www.theonlinecitizen.com Open in urlscan Pro
2606:4700:20::681a:26f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theonlinecitizen.com/cdn
Submission: On April 05 via manual (April 5th 2023, 1:49:38 am UTC) from SG — Scanned from SG

Summary HTTP 128 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 28 domains to perform 128 HTTP transactions. The main IP is 2606:4700:20::681a:26f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theonlinecitizen.com. The Cisco Umbrella rank of the primary domain is 564424.
TLS certificate: Issued by GTS CA 1P5 on February 10th 2023. Valid for: 3 months.

This is the only time www.theonlinecitizen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2606:4700:20:... 2606:4700:20::681a:26f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c0f::5f	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2606:4700:303... 2606:4700:3031::ac43:dc0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:1413:b00... 2600:1413:b000:14::b857:c156	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:229... 2600:9000:229f:d400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4003:c11::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.10.148 142.251.10.148	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	13.228.131.41 13.228.131.41	16509 (AMAZON-02) (AMAZON-02)
1	147.28.129.37 147.28.129.37	54825 (PACKET) (PACKET)
1	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	18.140.88.29 18.140.88.29	16509 (AMAZON-02) (AMAZON-02)
1	2406:2600:7:1... 2406:2600:7:100::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.231.98.193 103.231.98.193	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	184.26.21.27 184.26.21.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2404:6800:400... 2404:6800:4003:c03::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9d	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c05::84	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c0f::84	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::67	15169 (GOOGLE) (GOOGLE)
12	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:4::13 2406:2600:4::13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2404:6800:400... 2404:6800:4003:c00::9c	15169 (GOOGLE) (GOOGLE)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2406:2600:7:1... 2406:2600:7:100::7	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
128	40

36 2606:4700:20::681a:26f (United States)

ASN13335 (CLOUDFLARENET, US)

www.theonlinecitizen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3031::ac43:dc0d (United States)

ASN13335 (CLOUDFLARENET, US)

googlesecureapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1413:b000:14::b857:c156 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

cdn.publift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:229f:d400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c11::9c (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.131.41 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-131-41.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.88.29 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-88-29.ap-southeast-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

publift-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.26.21.27 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-21-27.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c04::9b (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::84 (Singapore)

ASN15169 (GOOGLE, US)

b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c0f::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::67 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::9c (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:2600:7:100::7 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

pix.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	theonlinecitizen.com www.theonlinecitizen.com — Cisco Umbrella Rank: 564424	1 MB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 pix.as.criteo.net — Cisco Umbrella Rank: 15149 csm.as.criteo.net — Cisco Umbrella Rank: 13526	214 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	59 KB
8	googlesecureapis.com googlesecureapis.com	69 KB
7	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17559 ads.as.criteo.com — Cisco Umbrella Rank: 13204 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 13648	52 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 ad.doubleclick.net — Cisco Umbrella Rank: 172	161 KB
4	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 19644	147 KB
4	gstatic.com fonts.gstatic.com	91 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 940 api.btloader.com — Cisco Umbrella Rank: 1036	14 KB
3	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2919	52 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4109	27 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1016	1 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2973 pixel.wp.com — Cisco Umbrella Rank: 2697	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	49 KB
1	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 26990	531 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1399	512 B
1	openx.net publift-d.openx.net — Cisco Umbrella Rank: 28150	596 B
1	connectad.io i.connectad.io — Cisco Umbrella Rank: 9395	364 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500	122 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 526	571 B
1	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 10869	165 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 646	535 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1051	831 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 541	513 B
1	publift.com cdn.publift.com — Cisco Umbrella Rank: 550945
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
128	28

	Domain	Requested by
36	www.theonlinecitizen.com	www.theonlinecitizen.com
12	static.criteo.net	cdn.fuseplatform.net static.criteo.net ads.as.criteo.com cdnjs.cloudflare.com
8	googlesecureapis.com	www.theonlinecitizen.com googlesecureapis.com
6	pix.as.criteo.net	ads.as.criteo.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net www.theonlinecitizen.com
4	cdn.fuseplatform.net	www.theonlinecitizen.com cdn.fuseplatform.net
4	fonts.gstatic.com	fonts.googleapis.com
3	cmp.quantcast.com	cdn.fuseplatform.net cmp.quantcast.com
3	static.addtoany.com	www.theonlinecitizen.com static.addtoany.com
2	csm.as.criteo.net	ads.as.criteo.com
2	gum.criteo.com	1 redirects static.criteo.net
2	b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	api.btloader.com	btloader.com
2	ad-delivery.net
1	cdnjs.cloudflare.com	ads.as.criteo.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	mug.criteo.com
1	www.googletagservices.com	b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
1	ads.as.criteo.com	b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
1	rtb.jp2.as.criteo.com	www.theonlinecitizen.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.sg	securepubads.g.doubleclick.net
1	pixel.wp.com
1	a.teads.tv	cdn.fuseplatform.net
1	publift-d.openx.net	cdn.fuseplatform.net
1	i.connectad.io	cdn.fuseplatform.net
1	hbopenbid.pubmatic.com	cdn.fuseplatform.net
1	htlb.casalemedia.com	cdn.fuseplatform.net
1	bidder.criteo.com	cdn.fuseplatform.net
1	hb.emxdgt.com	cdn.fuseplatform.net
1	ap.lijit.com	cdn.fuseplatform.net
1	prebid.a-mo.net	cdn.fuseplatform.net
1	tlx.3lift.com	cdn.fuseplatform.net
1	ad.doubleclick.net
1	btloader.com	cdn.fuseplatform.net
1	cdn.publift.com	www.theonlinecitizen.com
1	stats.wp.com	www.theonlinecitizen.com
1	fonts.googleapis.com	www.theonlinecitizen.com
128	41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
t.me
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.theonlinecitizen.com GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-30` - `2024-01-29`	a year	crt.sh
cdn.fuseplatform.net R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
cmp.quantcast.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-03` - `2023-06-11`	4 months	crt.sh
*.a-mo.net R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-02-03` - `2023-07-01`	5 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-05-30`	3 months	crt.sh
*.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-24` - `2023-05-24`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-27` - `2023-05-25`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-25` - `2023-06-27`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.theonlinecitizen.com/cdn
Frame ID: 7AFFB4538ED912DF0AAF004BEAAF7226
Requests: 83 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 4CEDD3ADD202CA4E05973553ADBBD990
Requests: 1 HTTP requests in this frame

Frame: https://googlesecureapis.com/creepjs/fp1.html?1680659372887
Frame ID: 5CBFA23D6C260B2D55E682B91F3ED27F
Requests: 2 HTTP requests in this frame

Frame: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3B6C0F24FCA791965062F0248946612
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FDF5B000D657F548F90B35501FCBC307
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52DC131F8A6A4BA20F5958031A3E8060
Requests: 2 HTTP requests in this frame

Frame: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C8032F51A14F149C77AA111D8B8AB4B9
Requests: 10 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZCzTrQAKt1cKj0kFAA5kVde2a46OgwAFotNX0g&u=%7CA9FhUgJqyH4snPZ6u4G4HYawsQOdjGEe9KPNykcKbd8%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkHIcsy4r7MJUn_1vMC-YK7_lRmDpQLmDi6hUWxLdde1QCE9MbqinJuyTJy5nSXBPgCsX6_0N9DPRI4srsJBKhGWhNjj9GTQJUYMbZYGJrr1Y7c3KDLqlOpIYVfbTv1DFrn_2CJSFHqdtNkouEitwSwxdYFKRWd6IdzH77YzYLP-R_062vWanpvYZav25td2YfG1F9P0IdqVE-fji5UFniE6XDt7pstjjGoYiiieDbyrH8q49BuhJUPt8ao0u9V6e2hT5y81La4OITnrjdyiclXgAisNm_LZ0zOcjyR_DheTI9JnC9hLozIDP5wInBU-H7JNz7eIPh4C82MkI9pZ28zIV-fAaeAUGiR8kCEEqJniHWvRHW7lqFEQJwe0Do9MwdqGL58xXJOeJvhLE-HBH6bVRAymdTHxPAWplyoMHt9ckP0oomHAhTGYkdTsz-2q6ckvkYFZSgHb_r0KYGCmjLrOgweMHj_rBhYVe-auRf6mFVCwn203ZtfeH8NBHooiL2UqDB_peZs1X7wvebcNYrIekFydbhucLE6sfPJMd9SWTUqc3zNmgTaECJBZDsa1xA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe93brdMsZNfuKoWSvQTVyLmwCL3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMBqgTFAk_Q38xfT7NSrWrL1gF5hxXUF6kQXfZ3mj7HClS53hKk_hos-P0MJE7ntPPoZ-jhQh3iyYg2kKEkCuH_WCu1v5avUVMgaaSCBPaX9riEOZZFBBhB9xv86lYe5Y7mIDpRnqXAGpbWuLvZqKsdxwJJwSkV5W8N2EnVTHmA6N8tKLEC-Q1cIrAmtZ_orEgXuhnokeEmls0TUzTAHCJdr0PMonUjQY3umzpdcU9R1dzb1Arfw6YEyBXZ3Mr75dDjJhjcYXVssohovcP8ExVHnIJRsBMCELlKxKLPrzWbhZUu0CDbUkbgzWFva8awS6_ukl3eeeh8uOvWnK_QTgDtCMOGhDjehF8C2FBr3CMGQNvxLSEjeIcFyiKEQSfrsUmj4YjQXqLAu6_xkISrN0UDzdmtuOvvMHU3lJXYDr1wt0KvDSt7--W5CT3gBAGABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTM4NTk5NjM5NzE2NjU2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UNpmgEE3UEn-tMt334SovPoOkzQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 7018ED7063858E21549C3C5ED46D0486
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonlinecitizen.com&gdpr=0&gdpr_consent=
Frame ID: DCA95B6B7F45C43CDA5E9B97BCCA2919
Requests: 2 HTTP requests in this frame

Frame: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
Frame ID: CA21A3C02EA868F3ACDDB629DB8328FD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - The Online Citizen Asia

