7a694cb4c239ba4f4edc22a717be7d6d35ba755c647935a59b7a765a376 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/pokemon Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT content-security-policy frame-ancestors 'self'; x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 6291 x-xss-protection 1; mode=block last-modified Tue, 21 May 2024 05:18:02 GMT server LiteSpeed etag "1893-664c2e8a-372ace;;;" x-frame-options SAMEORIGIN access-control-allow-methods PUT, GET, POST, DELETE, OPTIONS content-type image/png access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Authorization, Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, X-Localization
POST H2	204	collect analytics.google.com/g/	0 241 B	460ms 28ms	Ping text/plain	216.239.36.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-GY78W40MXC&gtm=45je45m0v9182233197z89182227760za200zb9182227760&_p=1716548081671&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=1958440976.1716548084&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716548083&sct=1&seg=0&dl=https%3A%2F%2Foreosea.com%2Fpokemon&dt=Find%20the%20Oreo%20Pok%C3%A9mon%20Mew%20cookie%20now!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2883 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GY78W40MXC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 10:54:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://oreosea.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 241 B	474ms 27ms	Ping text/plain	172.217.194.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GY78W40MXC&cid=1958440976.1716548084&gtm=45je45m0v9182233197z89182227760za200zb9182227760&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GY78W40MXC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f156.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 10:54:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://oreosea.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activityi;dc_pre=CMmVwPaPpoYDFRWgrAId6K0Ghw;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.... 9224723.fls.doubleclick.net/ Frame F851 Redirect Chain https://9224723.fls.doubleclick.net/activityi;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B12... https://9224723.fls.doubleclick.net/activityi;dc_pre=CMmVwPaPpoYDFRWgrAId6K0Ghw;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;u...	0 0	52ms 51ms	Document text/html	74.125.68.148 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9224723.fls.doubleclick.net/activityi;dc_pre=CMmVwPaPpoYDFRWgrAId6K0Ghw;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z89182227760za201zb9182227760;gcs=G111;gcd=13t3t3t3t5;dma=0;epver=2;~oref=https%3A%2F%2Foreosea.com%2Fpokemon? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-9224723&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.148 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f148.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Referer https://oreosea.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 393 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 24 May 2024 10:54:44 GMT expires Fri, 24 May 2024 10:54:44 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 24 May 2024 10:54:44 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://9224723.fls.doubleclick.net/activityi;dc_pre=CMmVwPaPpoYDFRWgrAId6K0Ghw;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z89182227760za201zb9182227760;gcs=G111;gcd=13t3t3t3t5;dma=0;epver=2;~oref=https%3A%2F%2Foreosea.com%2Fpokemon? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ga-audiences www.google.com.sg/ads/	42 B 408 B	456ms 36ms	Image image/gif	74.125.200.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GY78W40MXC&cid=1958440976.1716548084&gtm=45je45m0v9182233197z89182227760za200zb9182227760&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=1728723947 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 10:54:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activity;register_conversion=1;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7C... ad.doubleclick.net/	0 4 KB	169ms 87ms	Image image/png	142.251.10.148 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;register_conversion=1;src=9224723;type=inter0;cat=inter0;ord=3592064516660;npa=0;auiddc=1717570883.1716548084;ps=1;pcor=553049557;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe45m0z89182227760za201zb9182227760;gcs=G111;gcd=13t3t3t3t5;dma=0;epver=2;~oref=https%3A%2F%2Foreosea.com%2Fpokemon? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.148 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f148.