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

98 %
HTTPS

67 %
IPv6

28
Domains

41
Subdomains

40
IPs

4
Countries

2219 kB
Transfer

5703 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/theonlinecitizen/

Search URL Search Domain Scan URL

URL: https://instagram.com/theonlinecitizen

Search URL Search Domain Scan URL

URL: https://t.me/theonlinecitizenasia

Search URL Search Domain Scan URL

URL: https://twitter.com/theon9citizen

Search URL Search Domain Scan URL

URL: https://www.youtube.com/theonlinecitizenasia

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonlinecitizen.com&sn=ChromeSyncframe&so=0&topUrl=www.theonlinecitizen.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uqYm43xYdmpySGk1WEpweU1ieUNaU3BLcjJlbHFWVE0ydDhYeThCNkgxNWgxVEpSbFFxdnpteU9jWm5HNGV3dTBxSUs4eWgwMXI0RzRqZG43S3AvZ3V0YjJ3Z3FpYUFtSjFmR21hZEZGdkFBUHJSNHVEcEhyaEF3bUR4RFVLNWw0Z2xRVzk0Wi92VGhQSm44M1pzK1FTaDdnRFBFV2JVcDFJcXhiTnF4aDlUc3R0anhuVEpRVU5BSEdyaHFqL0NvRHUzZFFUVExqRkFxSnZiZjFISjJEd3B5L0hMTE1sVlNMQmJpa3JQQWRPc29qMGRtTDF5Q2ZEK1RTRE1MeFBQQlNhQzV3eStaVTlGU3RZRHBnU0xzeFVobXFPWGZuMmZrS0dKSjBCUFJPTFhuMXB2bz18&cppv=2

128 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request cdn Show response
www.theonlinecitizen.com/ 88 KB
16 KB 869ms
843ms Document
text/html 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c277eea69ec9bfee9a7bd4aff50550185fc1e5868be9b05d1dab41cd570fae2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7b2e228d8f763de9-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 01:49:31 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.theonlinecitizen.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2FW%2BiyXFDefsfIUz8NrYb4bXAFxwZWK6gRRAN5usmgrcTk6cFmMYLegXfydg7tdWsEj1EBgmH3p9ktPNZdpVzF1DhJVZrh0%2Fp%2F9tQldCENuE4VwjfVmfK%2BVqQ4tbCWyS5%2Bn2d7lH%2FHoXsYGfdF4Nvr0ZTYLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.min.css
www.theonlinecitizen.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 18:40:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6666
etag: W/"172a9-5f53a1c1b1b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPUaY8KOo72ieB5MQ8pT28fVmjo86Eiyj9iHeowVO3SGJA5PbnZEVH6G895bt3I7WMXXguKSwiFB7earVGCYAHeQZM%2BhKuXfLG1JgDYMQgmt3udi6dCABJutrSz7bFsUFSxXetDyF%2BgSrNehrmVb1G9LhK3aOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7b2e2292dafb3de9-SIN

GET
H2 200 classic-themes.min.css
www.theonlinecitizen.com/wp-includes/css/ 217 B
529 B 10ms
10ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 18:40:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6666
etag: W/"d9-5f53a1c1b1b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhaXogeYupfys%2FkuFENPYXPe03H3wdFLWSn%2Bncz02lfAc0XzwNjuWfSsZgvnMxo68sHkuakXcjaG45obynwHJWzcz9xs4m5BK%2Fv3jHiS808YTPGvyvSY6Qa5Iczl4MZKeybuSQ0S1nOHLu6RHMsxIIViFLL5bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7b2e2292dafc3de9-SIN

GET
H2 200 frontend.css
www.theonlinecitizen.com/wp-content/plugins/paid-memberships-pro/css/ 15 KB
4 KB 15ms
9ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.10.3
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97e522d31713d62e061d4d6b17f3e4fb1edf711df3de411e338811585965578c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 04 Mar 2023 07:09:19 GMT
server: cloudflare
age: 5658
cf-polished: origSize=19771
etag: W/"4d3b-5f60dbd994f78-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zR0%2Fk80jj7%2BDrFYyMzBmcEgtKuHx9VPKipS5ujNKP88P5mf3NJa9l1zMQ9RXTJZzrajB9jVM6wbnR4x3ICYkH0QJOvWosV15rSMjae02cSVYFttPkrJQpNrIs5B3gKTnniE6dwKpW%2FGqr%2ByhdVXdOWcXZtHOCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b543de9-SIN

GET
H2 200 print.css
www.theonlinecitizen.com/wp-content/plugins/paid-memberships-pro/css/ 73 B
388 B 18ms
11ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.10.3
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4e0f2d17f0e489c259eb86061835c0918fd2ede3e96e7ffb659b77f8fdf2d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 04 Mar 2023 07:09:19 GMT
server: cloudflare
age: 6667
cf-polished: origSize=86
etag: W/"56-5f60dbd994f78-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dd5isBFqbUC%2FxPvEP17rat3VcsUQGks89EYpxFbjjQOu%2FlCacuWB6FtvZd2KSCTeul%2FF4y6Oe0TxxOun23nPMZwqVmQPFnbJEIpTthDEnRY8XpidQwqQFjV39r%2BoLEvdG10beHg0F8Vgolk1MjobPSKeex8R%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22935b643de9-SIN

GET
H2 200 pmpro-advanced-levels.css
www.theonlinecitizen.com/wp-content/plugins/pmpro-advanced-levels-shortcode/css/ 6 KB
2 KB 19ms
12ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/pmpro-advanced-levels-shortcode/css/pmpro-advanced-levels.css?ver=6.1.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b13057241e7bc92d2c0f4128b9f576d1ce49e15588d0d2ddaf317ab4420b3e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 07:47:48 GMT
server: cloudflare
age: 6667
cf-polished: origSize=7509
etag: W/"1d55-5f5fa29643a43-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG3YSN%2BAvp1MAnZFeolyJ08xLR5PIePUmDmTQFO6zDyxVi17J0F6XDS4pYI7w%2FVbPmDxDyCjgbZWW7i3R83lQE7GfrHxMYdbel4Xsz2NuRIBHmakHYwGEdeu0HOm77WzffjB0hqAhcPC0GdXKkhrhiU1t7ssCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b553de9-SIN

GET
H2 200 style.css
www.theonlinecitizen.com/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 27ms
21ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb96d10b4b71a90568c571d4420edd4e2e38e7faf4eafe7f9adba5374c14fc60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 10:45:07 GMT
server: cloudflare
age: 5658
cf-polished: origSize=37612
etag: W/"92ec-5f5fca37db11c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDcxZdigrgGtcgI8QhQHYHVmutok26fOYsIQLOQ%2BDEM3Ai9VVxzPPDHX%2FgvUddLl5KBntq4B%2FsEf%2BVoRl1qbN5cmidSu2ChbofwUSy56hUvGk%2FYqPlGU6K6%2B8s0z%2F9x%2BK%2BXdaU%2BSs%2FKQySzWYbqh%2BvOKUK4PKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b573de9-SIN

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 23ms
7ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Requested by

Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c875ec2551b46bd17fb6210a0e88a871a7d5978a9021945cb6fd84f702e0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 01:10:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 01:49:32 GMT

GET
H2 200 style.css
www.theonlinecitizen.com/wp-content/themes/Newspaper/ 108 KB
20 KB 19ms
13ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/themes/Newspaper/style.css?ver=12.3
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22eadacd2708090fd941e85769d2898fb6d9061d81f7b670a2eb1f7541243e10

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 10:44:55 GMT
server: cloudflare
age: 6667
cf-polished: origSize=152956
etag: W/"2557c-5f5fca2cd4cbe-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmYi%2BAJDe0Nm9wEdGekoWaMkJRDdA2Akmgn0ncJnSgLGUO2bY1ZHA%2B%2BG5tdkR5rnUTar%2FlNoFNn934c8TPoneIRg1IomHvVGlB1xYSj0mS4YdZtsPhzNC2NIZZd3l3kFfH3J%2Bl72KnsN%2F%2B9u2diErf2t5s%2FJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b583de9-SIN

GET
H2 200 addtoany.min.css
www.theonlinecitizen.com/wp-content/plugins/add-to-any/ 1 KB
788 B 15ms
10ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 07:47:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3774
etag: W/"5ef-5f5fa29696a64-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McJhW6AO54bEAhi6iTQHCLIrEBREDOY8semS0Qya3%2BSqMECyyUe%2B%2FP9HN%2B5DHRxLkFzjj2bMwaoUIVrhLiEYjDivOaVbN%2F4vduyqD1%2BcSQ3t%2BDo5LIh0VZGAt9w4E4lw7uvYoIRpoC6EVkgG8GVpyxhpmNPAxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7b2e22934b593de9-SIN

GET
H2 200 yop-poll-public-6.5.22.css
www.theonlinecitizen.com/wp-content/plugins/yop-poll-pro/public/assets/css/ 199 KB
26 KB 23ms
19ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/yop-poll-pro/public/assets/css/yop-poll-public-6.5.22.css?ver=6.1.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a6e02b52f547e5d8727ae8a96b3510014d37e54e7b577524bcef18d330e89e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 07:47:49 GMT
server: cloudflare
age: 6667
cf-polished: origSize=203948
etag: W/"31cac-5f5fa2974e3e6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EutDAKTksOl8xqh2d5KwDkn7zOJ5Grb5mn4c6zla9IBIenh6sL89mwLAfRVoj%2F7TanZezQd53SqC5twAqfmmSg%2F263Bwb9q%2BEs7XEj4teKD8dmBFVrrtq57cxEBKPqpnT6FlEPn4MzRU%2B2MdAQomSKRrQKrYfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b5b3de9-SIN

GET
H2 200 td_legacy_main.css
www.theonlinecitizen.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 130 KB
22 KB 24ms
20ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=8b696c143e3bac57b8492b1871ec539b
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96820e59b8353e3074685924bd1f1dbc43a9e4eebf5d107785f3bcec182b69bf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 10:45:07 GMT
server: cloudflare
age: 2434
cf-polished: origSize=164494
etag: W/"2828e-5f5fca380cdfd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckB2JSS1a8uvvYzSzf0vy3fPhRNTBfjnzxkpuyp5SD5nwpYdAPckFCtGXFlpQzwsqFyJ9R09r8OU8onJKFa%2FV6XpqSaiV%2BQdJPcBy3Xy2%2BiLVjTrdOuxh%2BRk9%2F%2BH7GQiZHhx50tq8OPCrkkAzv6IBqDX1btbgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b5d3de9-SIN

GET
H2 200 td_standard_pack_main.css
www.theonlinecitizen.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 569 KB
52 KB 27ms
23ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9ce2c1ff12ade0672995751ed7cb59b1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d31ff9077184eee2d35cdaa3ee8f519114d38efa4ce61b03b3d4f6c8d7aa861

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 04 Mar 2023 00:29:49 GMT
server: cloudflare
age: 3766
cf-polished: origSize=732458
etag: W/"b2d2a-5f60828dcc65c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BanKRgxRCb3nqWlrq3ybGLmTmdjF6cB6XGT1tz%2B%2F%2Fji%2BJHKPR9CjOGB4cDm8R1xwxScrMmkxDFnGlhFMLYtRNBXhUg%2FCr9HGGWaL%2B0VcLnBTj2RliASQV9ZSFREAKhThK7uS97QhSkB9X0JAo%2FdY8Zf1YP7wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b5f3de9-SIN

GET
H2 200 tdb_main.css
www.theonlinecitizen.com/wp-content/plugins/td-cloud-library/assets/css/ 30 KB
6 KB 18ms
14ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c02d5750f1de52549e2910ce20ed530341e56e42ef653497c761495aafe0993

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 10:45:14 GMT
server: cloudflare
age: 903
cf-polished: origSize=34863
etag: W/"882f-5f5fca3ea55af-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgQAfnSSCx9BxJrZj09PJ%2BF1QfXBIRwu%2F919syRhI7DuNhY0gZrJnaQktZJI%2BxVqCTe1rykRh%2FlDx%2FbqwomA6Mr%2BlzYd8eauSeXmmzaOodmDV8D7AdzE3M1fSFo8RX1NYNQKHm5kDgO3CjBZtFSfCIpOH6w%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22934b603de9-SIN

GET
H2 200 jetpack.css
www.theonlinecitizen.com/wp-content/plugins/jetpack/css/ 87 KB
17 KB 19ms
16ms Stylesheet
text/css 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.8.4
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacb5257a365935127492cd3b165dc17dd12c3021393e9f53b26e49619e3f557

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 07:47:47 GMT
server: cloudflare
age: 6667
cf-polished: origSize=89315
etag: W/"15ce3-5f5fa2959f942-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BZNMSxbXCZ0vsD4Q6jJ%2B0d5sTz25%2FdSVgK3tpxRM5yXFt0rDjoHYVCqMKiQxBHru7dwnbCLGH%2FYrBR0LGHRgFmOY%2BOfAc34n1qhEjX5E5WF5MLd115IBc%2Bcl4uRH2R4%2Bc2qmdrrs0GUdm7ayAeBcfi18IktZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22935b623de9-SIN

GET
H2 200 TOCA-website-logo_mini.png
www.theonlinecitizen.com/wp-content/uploads/2023/03/ 2 KB
2 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2023/03/TOCA-website-logo_mini.png
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0dbfe030ed8d9f9bb5d2d5e9cad9c75d19707edfbb5cd36eb9c8d8d93b5b76

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4422
cf-polished: origFmt=png, origSize=2151
content-disposition: inline; filename="TOCA-website-logo_mini.webp"
content-length: 1930
cf-bgj: imgq:100,h2pri
last-modified: Mon, 06 Mar 2023 02:20:45 GMT
server: cloudflare
etag: "867-5f631f14af554"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHz2rZqLJQ%2F7tGh%2F6B%2FCz154%2FQcr%2Fo4HcSt3uMoWww%2Blrpij0qsDxTdVzgmg89bmm6V7Jk0BKKD%2Bcs9vyMv%2FYrQjD97xUAM%2BgrQLhOyBwQVCjgm9rbNj5ExeMVQsMh%2FAx5bTF08IQhRmIpyMyKmQeB1CR91vfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e2293bba03de9-SIN

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 email-decode.min.js Show response
www.theonlinecitizen.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 5ms
5ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonlinecitizen.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6419a395-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q61bz1jmR02RGaobAym6%2BIz2tidkB3GxT8kaeN0XKTAgbLheCCB3oJ7f4GsEb7XJcPZrTTJde8LqxYhg84hEHta8spPfTUyEG%2BkoUxe2Fju9vpr4xPVAdCs%2Bnmyyw0PvymtN3QkNu30w59x99ZREZrfW1B9Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b2e2293bba13de9-SIN
expires: Fri, 07 Apr 2023 01:49:32 GMT

GET
H2 200 rocket-loader.min.js Show response
www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 6ms
5ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6419a395-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abM81glhYrKD%2ByK%2FfPDJfhKJXFBH3FJ%2BcFzpJDBUkYAt2I1Q08eKgS9M39gbSwcicIUgffQLnT5Vzm%2BtLg4hx99ksV0r%2BnmIAPkUfYK86eVZ8OfDp%2FR9h6U4msUFKp2WNx0LmjxNUGB50DVkgP6%2Be7e2BBwldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7b2e2293bba63de9-SIN
expires: Fri, 07 Apr 2023 01:49:32 GMT

GET
H2 200 newspaper.woff
www.theonlinecitizen.com/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 11ms
9ms Font
font/woff 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/wp-content/themes/Newspaper/style.css?ver=12.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: https://www.theonlinecitizen.com/wp-content/themes/Newspaper/style.css?ver=12.3
Origin: https://www.theonlinecitizen.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 10:44:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5370
etag: "82d0-5f5fca2cd6bfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6raSbctf2Xx1U8YMxdZ2Mfdeh5%2BS0%2Bn7%2BoQn5DNZ%2FswxjVa%2B%2BbKvaW9Za%2BCKOML2d9MPeyLgsk%2FRmnDThri%2FGXZ8L7FpKR7NRNtmCUeFq5mtFdOLOpVqyjk3INsfnNB86APIqMn72aI0qyVWw0%2BYuS12UWCCow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e2293cbb33de9-SIN
content-length: 33488

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 18ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonlinecitizen.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:37:31 GMT
x-content-type-options: nosniff
age: 54721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:37:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 23ms
10ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonlinecitizen.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:32:25 GMT
x-content-type-options: nosniff
age: 55027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:32:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 16ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonlinecitizen.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 23:21:24 GMT
x-content-type-options: nosniff
age: 181688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Apr 2024 23:21:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 23ms
11ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonlinecitizen.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 04:41:26 GMT
x-content-type-options: nosniff
age: 76086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 04:41:26 GMT

GET
H2 200 e-202314.js Show response
stats.wp.com/ 9 KB
3 KB 24ms
11ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202314.js
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT sin
date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
server: nginx
etag: W/"61adb0c2-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 20 Mar 2024 01:54:51 GMT

GET
H2 200 js_files_for_front.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/td-cloud-library/assets/js/ 185 KB
45 KB 22ms
17ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 10:45:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6666
etag: W/"2e345-5f5fca3ea55af-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zE8y6KE0i3s3Jas8GZVejp7iQU6CTi%2BvMXqsNNqQG0YiJZpuNM8nH3EitndxtTjH3bmCDvkvuxvXAq1KQDjcNfIQf070JNJZ1C73ptcxaVpEvMUHwYxRQgzVVqzSfnXRH22%2Bc2a6H7H0k1OZZ0w%2FkFiA%2BUnrsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c033de9-SIN

GET
H2 200 yop-poll-public-6.5.22.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/yop-poll-pro/public/assets/js/ 326 KB
93 KB 31ms
27ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/yop-poll-pro/public/assets/js/yop-poll-public-6.5.22.min.js?ver=6.1.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484f935f743dadae7d276edbb8f95e6375825f179122d24848357428bb8b598b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 07:47:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4422
etag: W/"5171e-5f5fa2974c4a6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rarcttdhBqBGCEUGn0qZz1r1DI8xJemDyAObIka3er5yNJgpL0DkBskVtLyun9Zlg8n3NO6n383ZYTEkUCNrsS%2BmZnku5EkgLIk377hZXbKurs8u2NDtrznGDiJVNGnNG3uFkb2vCXZwtTaNtDuJ6UsqtVjc%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c053de9-SIN

GET
H2 200 tagdiv_theme.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
72 KB 34ms
29ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.3
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 10:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4422
etag: W/"4b207-5f5fca380fcdd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6EEweYtAnQ0YkbvHznRhVZ%2F1OIOaNBXLzo2V66OKyC0DyF2tuDXbS6qiA7F1wo6ZzUgHNd383yC8kLgAlFZhT0NAJeFZY1rMBio0GEN%2FvVExNSPTwpoxmKprP5qMpfX2UR8XLieQTOlXcAua8VCJNksJ4J4Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c063de9-SIN

GET
H2 200 js_posts_autoload.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 13ms
9ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d72a7d54cd61ce0a128c0a91d76ef60a
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 10:45:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3765
etag: W/"14e2-5f5fca3ea55af-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKXd7cwQCbdn1oltt%2Ff8vBKBlLDIMeYz8zNdHOaNY1ZEPfevdXoON38tUdERpOxx1ShCjU22DR%2BD%2Bm2Fouptrs1S5NWrRlzhG3tTbNygEdMEZjl3N1PAa%2FoMRxGE9eLzxmjVcYaFeph5NIM5QLfc3UipQaaM4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c073de9-SIN

GET
H2 200 underscore.min.js Show response
www.theonlinecitizen.com/wp-includes/js/ 18 KB
8 KB 17ms
14ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 18:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6691
etag: W/"4991-5f53a1c0bd8c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht5lR3WFWI8JT6O0pvztnm%2BycukHNyZb4Z%2BMsPpyBe1umTtOISbeva%2B%2FPBSMzRfYlLNgKWb54xM%2Fy26SGbLyaxhAAJsg8zulvrjGFHKfWIo9BgELtx2DPYqw0Fz9zerk8IxgcrNeyk7qkHn6nA8v0AU2lw5EIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c093de9-SIN

GET
H2 200 advanced-ads-pro.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/advanced-ads-pro/assets/js/ 6 KB
2 KB 20ms
16ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.21.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 07:47:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2433
etag: W/"1834-5f5fa296a06a4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRMo2fRc6FXqkWhEA84zBu0j4U%2FB%2Fwkq5JovLwarWLddwS0trL4XUXwBiRC%2FtowxsaizCk5kLPs0afrFR1SE8A4qZYmHwn4vAv1g2ITVEJV%2BKcMHGEjGANpvUo3twWBcANsQ3SRuJmqJk8XAeyWK0%2Bq2wJeQRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c0a3de9-SIN

GET
H2 200 form-styles.js Show response
www.theonlinecitizen.com/wp-content/plugins/jetpack/modules/contact-form/js/ 3 KB
1 KB 15ms
11ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/jetpack/modules/contact-form/js/form-styles.js?ver=11.8.4
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68913807aacac6ab4cc1e1d9a895a5298450883f0db31d7bb71f4ce077a6feaf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Mar 2023 07:47:48 GMT
server: cloudflare
age: 6692
cf-polished: origSize=3514
etag: W/"dba-5f5fa295c8982-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwOh2b%2FTUgzOlOVUrKvOF8QCxnwaIkgMUyx6PeVzPQaihQSO1QpkPcqVYa1bBl19Medq%2BXXet%2FLLS9OptQ79TvL316lSL97KSwjqSLrbdyI9uuV64WSOvnnHnhtd%2B7iLiKHQYKBbHBoNpy0rGld9xADX0BFS%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7b2e22944c0b3de9-SIN

GET
H2 200 / Show response
googlesecureapis.com/ 15 KB
6 KB 683ms
639ms Script
application/javascript 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/?
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d98c32d37199987b82fb0783cff7d427f9f77b07d8b272858bfb0b7f9f634b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvGO5j3Sy7Yvf7%2Fz69hC%2F64T1MnCnAP6iTlGNEDNeX0G0ribTmGoSHH5zJXg92I3SDZHTFBTzj5DBd%2F6Dmnt%2Bd1%2FLrJvw8%2BulPg21kiYFeDP90%2Fd3NVtjbutO%2B%2FBN9KN2gvA%2BVH8d0skrrgkqsdiOMpcjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, max-age=1, post-check=0, pre-check=0
cf-ray: 7b2e229488584d39-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Apr 2023 01:49:33 GMT

GET
H2 404 fuse.js
cdn.publift.com/fuse/tag/2/1319/ 0
0 73ms
28ms Script
text/plain 2600:1413:b000:14::b857:c156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.publift.com/fuse/tag/2/1319/fuse.js
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:b000:14::b857:c156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
server: AkamaiNetStorage
vary: Accept-Encoding
cache-control: max-age=1800
accept-ranges: bytes
content-length: 10
expires: Wed, 05 Apr 2023 02:19:32 GMT

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/1319/ 260 KB
57 KB 73ms
29ms Script
application/x-javascript 2600:1413:b000:14::b857:c156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:b000:14::b857:c156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4bafeb0db2e6af85d34fd1d2898bd94f7be9bf106419a6b588b08c56dddec811

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 16:04:35 GMT
server: AkamaiNetStorage
etag: "c253e40e36bf586e3450bea564dd4c7f:1677686675.911885"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 58394
expires: Wed, 05 Apr 2023 02:19:32 GMT

GET
H2 200 advanced.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 15ms
12ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.40.2
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2023 01:00:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5658
etag: W/"1c67-5f608950c57c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nv0co2brt%2FnMPb5g%2FEm8Go9OvYaZK%2FzHM7VofzV2a5Y9czbnF9blA5YkSKxvP2E8SvmzPvHDWh9B9P4fzAHWRzc71AnY2U3F9HNEQofkzM4xHGvPH2Ow2bD70xE6KQzSrY94oYR5Wb9O%2BboS7gJLf2o%2B8i65uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c0c3de9-SIN

GET
H2 200 addtoany.min.js Show response
www.theonlinecitizen.com/wp-content/plugins/add-to-any/ 129 B
436 B 12ms
10ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Mar 2023 07:47:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 903
etag: W/"81-5f5fa2969a8e4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsnHTX6kow0EZpgldIgSJWs1W6ZsaIpQgAILE1jqWD9su1vwIyTX2%2F3WY0anMqyxfEExkCnbbe%2FhjhFg27v3wLW6cJ6udRAqvSJcGWqrCPBKjcSGkukosN0w7HbElvgaabKAGkI3XolTu1HAypuDkDOLhAuozg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c0e3de9-SIN

GET
H2 200 jquery-migrate.min.js Show response
www.theonlinecitizen.com/wp-includes/js/jquery/ 11 KB
5 KB 17ms
15ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 18:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3765
etag: W/"2bd8-5f53a1c0bd8c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rqx%2Fo5RQqRo5m3vq1z%2FHX%2FatPBZte%2Bh35%2Facx6YRgdV27hr3wmt3N8x4aoL%2FPN97bw6vM7wsEjjA7BIvSpqVhBG8waT6qgLsu%2FOaeWfOHxMMKw07%2FpunFcftNdoL2gBUHt%2Fe21g%2Bc4DyAEeROdKtmgz2LOpmSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c0f3de9-SIN

GET
H2 200 jquery.min.js Show response
www.theonlinecitizen.com/wp-includes/js/jquery/ 88 KB
32 KB 26ms
24ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 18:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6666
etag: W/"15e54-5f53a1c0bd8c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgSFA1iG0KwgqfoWxw%2Bk7I%2FUmgc2rGlBaipWDjwi8xKROSRabBgO0YC9lbq76PZQvnAYVZkrubMy8mJUpV5NOPW4z3xL1A8KT0v9fJsg3J7SKcVHRSV4Objt49aAhJACYvU3jmea3Q%2FwGgso5%2BPPnC5YbjnEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22944c103de9-SIN

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 45ms
13ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 25753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
server: cloudflare
etag: W/"c04-5f1f2ae2e431b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7b2e22947ae944a7-SIN

GET
H2 200 wp-emoji-release.min.js Show response
www.theonlinecitizen.com/wp-includes/js/ 18 KB
5 KB 21ms
8ms Script
application/javascript 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theonlinecitizen.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Feb 2023 18:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4420
etag: W/"48b9-5f53a1c0bd8c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h33P4I2o0R2EoedLwdpWt3Z9yrABjQgQdz%2FUQ3cI%2Bduh4a5ZBA1R8zxUmzFrc4P21f1XPrnJQH46e3Y6ROS2%2BmDCeEGSD1TKwe3c%2BH31J8%2Ffsp86tC8rq1fXtKhus5OFkzySKQI8qaQ4FxbYE8aNqjkaWYacw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e22947c313de9-SIN

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 4CED 677 B
541 B 16ms
15ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 369096
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7b2e2294ab0344a7-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 01:49:32 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.26680508.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 25ms
17ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.26680508.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonlinecitizen.com/
Origin: https://www.theonlinecitizen.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7259662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
server: cloudflare
etag: W/"11452-5f1f2ae24215b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7b2e2294ba4a6bb1-SIN

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.theonlinecitizen.com/ 10 KB
4 KB 29ms
5ms XHR
application/javascript 2600:9000:229f:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.theonlinecitizen.com/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:229f:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db0eaf5eedb92698a9505b8a03632bd7a61710c2ccb355b15ce034bc804a792c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:20 GMT
content-encoding: gzip
via: 1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 13
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 15 Jul 2022 05:30:24 GMT
server: AmazonS3
etag: W/"b33496766b474b8bda12337e53f40c70"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: dbUw116974UzFmpor-R4ajYnKA9x1IyyruSxp3jzoIT9JTea6RNqjg==

GET
H2 200 prebid-0139d8284814ae0cfffa91e633965c9f.js Show response
cdn.fuseplatform.net/prebid/ 288 KB
89 KB 8ms
6ms Script
application/x-javascript 2600:1413:b000:14::b857:c156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:b000:14::b857:c156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ebce8cc491ecb1502ab428122fafa57b5a2a963e47df27e2f3949ff8afffb065

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 02:27:58 GMT
server: AkamaiNetStorage
etag: "a9a1b72e7c64c0545a1656c0d1d96981:1666578478.536283"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 90437
expires: Tue, 30 Dec 2025 01:49:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 34ms
12ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

877e115d52ac1100602fd1ab3aed78bdb26a3db8995c9e8bcba590409d877ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25642
x-xss-protection: 0
server: cafe
etag: 863 / 19452 / m202303300101 / config-hash: 5441539219167528270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:49:32 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
283 B 16ms
5ms Fetch
text/plain 2600:1413:b000:14::b857:c156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1680659372368&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=ccd33b5c-e095-5da8-8663-0ed4051d72da&fid=1319&pubid=9&url=https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn&sid=1259d6caa83d7927ff3c&srate=100&adserver=gpt&etm=1273&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:b000:14::b857:c156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Wed, 05 Apr 2023 02:19:32 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.theonlinecitizen.com/ 10 KB
4 KB 12ms
4ms Script
application/javascript 2600:9000:229f:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.theonlinecitizen.com/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:229f:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db0eaf5eedb92698a9505b8a03632bd7a61710c2ccb355b15ce034bc804a792c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:23 GMT
content-encoding: br
via: 1.1 8b193b33626543d66ce5f5750c8af41a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 05:30:24 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 9
x-amz-server-side-encryption: AES256
etag: W/"b33496766b474b8bda12337e53f40c70"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: xEHLWAyngeGSfZV7nz2rQdmRQTK3ZNcqbUPyuDbwkrKUxwIUk6PNIQ==

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
44 KB 4ms
4ms Script
text/javascript 2600:9000:229f:d400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.theonlinecitizen.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.theonlinecitizen.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:229f:d400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a15e530e5c2ecf56f02734b014ea604bc9416bbb6c3ae7370c9fa946252dd593

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:23:13 GMT
content-encoding: br
via: 1.1 8b193b33626543d66ce5f5750c8af41a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 08 Feb 2023 17:32:59 GMT
server: AmazonS3
etag: W/"6b0a086b916dbc23eeeb46d099e7aa8b"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: oUqTh3UHXGrMU92uNhjlXMVQi8Nm4l4qsUVp2x_-8er8aXQ676oGGA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ 397 KB
123 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 05:42:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72410
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125910
x-xss-protection: 0
server: cafe
etag: 14470834828239977126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 03 Apr 2024 05:42:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
73 B 18ms
5ms XHR
application/json 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theonlinecitizen.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4129d4faedfec7346f92d4307e5b8f81b9436a266d6eb9b34d6477957fe2e519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
x-xss-protection: 0
expires: Wed, 05 Apr 2023 01:49:32 GMT

GET
H2 200 tag Show response
btloader.com/ 53 KB
14 KB 349ms
12ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f10deb86c27fc07aa4a863f5a2b5b5f126159552bd3af6ed01bf1e11fb98441

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 01:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 711
etag: W/"d931ab8c7b8979b349fe2c4fd31a8607"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRuL4adJvRRSkBzR0BdkgFCboj1ntsomNyLiLZw9dNIG%2FE4YN9Zpa7wil6sn47BtxMgkpQyzLJzYn00ElDbLIWMDVpDNXntTKQJgKafsiL7N1j73Pk%2FrL1qRasxl5ELKMl7%2BSLcPiRu1iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7b2e22981b3b4495-SIN

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 33ms
11ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1056455
x-guploader-uploadid: ADPycdtmdDtyc5jeHGCfk3UBNDDscmArAhPUX8nOygGCK3wsLDEHHRnGb07LoXEigeE3BTu9t1gxk_KQrKH8vEpN4hIoeg_wbJDj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LL8vVVDavfFRfMyNr2jDxDWKXggxbb0nNMX6vH22RWjOIyqoxJCKhzNIdhiLzLJxLQ8paBon7l8c7iVLNrgvAObDM26KXtX%2Bc0%2F0qruiedvDr8dP42%2F%2F6tJR%2FWJ3EV2cL7pbkVa%2F6MhFtwx2RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b2e2298591d40fe-SIN
expires: Thu, 23 Mar 2023 20:35:10 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 19ms
4ms Image
image/x-icon 142.251.10.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f148.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Apr 2023 19:22:38 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
939 B 31ms
10ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6114643522140499
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1056455
x-guploader-uploadid: ADPycdtmdDtyc5jeHGCfk3UBNDDscmArAhPUX8nOygGCK3wsLDEHHRnGb07LoXEigeE3BTu9t1gxk_KQrKH8vEpN4hIoeg_wbJDj
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJln9HTdZQSuLyXzeqjEWUam50s%2F1Dgbe0zgu0NCmeX9Zkb8VrOjPzRwupsw2hYKocXnrPTc40n5CtlYhET84VYvC6YCjzXu8t7vAZV8uRoFVE2yN38aneTgbQpzNJ70ffqmHruFJFnBAttwsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b2e2298591f40fe-SIN
expires: Thu, 23 Mar 2023 20:35:10 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 238ms
218ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 240ms
220ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=gAw2wuUq&w=4955285950038016&o=5708166709903360&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn&sid=Ly2siIAC&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 01:49:32 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 fp1.html Show response
googlesecureapis.com/creepjs/ Frame 5CBF 346 B
573 B 619ms
618ms Document
text/html 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp1.html?1680659372887
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a557e07f21d1e0db998e74426ff8d4b4f7513600edb19112c69cf784c5dc06fa

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1
cf-cache-status: DYNAMIC
cf-ray: 7b2e22989b674d39-SIN
content-encoding: br
content-type: text/html
date: Wed, 05 Apr 2023 01:49:33 GMT
expires: Wed, 05 Apr 2023 01:49:34 GMT
last-modified: Thu, 30 Mar 2023 08:15:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFw8fW1rRtMbRqv7YDWfgew98MHb6Zq4%2FONyLMAxL9eel0FDIUB31VaKhQrw1v6AjnFFI%2BkvoZu8wsBN1ZpNlZJTpd%2BrZWkUKV9ltGQ8eFZRi9tKeIFRnvqWtS4G7GdLsG13UICV8IYcbDIgUbz9frgBNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
513 B 94ms
79ms XHR
application/json 13.228.131.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn&tmax=1000&gdpr=false

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.131.41 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-131-41.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:33 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 486 B
831 B 683ms
239ms XHR
application/json 147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 0db382a89d475661af1ba2f2bcfcc18fbf8fce0bf0763399a67519e9273c30ee

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
content-length: 261

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
535 B 573ms
194ms XHR
application/json 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: 52060df67101cab2c5e0991d58b4a5bad54c365926fc89d6d47a97d3e5834d09

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 05 Apr 2023 01:49:33 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.theonlinecitizen.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 / Show response
hb.emxdgt.com/ 0
165 B 20ms
5ms XHR
text/plain 18.140.88.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1680659372933&src=pbjs
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.88.29 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-88-29.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonlinecitizen.com
date: Wed, 05 Apr 2023 01:49:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
322 B 95ms
86ms XHR
application/json 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=26907314081

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonlinecitizen.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
571 B 41ms
23ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=461893&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22130b547e4c959e6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214f16ec8b4510af%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22461893%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22461893%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publift.com%22%2C%22sid%22%3A%2201E2PHKB7NBHQXNFS55QG4EEXS%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a44445ce52d083f850b9d5cba806097c167653863034aa33dc8774fcc7b3bf5

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGkbP0zcvNlcTSlMiBRv1qSepDfwMV1J1bYZVOC121CVOTcthzQo4j9wJtREvn%2BHNsSd%2BGXvGNUjbeg9XhzRPQ8vy3OMrVfO6yICS9X7JKTzS0xWANinL1odQIDOS6xaqKQ3Z2bM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7b2e2298fb136bee-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 105ms
85ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonlinecitizen.com
date: Wed, 05 Apr 2023 01:49:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
364 B 250ms
234ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7b2e2298f96b9f98-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 arj Show response
publift-d.openx.net/w/1.0/ 173 B
596 B 117ms
103ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://publift-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=671c4870-0eec-45f0-be79-5e8bc46599d2&nocache=1680659372941&gdpr=0&schain=1.0%2C1!publift.com%2C01E2PHKB7NBHQXNFS55QG4EEXS%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=fuse-slot-21907469848-1&aucs=&auid=542354672
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a114789344ede7d3ce4e64a8993750f7c6e93e7f6e6104f837d57853570da4e1

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
512 B 148ms
118ms XHR
application/json 184.26.21.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.26.21.27 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-21-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.theonlinecitizen.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 05 Apr 2023 01:49:33 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 5ms
2ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=3750268&post=0&tz=8&srv=www.theonlinecitizen.com&j=1%3A11.8.4&host=www.theonlinecitizen.com&ref=&fcp=1094&rand=0.06264188536008386
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 01:49:32 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 donald-trump-4-april-324x160.png
www.theonlinecitizen.com/wp-content/uploads/2023/04/ 31 KB
32 KB 16ms
16ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2023/04/donald-trump-4-april-324x160.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d747309169883235d49cfb56b8bc2c7638665404aa28a6dbc5c80ff3971cfe3b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2971
cf-polished: origFmt=png, origSize=35822
content-disposition: inline; filename="donald-trump-4-april-324x160.webp"
content-length: 31994
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 23:24:03 GMT
server: cloudflare
etag: "8bee-5f88af8a05e0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i84oVgImXq89CvJ%2BrrSnPV9WdYk9Oe4rmYHFsgdZYAeSTiwYiqQ1vjDoMIPPi2aXIfzGpvR1d2q14Vb0k8SOC37pLCzGhDrkc3pYAQSEZB0%2FERv%2FF7rwLdwh2X2IKpCfOqNxO4OO0INOccXRfkidouOHbQKINA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e22990fdc3de9-SIN

GET
H2 200 menu-sim-ann-324x160.png
www.theonlinecitizen.com/wp-content/uploads/2023/04/ 30 KB
30 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2023/04/menu-sim-ann-324x160.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6dd7578bc51758526c11cb18fab8108dd4c71c626dc755283823af395d2996f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2971
cf-polished: origFmt=png, origSize=35313
content-disposition: inline; filename="menu-sim-ann-324x160.webp"
content-length: 30434
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 22:15:55 GMT
server: cloudflare
etag: "89f1-5f88a04f00952"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvRFKUBM5LruGPqZG07KvmV%2FXbov9KVjKALAQW4v7VOcFrlruyPnep1Rg10XAvA87BNqqISdQ3P7Nz4zRhiBYCulBalzmplvccoI%2BZL0FJ%2FnrOX7eP7J9KAvmazTpYxPsCGDYkKmflGQ0amiVu30XoYxfy04Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e22992fed3de9-SIN

GET
H2 200 finland-joins-nato-324x160.png
www.theonlinecitizen.com/wp-content/uploads/2023/04/ 68 KB
69 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2023/04/finland-joins-nato-324x160.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30315b347428a0e4b7554c63ed38d7a8b2114cd29227a6c650ca10ffa439228d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2880
cf-polished: origFmt=png, origSize=96209
content-disposition: inline; filename="finland-joins-nato-324x160.webp"
content-length: 69924
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 15:26:02 GMT
server: cloudflare
etag: "177d1-5f8844b111be5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXxMCx7GCe5MZksOhe6T7XTpLwi%2FQNzIYqHXGy67Y0q9Ne8RMKGsRkmTvcwbsxkTlrc7Hq6VgfVA%2F1OzB%2BFS0NQdWAv7AGnRmeQM52aV30jKp9tbZvhFbTit86oYOg2ur6%2B%2Fk0%2BQdSm6K0%2BlGeTrIvjWmkGwPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e229948043de9-SIN

GET
H2 200 virgin-orbit-324x160.png
www.theonlinecitizen.com/wp-content/uploads/2023/04/ 28 KB
28 KB 13ms
12ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2023/04/virgin-orbit-324x160.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850c7b23728835e7625f26536e8e04105c494f8122f3e563727b32ce4b7af178

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2879
cf-polished: origFmt=png, origSize=31922
content-disposition: inline; filename="virgin-orbit-324x160.webp"
content-length: 28688
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 14:04:15 GMT
server: cloudflare
etag: "7cb2-5f8832692f984"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxm7VGAGNWpn59GTcvar%2FPN73G1lUVQaHjMcEp8Me601VyAMZLxmYPmgd4dBoK2bIbzA2Tezm1EY94jTcx1AVYzMBjwX%2F5lXoTiAjct8IRdgWxkCjPUa5c7WAM%2BvNnA6jqLDiLGiuTfQEFbCM9iCo7EWyKV5tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e229968263de9-SIN

GET
H2 200 featured-image-tiktok.png
www.theonlinecitizen.com/wp-content/uploads/2020/07/ 593 KB
594 KB 12ms
11ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2020/07/featured-image-tiktok.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5d4a5cfb1aaebd712414dd85dd56aede736edbddf0437271f2e5ccb2544dbc2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2878
cf-polished: origFmt=png, origSize=871207
content-disposition: inline; filename="featured-image-tiktok.webp"
content-length: 607284
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Mar 2023 21:39:28 GMT
server: cloudflare
etag: "d4b27-5f605c7ace2c3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnTmN2JbmQ3bnLoXHh%2BwEZFz3mY4vjrqF5TeLlnvtO3CP1%2BAggfF7ucldEza0kfyjSJv5Zwma1glWcvW9Y2Q0jEnN6L2YBO%2FO79pZApvvRWhCcGKd%2FlmTZvnq1ZpLqOkJlqD9rpeyfFbWHK8D2kFK46Kq8JeWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e2299a84a3de9-SIN

GET
H2 200 33CL7YD-preview-1-1-324x160.png
www.theonlinecitizen.com/wp-content/uploads/2023/04/ 21 KB
22 KB 13ms
13ms Image
image/webp 2606:4700:20::681a:26f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theonlinecitizen.com/wp-content/uploads/2023/04/33CL7YD-preview-1-1-324x160.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bac7ef0b19bbe5b5fa18aa20de6d63fbafec15872c2a93b8661696b32e15e6f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/cdn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2877
cf-polished: origFmt=png, origSize=24607
content-disposition: inline; filename="33CL7YD-preview-1-1-324x160.webp"
content-length: 21630
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 11:38:19 GMT
server: cloudflare
etag: "601f-5f8811cb1f8f5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Pc2foz9UHgv8FmZfk9qFq0caCaAZya9Qx6jbrYa1NxfnU0RSdx2qczzvW2qmjBbUN6dFveFwYWl9EEBYiQDJikM7%2Bu7C6aOVSe8gagp99QTc0TXuLlxjZKVtkDbLwSD0eYjzuSU2BvhELqBRlwcTghRzfl%2F%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7b2e2299e87f3de9-SIN

GET
H3 200 fp1.js Show response
googlesecureapis.com/creepjs/ Frame 5CBF 83 KB
24 KB 1277ms
1276ms Script
application/javascript 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp1.js
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/creepjs/fp1.html?1680659372887
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c876310bfecc912717f22dcd49365473ef0ac30c6e1fbdc00998811be71dc820

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googlesecureapis.com/creepjs/fp1.html?1680659372887
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 30 Mar 2023 08:15:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14dd5-5f819b08bcc80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcQ4FMPUzMKYFCJfkDFFj1Gj%2BEAzLHAp1QTUJJgwMEtOB4k8DPpXwPUnv08YFVslVFcK6L5iSzdmm22Oj7jsYG%2BwYwHPQ%2F1I5b%2F1gQGuxmcjDQ7GQ1oOGjk1y8PHde5k5ro1CWNcLguSHdcv%2FDcuf4dahQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b2e229c88474006-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Apr 2023 01:49:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 17ms
6ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=www.theonlinecitizen.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 18ms
6ms Script
application/javascript 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonlinecitizen.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 310ms
310ms XHR
text/plain 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2094682878214234&correlator=3814705288966103&eid=31072020&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22817831195%2CTOC_theonlinecitizen%2Carticle_leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&adks=800423236&sfv=1-0-40&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dwww.theonlinecitizen.com%26fuse_path%3D%252Fcdn%26fuse_query%3D%26fuse_category%3Dcdn%26fuse_industry%3DIAB12%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3Dccd33b5c-e095-5da8-8663-0ed4051d72da%26fuse_publication_id%3D9%26GPT_READY_MS%3D1000-1499%26PREBID_READY_MS%3D1000-1499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D1000-1499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D1000-1499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D2500-2999%26CMP_LOAD_FINISH_MS%3D1000-1499%26FIRST_ZONE_MS%3D1500-1999%26HB_AUCTION_START_MS%3D1500-1999&sc=1&cookie_enabled=1&abxe=1&dt=1680659373641&lmt=1680659373&dlt=1680659371970&idt=489&adxs=606&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn&frm=20&vis=1&psz=728x0&msz=728x0&fws=132&ohw=1600&ga_vid=1572011804.1680659374&ga_sid=1680659374&ga_hid=267254486&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7998aa11dfb57dbfaaa534bdfc2c13e6e2a0cbc4e944a619581f2a12cc3d5957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11460
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 22ms
12ms XHR
application/json 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c43789f4e61770bace61983297b2dadc0711e06687ac0d224d35bf9a0e3502a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11288
x-xss-protection: 0

GET
H2 200 container.html Show response
b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3B6 6 KB
3 KB 25ms
5ms Document
text/html 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:49:33 GMT
expires: Thu, 04 Apr 2024 01:49:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
283 B 5ms
5ms Fetch
text/plain 2600:1413:b000:14::b857:c156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=21907469848&cmpj=none&v=1&ttm=1680659373658&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=ccd33b5c-e095-5da8-8663-0ed4051d72da&fid=1319&pubid=9&url=https%3A%2F%2Fwww.theonlinecitizen.com%2Fcdn&sid=1259d6caa83d7927ff3c&srate=100&adserver=gpt&etm=2563&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/1319/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:b000:14::b857:c156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://www.theonlinecitizen.com
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Wed, 05 Apr 2023 02:19:33 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 15ms
6ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:49:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDF5 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 21430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 19:52:23 GMT
expires: Wed, 03 Apr 2024 19:52:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 52DC 783 B
1 KB 22ms
12ms Document
text/html 2404:6800:4003:c01::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::67 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c797562ca95bc983870a404cba7fb1fe97e74d94ca21046bb67c62a5029e66d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h0QyQgr6VgfgtyFsHG237g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-h0QyQgr6VgfgtyFsHG237g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:49:33 GMT
expires: Wed, 05 Apr 2023 01:49:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 TbkRrD5BXGyp-AXWn4EJ5yVok9cUGO3dMlQ2-4_WT-o.js Show response
pagead2.googlesyndication.com/bg/ Frame FDF5 36 KB
14 KB 12ms
4ms Script
text/javascript 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TbkRrD5BXGyp-AXWn4EJ5yVok9cUGO3dMlQ2-4_WT-o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db911ac3e415c6ca9f805d69f8109e7256893d71418eddd325436fb8fd64fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 05:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14203
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 05:33:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 52DC 0
0 5ms
4ms Image
text/html 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=2094682878214234&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FDF5 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0Fpuhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 35ms
16ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-0139d8284814ae0cfffa91e633965c9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Apr 2023 01:49:33 GMT

GET
H2 200 container.html Show response
b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C803 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:49:33 GMT
expires: Thu, 04 Apr 2024 01:49:33 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C803 0
0 14ms
13ms Fetch
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjwnMrdMsZNfuKoWSvQTVyLmwCL3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMBqgTCAk_Q38xfT7NSrWrL1gF5hxXUF6kQXfZ3mj7HClS53hKk_hos-P0MJE7ntPPoZ-jhQh3iyYg2kKEkCuH_WCu1v5avUVMgaaSCBPaX9riEOZZFBBhB9xv86lYe5Y7mIDpRnqXAGpbWuLvZqKsdxwJJwSkV5W8N2EnVTHmA6N8tKLEC-Q1cIrAmtZ_orEgXuhnokeEmls0TUzTAHCJdr0PMonUjQY3umzpdcU9R1dzb1Arfw6YEyBXZ3Mr75dDjJhjcYXVssohovcP8ExVHnIJRsBMCELlKxKLPrzWbhZUu0CDbUkbgzWFva8awS6_ukl3eeeh8uOvWnK_QTgDtCMOGhDjehF8C2FBr3CMGQNvxLSEjeIcFyiKEQSfrsUmjo4rxzCMLFsELPfka52q2NZO6sh7mHm2nM133u0_PqW63jsXOlR_gBAGABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTM4NTk5NjM5NzE2NjU2OYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=O_Jc39Rr4a4&uach_m=[UACH]&cid=CAQSTADUE5ym-4YaGnIQHR7ODfFUAxjkSKTNuYTYUgc7xiPXFkK1xGFMB4QGYlJuiY21vSMo2eocEf8DpCSKkKB_HTwJesCaJHOwqBcj9T0YAQ
Requested by: Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame C803 0
0 586ms
214ms Fetch 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k9u5FpPNCcoHWuC82V0CAAAAHUL_eV8vfNe13ephhfBvkRCs0yxkuXhjJXPSVpNXAQAAEgAACgpBUVVCRFFFQkRR&wp=ZCzTrQAKt1cKj0kFAA5kVde2a46OgwAFotNX0g

Requested by

Host: www.theonlinecitizen.com
URL: https://www.theonlinecitizen.com/cdn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 108924
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 7018 133 KB
44 KB 70ms
57ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZCzTrQAKt1cKj0kFAA5kVde2a46OgwAFotNX0g&u=%7CA9FhUgJqyH4snPZ6u4G4HYawsQOdjGEe9KPNykcKbd8%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkHIcsy4r7MJUn_1vMC-YK7_lRmDpQLmDi6hUWxLdde1QCE9MbqinJuyTJy5nSXBPgCsX6_0N9DPRI4srsJBKhGWhNjj9GTQJUYMbZYGJrr1Y7c3KDLqlOpIYVfbTv1DFrn_2CJSFHqdtNkouEitwSwxdYFKRWd6IdzH77YzYLP-R_062vWanpvYZav25td2YfG1F9P0IdqVE-fji5UFniE6XDt7pstjjGoYiiieDbyrH8q49BuhJUPt8ao0u9V6e2hT5y81La4OITnrjdyiclXgAisNm_LZ0zOcjyR_DheTI9JnC9hLozIDP5wInBU-H7JNz7eIPh4C82MkI9pZ28zIV-fAaeAUGiR8kCEEqJniHWvRHW7lqFEQJwe0Do9MwdqGL58xXJOeJvhLE-HBH6bVRAymdTHxPAWplyoMHt9ckP0oomHAhTGYkdTsz-2q6ckvkYFZSgHb_r0KYGCmjLrOgweMHj_rBhYVe-auRf6mFVCwn203ZtfeH8NBHooiL2UqDB_peZs1X7wvebcNYrIekFydbhucLE6sfPJMd9SWTUqc3zNmgTaECJBZDsa1xA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe93brdMsZNfuKoWSvQTVyLmwCL3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMBqgTFAk_Q38xfT7NSrWrL1gF5hxXUF6kQXfZ3mj7HClS53hKk_hos-P0MJE7ntPPoZ-jhQh3iyYg2kKEkCuH_WCu1v5avUVMgaaSCBPaX9riEOZZFBBhB9xv86lYe5Y7mIDpRnqXAGpbWuLvZqKsdxwJJwSkV5W8N2EnVTHmA6N8tKLEC-Q1cIrAmtZ_orEgXuhnokeEmls0TUzTAHCJdr0PMonUjQY3umzpdcU9R1dzb1Arfw6YEyBXZ3Mr75dDjJhjcYXVssohovcP8ExVHnIJRsBMCELlKxKLPrzWbhZUu0CDbUkbgzWFva8awS6_ukl3eeeh8uOvWnK_QTgDtCMOGhDjehF8C2FBr3CMGQNvxLSEjeIcFyiKEQSfrsUmj4YjQXqLAu6_xkISrN0UDzdmtuOvvMHU3lJXYDr1wt0KvDSt7--W5CT3gBAGABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTM4NTk5NjM5NzE2NjU2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UNpmgEE3UEn-tMt334SovPoOkzQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
URL: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b95c5258150f6bc71af0867b46da7505c757fbe2c78d0817919f752fb6e3899b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:49:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=QMS5T6ytWYV_xa9X3ooRKDwDp5LV5_B_Nnn3PwIXNZfp0S5NaV0kq-aEGxzRWcLK7FOftec698WuU6b5SCms06UxdfKSXwnuYC1afwzqLwqh_Aha2SNhVfyqGBTMDcuIJzaQlyj0LnqeoO5Dcn7zWuBCqW1PjmMjb4bQ-l_tzVqwsQGA1RsraDl4JmUrITQ6IA12dY9rXiH9C15Wz5jeNLE9SpZz0xBB695tUmcB_jCeyw0o5CTMuBIjTmuRGnlqguQllw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53327806
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C803 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Host: b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
URL: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:10:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C803 20 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
URL: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:01:59 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C803 24 KB
6 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c0f::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
URL: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 13:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Apr 2024 13:40:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C803 158 KB
49 KB 19ms
6ms Script
text/javascript 2404:6800:4003:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
URL: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:49:34 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DCA9 15 KB
6 KB 16ms
4ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonlinecitizen.com&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:49:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 632447
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 102ms
35ms XHR
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Apr 2023 01:49:34 GMT

GET
DATA 200
OK truncated
/ Frame C803 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3194aa81823c7bd1d45f861c649fd55e5ee0660c4618ec76cf6a3b3990abcab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame DCA9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonlinecitizen.com&sn=ChromeSyncframe&so=0&topUrl=www.theonlinecitizen.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uqYm43xYdmpySGk1WEpweU1ieUNaU3BLcjJlbHFWVE0ydDhYeThCNkgxNWgxVEpSbFFxdnpteU9jWm5HNGV3dTBxSUs4eWgwMXI0RzRqZG43S3AvZ3V0YjJ3Z3FpYUFtSjFmR21hZEZGdkFBUHJSNHVEcEhyaEF3bUR4RF...

454 B
675 B

32ms
6ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uqYm43xYdmpySGk1WEpweU1ieUNaU3BLcjJlbHFWVE0ydDhYeThCNkgxNWgxVEpSbFFxdnpteU9jWm5HNGV3dTBxSUs4eWgwMXI0RzRqZG43S3AvZ3V0YjJ3Z3FpYUFtSjFmR21hZEZGdkFBUHJSNHVEcEhyaEF3bUR4RFVLNWw0Z2xRVzk0Wi92VGhQSm44M1pzK1FTaDdnRFBFV2JVcDFJcXhiTnF4aDlUc3R0anhuVEpRVU5BSEdyaHFqL0NvRHUzZFFUVExqRkFxSnZiZjFISjJEd3B5L0hMTE1sVlNMQmJpa3JQQWRPc29qMGRtTDF5Q2ZEK1RTRE1MeFBQQlNhQzV3eStaVTlGU3RZRHBnU0xzeFVobXFPWGZuMmZrS0dKSjBCUFJPTFhuMXB2bz18&cppv=2

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

58097a2b80aadb4e6392530c9e30bf0f7395e27dbec1d7598a97c64b8e11b069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3235025
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=uqYm43xYdmpySGk1WEpweU1ieUNaU3BLcjJlbHFWVE0ydDhYeThCNkgxNWgxVEpSbFFxdnpteU9jWm5HNGV3dTBxSUs4eWgwMXI0RzRqZG43S3AvZ3V0YjJ3Z3FpYUFtSjFmR21hZEZGdkFBUHJSNHVEcEhyaEF3bUR4RFVLNWw0Z2xRVzk0Wi92VGhQSm44M1pzK1FTaDdnRFBFV2JVcDFJcXhiTnF4aDlUc3R0anhuVEpRVU5BSEdyaHFqL0NvRHUzZFFUVExqRkFxSnZiZjFISjJEd3B5L0hMTE1sVlNMQmJpa3JQQWRPc29qMGRtTDF5Q2ZEK1RTRE1MeFBQQlNhQzV3eStaVTlGU3RZRHBnU0xzeFVobXFPWGZuMmZrS0dKSjBCUFJPTFhuMXB2bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 341551
content-length: 0
expires: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7018 2 KB
1 KB 6ms
5ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZCzTrQAKt1cKj0kFAA5kVde2a46OgwAFotNX0g&u=%7CA9FhUgJqyH4snPZ6u4G4HYawsQOdjGEe9KPNykcKbd8%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVOjE89GaszXgkomLnrnn8qkHIcsy4r7MJUn_1vMC-YK7_lRmDpQLmDi6hUWxLdde1QCE9MbqinJuyTJy5nSXBPgCsX6_0N9DPRI4srsJBKhGWhNjj9GTQJUYMbZYGJrr1Y7c3KDLqlOpIYVfbTv1DFrn_2CJSFHqdtNkouEitwSwxdYFKRWd6IdzH77YzYLP-R_062vWanpvYZav25td2YfG1F9P0IdqVE-fji5UFniE6XDt7pstjjGoYiiieDbyrH8q49BuhJUPt8ao0u9V6e2hT5y81La4OITnrjdyiclXgAisNm_LZ0zOcjyR_DheTI9JnC9hLozIDP5wInBU-H7JNz7eIPh4C82MkI9pZ28zIV-fAaeAUGiR8kCEEqJniHWvRHW7lqFEQJwe0Do9MwdqGL58xXJOeJvhLE-HBH6bVRAymdTHxPAWplyoMHt9ckP0oomHAhTGYkdTsz-2q6ckvkYFZSgHb_r0KYGCmjLrOgweMHj_rBhYVe-auRf6mFVCwn203ZtfeH8NBHooiL2UqDB_peZs1X7wvebcNYrIekFydbhucLE6sfPJMd9SWTUqc3zNmgTaECJBZDsa1xA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe93brdMsZNfuKoWSvQTVyLmwCL3U7rBc8K_Evn3AjbcBEAEgAGC_BYIBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMBqgTFAk_Q38xfT7NSrWrL1gF5hxXUF6kQXfZ3mj7HClS53hKk_hos-P0MJE7ntPPoZ-jhQh3iyYg2kKEkCuH_WCu1v5avUVMgaaSCBPaX9riEOZZFBBhB9xv86lYe5Y7mIDpRnqXAGpbWuLvZqKsdxwJJwSkV5W8N2EnVTHmA6N8tKLEC-Q1cIrAmtZ_orEgXuhnokeEmls0TUzTAHCJdr0PMonUjQY3umzpdcU9R1dzb1Arfw6YEyBXZ3Mr75dDjJhjcYXVssohovcP8ExVHnIJRsBMCELlKxKLPrzWbhZUu0CDbUkbgzWFva8awS6_ukl3eeeh8uOvWnK_QTgDtCMOGhDjehF8C2FBr3CMGQNvxLSEjeIcFyiKEQSfrsUmj4YjQXqLAu6_xkISrN0UDzdmtuOvvMHU3lJXYDr1wt0KvDSt7--W5CT3gBAGABsyk0aa13aDi5AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTM4NTk5NjM5NzE2NjU2OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1UNpmgEE3UEn-tMt334SovPoOkzQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7018 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7018 308 B
636 B 4ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7018 293 B
621 B 5ms
4ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 7018 43 B
348 B 22ms
7ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=_XDboEJKUUXz4Tk3KfHWoXfRrnDuPDBsX8PQBvdIFPMcmc2uNDfvLjXHpXXc1OzW7EMxTxUw15lZdLsoCzUx4BiTm7CG4TJp7oksK4xcUzJh7aSJPjnqiaFZeP8sfh_hP9hvAvRfAFlmF2o97wOa1_QF42d-8GKJtgA8hCzuzgeS-bzHTQu7MzAvMZeQdtZ5nGCRsKj2T37bE9Do6eoy1HseeuNDwX4WBZzS0_OoeboXKx9A84V3hTsRXzulcTgcJ_JsPRGJpmGrpCrHvCAhxRwz4jpMcLOelADH1FTqgE7v-4fsqbZEVlRduCgfvOEmTEzTwK9IfpHy-jNAfCUr22Wh3vWIdkpsbX5V-GdMBjV-zRiVhzKCWUz3JeLuDYhfNkhQ9RVYAxiSEfwz1AfoziX5PMj2RTu9iWYoN1y5CJe6c74Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3422562
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7018 12 KB
5 KB 24ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1043335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPyU1Y3mrsYza3zefHSZx89Db38fwt0Q2lHmyZg2ofmDJE0tyxQnF2VVXZHQEhQWuAUENMAju7kocVau1Uw8CkW59t6dosozK8q6NjlZYdkYlhEGnLLmVGk%2BlvWvEdPQFHZzXb8uJKZq5vo%2Ft9seXSxz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b2e22a0398c4112-SIN
expires: Mon, 25 Mar 2024 01:49:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7018 12 KB
6 KB 4ms
4ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 7018 31 KB
31 KB 16ms
5ms Image
image/png 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?h=176&m=0&partner=26310&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F26310%2F230116%2F007c9cafe47143aa97957c61ae548de8_logo_n_square.png&v=3&w=492&s=3cMh0Oy2RwtgGKNguC3eNZUa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

af0a0eb8f73401454e8fb2f5b226992632731df431fedf2998dc2002059f099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=26953310
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31695
expires: Sun, 11 Feb 2024 00:51:24 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 7018 20 KB
20 KB 21ms
11ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2Flenovo-laptops-ideapad-1i-gen-7-15-intel-hero.png%3Fcontext%3DbWFzdGVyfHJvb3R8Mjc3NzI0fGltYWdlL3BuZ3xoYTQvaDU4LzEyNzk3MTg4ODMzMzEwLnBuZ3xjYzIwZDRiNjkzYjgxM2FjYmVhY2E2YWZhN2E3ZmRjMDM1ZmQwNTNhYzcwNzY2MTg4MzczODAyZGJiZWFjYjc1&v=3&w=400&s=qF7WD1WjeqcfRkUkRoP-DtRg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

11ad59fb6b7c32f08093d5c7b922ae66d3621719bff45c6b6ecc3aa26d65580c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20260
expires: Wed, 05 Apr 2023 01:49:34 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 7018 15 KB
15 KB 20ms
10ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2Flenovo-laptops-ideapad-3i-gen-7-14-intel-hero.png%3Fcontext%3DbWFzdGVyfHJvb3R8NDYyOTU3fGltYWdlL3BuZ3xoNWYvaGE3LzE0NjgzNTMyNzU0OTc0LnBuZ3w1OGQ0OTIwN2YwNjQ0MjMxZjAzYmNiNDBiOWY2ZWVlZGZiNGJlMTYwZTk5NzI5ZTM4M2M0YzI2N2I1OTI0NTQ5&v=3&w=400&s=qNx9_rF864uafnzBaL8o00id&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5b951467b7ed3f7d3a41a7692b0f2cc40a6c267df391b38875f7447d3af6437a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15486
expires: Wed, 05 Apr 2023 01:49:34 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 7018 13 KB
13 KB 18ms
8ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2FThinkPad-X1_Carbon_Gen_10_LEN101T0009_725x515.png%3Fcontext%3DbWFzdGVyfHJvb3R8MjAzODU5fGltYWdlL3BuZ3xoYjkvaDNhLzE0NDc2Mzk1NTQ0NjA2LnBuZ3wwMjRlMjVlM2ViMGE1OWQ4NDUzZThmZjBmYjc5OGNlOGE1ZTlkYzg1OGI2YzA4YzEyZGE2OGMwMDY4MTU3OGVi&v=3&w=400&s=8viuTZyKOZWvyXQwNyGb0C8o&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5cbcd38ed0e6b90400eeec682eb41cbfca8d756f635ca053161510770adb7675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13194
expires: Wed, 05 Apr 2023 01:49:34 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 7018 7 KB
7 KB 23ms
13ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2F%3Fcontext%3DbWFzdGVyfHJvb3R8Mzc2ODE2fGltYWdlL3BuZ3xoOTIvaDU3LzE0MDAxMTgwOTM0MTc0LnBuZ3wyMmQxZWQzOGFjMjgzM2Y2ODcyN2M3ZTM1ZjNjMTUxNDlhNzc2NTIxYmIxMzc5NzYxNTMyNTdlMWJjMWU5YTll&v=3&w=400&s=S3QUyjRAxJpPXZPWWwCpsJM3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

5ba7921effb05d0b041ed4a8d29fe8f9f941e6976214baec08496dea53b888ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6892
expires: Wed, 05 Apr 2023 01:49:34 GMT

GET
H2 200 img
pix.as.criteo.net/img/ Frame 7018 11 KB
11 KB 21ms
12ms Image
image/webp 2406:2600:7:100::7
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fwww.lenovo.com%2Fmedias%2F%3Fcontext%3DbWFzdGVyfHJvb3R8MjM5NDIxfGltYWdlL3BuZ3xoMTcvaGM1LzEzMjAyODg3OTk5NTE4LnBuZ3w1ZDM0M2E3NDZhNWE0YWQ4YTc3ZjE2ZTgxMmFiNjI0NDFkOTQ0NjJiZjAxYmY0NzM0YWE5YzVhMGQwN2NiNmZi&v=3&w=400&s=jdwtjuEV8Xg8rXZmDwlSdcM0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

df245a99c70accc1221fc122005760f844b1a9c85406711144585f463069447f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11182
expires: Wed, 05 Apr 2023 01:49:34 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 7018 0
128 B 16ms
4ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=QMS5T6ytWYV_xa9X3ooRKDwDp5LV5_B_Nnn3PwIXNZfp0S5NaV0kq-aEGxzRWcLK7FOftec698WuU6b5SCms06UxdfKSXwnuYC1afwzqLwqh_Aha2SNhVfyqGBTMDcuIJzaQlyj0LnqeoO5Dcn7zWuBCqW1PjmMjb4bQ-l_tzVqwsQGA1RsraDl4JmUrITQ6IA12dY9rXiH9C15Wz5jeNLE9SpZz0xBB695tUmcB_jCeyw0o5CTMuBIjTmuRGnlqguQllw&sds=2&rev=85392.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7018 2 KB
1 KB 4ms
3ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 7018 682 B
665 B 5ms
4ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 7018 682 B
665 B 5ms
5ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 7018 23 KB
23 KB 37ms
37ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 7018 23 KB
23 KB 55ms
54ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Mar 2024 01:49:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C803 0
20 B 5ms
5ms Image
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.346,e2e.617,fs.340,reqs.341,ress.346,rese.347&srt=6&e=&id=csi_pagead&gqid=&qqid=CJf51IfQkf4CFQVJjwodVWQOhg&rt=lb.89,ol.271

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 7ms
6ms Image
text/html 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=2094682878214234&bg=!fH-lfyvNAAbEgrg45II7ADkAdvg8WmvFNZHkp499SUJojwHTt59FUlfQePyFfTwx_2YilH4BkuCzSGfkEcCAcQdu40QS4iesd2ECAAAAPlIAAAABaAEHCgA830SMDkOCRnBiYc2ZiWU3LJMmC4TCEVzkMCRYJRI70zGP0MqAT1EduHuI0Yua_B9n52mRQ175LSFSECt6mQKh5hDJc_-zqDXMKjPGWFkmHsob0NfaaeH-fb4-bb1Ni3EPPtiQ0w8MU8j_Fhgr1epkYsbSONQAmvB8ctmBF3L6Z8Czqw6R7lB5GtVLdb2uQZIIZut4a9R_Ad9IThwHdzLeFOOHzfezsP5vk9jGP4-dQPQXT1wfb7aVNz1PwUxSeItvK-AUfU_iupdjcMAIoWjvhkeyxvqMy2BGSOLLtbDuAqqWl_OlO5XLdVWRhZiLQN5QaL9jDMeMDvVU21FJnme9TWBbjTWVbo0Zm74qImcaFl92vnsDsxERz5ktwTS3XvyaKYmL1f8BiWEZDR5hNSsk4Dyk_h1VFpu7_BHu064km9WSSZczfwdgCVBUGy5YJ4vzOJ4lMOSjtZpXyUSYfeENITs8BtwEe_7B_vK9OAMK6ZLftYChaEDYg9f44d4H09LZWWGi3f9jQ8Zf06t6qkvfbpo8PpG07-FnJm4nwr8NR9CXQJl4XSjeR56m778vdY8K8YHpFTO_zAGpU8btBNxj3cR7XNy2sZmVqwctE1GqwR1GxkroELFHPgmtEsL5F8BeMIvr01RXrW9G0wQFTKAiHwQiahsGvB5JwR41nBkucDwnKAmSNZQAwRCx8BBWoi7WqevSATVly9F_RFkp8yAP1uybpq23fXMeR4D1Dwc2VeuO1F7PTgu9cvMqQ0p5XRU7GSDqaTxTGWehfvskRwvENJgRMQhTx6FAGM2Nt_XPikI3TY5blv1Bri4xO2-7eU8DWErAaVItmYHOKQL7mSgcXV1l1Sg7_qNFxVPVtjL23i2KOQXhQbaJfuUOpL_dOdbiViqH32h3ru2REX2zIM8YvsBokmCfJ5NJHU4HGRC_JzKv0q1zjvqbzuZPaXQ-cAvqhZBMF9XHzxvn_GphpqjWSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.theonlinecitizen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 fp2.html Show response
googlesecureapis.com/creepjs/ Frame CA21 178 B
586 B 1086ms
1085ms Document
text/html 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941fefa67997f20785f8b10da2d423031dc634bd6f446b5456ddc7d2229357a7

Request headers

Referer: https://www.theonlinecitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1
cf-cache-status: DYNAMIC
cf-ray: 7b2e22a59e394006-SIN
content-encoding: br
content-type: text/html
date: Wed, 05 Apr 2023 01:49:36 GMT
expires: Wed, 05 Apr 2023 01:49:36 GMT
last-modified: Thu, 30 Mar 2023 08:21:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG2clj8TL9kBZBaa%2FyjOZD5Qf86T98NpHVFJ3LDEfZqZ2Q%2BUnzozoA%2BcXcKBvRhLe%2BMoRCzgyTHoIPQjUqCX7DCjb5ashjl7WEk7pxUv55GPOoaBwvtyOJeYJrQ2IXU4JEagavLil2XrHtydFh03eoobiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C803 42 B
174 B 7ms
6ms Fetch
image/gif 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBirHmOJ8DRUOH6rQR55A8FvRdYwPQu7F2OGZLcNLcgjyYR1i874-yZPnIeJBhoxOqWFN447bpV8Xn3GGJDJbhkvI&sig=Cg0ArKJSzCvpgbUXhaLJEAE&id=lidar2&mcvt=1000&p=56,606,146,1576&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=800423236&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680659373981&rpt=84&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:49:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 7018 0
127 B 4ms
4ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 01:49:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 fp2.1.js Show response
googlesecureapis.com/creepjs/ Frame CA21 22 KB
5 KB 1680ms
1679ms Script
application/javascript 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp2.1.js
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f37aa23b5971d5177db43e9f187a666ef1875a4e5b111bb84f4421ad4fec16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 May 2020 16:09:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"57b2-5a4d4c0ba2540-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVgsPGTIgDSX%2Bkg46%2FET9OSqOPzk6lKjJvoGb7GeQvhD72M%2FZ87h2nP60wJp1nsk6W1GFpGAB%2Bg080Nno7buNaguHrWo%2B7XYgzPKW%2FY6cQWqEY2HZLKvBz%2Fff2c%2Bk%2BuUT%2BGnejmuuvQZP9Ohc38do%2BMciw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b2e22ac7ab64006-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Apr 2023 01:49:38 GMT

GET
H3 200 fp2.2.js Show response
googlesecureapis.com/creepjs/ Frame CA21 9 KB
2 KB 1052ms
1051ms Script
application/javascript 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp2.2.js
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 May 2020 16:09:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"24ca-5a4d4c0ba2540-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6aP%2BSEpRFksagsMnu4TdeD6fn7ajXjyOO5wRNXeaYe%2FPfVTLw1nK0lDDsao8nHXMIbCv8AaeYw%2FxdVg8%2Bt4FPnrOYN7vAtByMlZZCjRwkc5A7Alep%2FPwJzXy9JH3aYDgV%2B1D9l1cy4fo5Uttl%2Bkuh%2FErQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b2e22ac7ab84006-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Apr 2023 01:49:37 GMT

GET
H3 200 fp2.3.js Show response
googlesecureapis.com/creepjs/ Frame CA21 135 KB
29 KB 1268ms
1268ms Script
application/javascript 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp2.3.js
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3871884e962fda6a078aeba896f8e8f55686bfa4bd808a08e320ce17f098aa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 23 Mar 2023 09:31:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"21cdc-5f78df1290500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyszIM1fZJ2mcapYrgL22er4ZYRcZjanoSGccRwSGN9kAdB7uwOIXDP9vRu3ELUtmQSajtWwqYs82l6xzyVEm3fV1KRo%2BuAWvKg%2F7feOYvw9b0%2FUZaEmdotLrxxif6dT%2Fg0JffMnqYUDv2WxdAhDf99XpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b2e22ac7ab94006-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Apr 2023 01:49:37 GMT

GET
H3 200 fp2.4.js Show response
googlesecureapis.com/creepjs/ Frame CA21 5 KB
2 KB 1672ms
1672ms Script
application/javascript 2606:4700:3031::ac43:dc0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googlesecureapis.com/creepjs/fp2.4.js
Requested by: Host: googlesecureapis.com
URL: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:dc0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ee855a9fc7a49e37a4b8b8d58e364f716146a89d0d7438c68fa23bd746f45d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googlesecureapis.com/creepjs/fp2.html?1680659374973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:49:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 03 Apr 2023 06:55:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1203-5f8690adf7340-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zj%2Be14sXLgIA6W1T5jCrUovc6dh10gPWrVWO3APzwePm7C4cICAGCvf0CGlOirG0YhPQfB%2Fxqz%2FBpPRyBErEHP8QLnKjfmQ0pLcn7w3CWdyKrsWIfbsgFS8VR%2FEtfMYGdGaZr6iie0BY8GpUnoIDOzteg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7b2e22ac7aba4006-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 05 Apr 2023 01:49:38 GMT

GET apihandler.js
googlesecureapis.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlesecureapis.com
URL: https://googlesecureapis.com/apihandler.js?gsecfp1=1431868604&gsecfp2=991a9d158ef8580b957f82684ed52bfa&gsecfp2dbg=1081074710&gsecsid=f260ae8f61628ffac96d81dd1d853729a1c00f64&rf=aHR0cHM6Ly93d3cudGhlb25saW5lY2l0aXplbi5jb20vY2Ru

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theonlinecitizen.com/	1969-12-31 23:59:59	Name: pmpro_visit