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 10:54:44 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"2736272451739736174"}],"aggregatable_trigger_data":[{"filters":[{"14":["62204109"]}],"key_piece":"0xe446952243860310","source_keys":["12","13","14","15","16","17","18","19","20","21","14569296","14569297","14569298","14569299","14723660","14723661","14723662","14723663","628517032","628517033","628517034","628517035","628779976","628779977","628779978","628779979"]},{"key_piece":"0x286303c19b7576e8","not_filters":{"14":["62204109"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","14569296","14569297","14569298","14569299","14723660","14723661","14723662","14723663","628517032","628517033","628517034","628517035","628779976","628779977","628779978","628779979"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"14569296":93,"14569297":93,"14569298":93,"14569299":9081,"14723660":50,"14723661":50,"14723662":50,"14723663":4889,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628517032":65,"628517033":65,"628517034":65,"628517035":6356,"628779976":327,"628779977":327,"628779978":327,"628779979":31784},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5365420102566696346","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"source_type":["event"]},{"14":["62204109"],"24":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"23":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"0"},{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"25":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"2"},{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"26":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"3"},{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"27":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"4"},{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"28":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"5"},{"deduplication_key":"2736272451739736174","filters":[{"14":["62204109"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2736272451739736174","filters":[{"source_type":["event"]},{"23":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2736272451739736174","filters":[{"24":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"1"},{"deduplication_key":"2736272451739736174","filters":[{"25":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"2"},{"deduplication_key":"2736272451739736174","filters":[{"26":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"3"},{"deduplication_key":"2736272451739736174","filters":[{"27":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"4"},{"deduplication_key":"2736272451739736174","filters":[{"28":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"5"},{"deduplication_key":"2736272451739736174","filters":[{"29":["62204109"],"source_type":["navigation"]}],"priority":"0","trigger_data":"6"},{"deduplication_key":"2736272451739736174","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9224723"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	landing googleads.g.doubleclick.net/pagead/ Redirect Chain https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1731236565.1716548084&url=https%3A%2F%2Foreosea.com%2Fpokemon&dma=0&npa=0&gtm=45He45m0n91NBPFS4TVv9182227760za200&auid=1717570883.1... https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1731236565.1716548084&url=https%3A%2F%2Foreosea.com%2Fpokemon&dma=0&npa=0&gtm=45He45m0n91NBPFS4TVv9182227760za200&auid...	42 B 712 B	691ms 29ms	Ping image/gif	142.251.10.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1731236565.1716548084&url=https%3A%2F%2Foreosea.com%2Fpokemon&dma=0&npa=0&gtm=45He45m0n91NBPFS4TVv9182227760za200&auid=1717570883.1716548084 Protocol H2 Server 142.251.10.155 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Referer https://oreosea.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 24 May 2024 10:54:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 24 May 2024 10:54:44 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&rnd=1731236565.1716548084&url=https%3A%2F%2Foreosea.com%2Fpokemon&dma=0&npa=0&gtm=45He45m0n91NBPFS4TVv9182227760za200&auid=1717570883.1716548084 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	508ms 92ms	XHR application/json	172.64.155.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=018ebd62-6ab8-7088-9cff-09d9e420532a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a32c5b076142770db05105a79a7fceba65ac31a29277e3f7247fec57e3ee2b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" accept application/json Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 10:54:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 888cbfd9ce1fa1ad-SIN access-control-allow-headers Content-Type
GET H/1.1	200 OK	counters.gif forms.hsforms.com/embed/v3/	35 B 1 KB	1001ms 315ms	Image image/gif	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 24 May 2024 10:54:45 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC x-evy-trace-route-service-name envoyset-translator X-HubSpot-Correlation-Id f85b5df4-83ed-4244-a2f9-4eebd57bc86d x-envoy-upstream-service-time 12 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f85b5df4-83ed-4244-a2f9-4eebd57bc86d Server cloudflare Vary origin Content-Type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-z9jjw Access-Control-Expose-Headers X-Origin-Hublet Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials false X-Robots-Tag none CF-RAY 888cbfdc0cc319ac-SIN
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202404.1.0/	448 KB 109 KB	64ms 64ms	Script application/javascript	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=018ebd62-6ab8-7088-9cff-09d9e420532a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49cfbb9c8b20fbaab3a11bcecb48fb8448e617a746fa578baca0dc71a7e06540 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 lAa4newgeifCObgQn9TUrg== age 52061 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 111087 x-ms-lease-status unlocked last-modified Mon, 06 May 2024 02:33:25 GMT server cloudflare etag 0x8DC6D74E83907A1 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5e38c958-a01e-00a7-58be-9f788a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfda6daf81f5-SIN
GET H2	200	en-id.json Show response cdn.cookielaw.org/consent/018ebd62-6ab8-7088-9cff-09d9e420532a/018ebd64-05f6-7154-aaf3-9f20dd960d20/	41 KB 12 KB	54ms 54ms	Fetch application/x-javascript	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/018ebd62-6ab8-7088-9cff-09d9e420532a/018ebd64-05f6-7154-aaf3-9f20dd960d20/en-id.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fa7f6fa51a37480765bf327bf901e08ab258f623837f09884527053679e5f92 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 48329 content-md5 a/Zx5DvuCh3UtcFzAkbbQQ== content-length 11804 x-ms-lease-status unlocked last-modified Fri, 03 May 2024 10:15:04 GMT server cloudflare etag 0x8DC6B59E6BCAE6B vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id c3963131-c01e-0095-5742-9d205a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfdb19d03e05-SIN expires Sat, 25 May 2024 10:54:44 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202404.1.0/assets/	13 KB 3 KB	33ms 32ms	Fetch application/json	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:45 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 CeHoS/yftP1uT8S/ram0PA== age 53834 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3041 x-ms-lease-status unlocked last-modified Mon, 06 May 2024 02:33:19 GMT server cloudflare etag 0x8DC6D74E465AB77 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id cba8d195-901e-008d-3a9e-9f0dcf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfdb9a413e05-SIN
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202404.1.0/assets/	62 KB 15 KB	54ms 53ms	Fetch application/json	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8795ef7b0efc5db4179033e557c7a7e11fd967cddfaa91035ec020772f06cec3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:45 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 RGjfhXW6I/RBQloZ5Luidw== age 58708 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 15020 x-ms-lease-status unlocked last-modified Mon, 06 May 2024 02:33:20 GMT server cloudflare etag 0x8DC6D74E4C6F725 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 312cef28-b01e-0091-639e-9fd5d8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfdbba663e05-SIN
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202404.1.0/assets/	24 KB 4 KB	64ms 64ms	Fetch text/css	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 4ErYmXXFNbMLrnc9DrDTsg== age 58708 x-ms-lease-status unlocked last-modified Mon, 06 May 2024 02:33:30 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id dc3fd77e-d01e-00a8-239e-9f957c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 888cbfdbba673e05-SIN
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 623 B	63ms 63ms	Image image/svg+xml	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 pcXWFGpuVeSg/jVnYCseRg== age 50355 x-ms-lease-status unlocked last-modified Thu, 23 May 2024 02:34:26 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 7b1b8c58-901e-00a4-69c0-ac7b8d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 888cbfdc0f7f81f5-SIN
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	46ms 45ms	Image image/png	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 E8+sk/ECzKgTUVtDLikiIA== age 50356 content-length 4036 x-ms-lease-status unlocked last-modified Thu, 23 May 2024 02:34:26 GMT server cloudflare etag 0x8DC7AD0DD5928DD vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id f8a39886-801e-00b0-42c0-acb8e9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 888cbfdc3fab81f5-SIN
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	45ms 44ms	Image image/svg+xml	104.19.177.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Fri, 24 May 2024 10:54:45 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 59123 x-ms-lease-status unlocked last-modified Wed, 22 May 2024 06:33:59 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id f0eb4628-d01e-008a-3c7b-acfb4a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 888cbfdc3fad81f5-SIN
POST H2	204	collect analytics.google.com/g/	0 54 B	202ms 201ms	Ping text/plain	216.239.36.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-GY78W40MXC&gtm=45je45m0v9182233197za200zb9182227760&_p=1716548081671&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=1958440976.1716548084&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1716548083&sct=1&seg=0&dl=https%3A%2F%2Foreosea.com%2Fpokemon&dt=Find%20the%20Oreo%20Pok%C3%A9mon%20Mew%20cookie%20now!&en=scroll&epn.percent_scrolled=90&tfd=7896 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GY78W40MXC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://oreosea.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 10:54:49 GMT server Golfe2 content-type text/plain access-control-allow-origin https://oreosea.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT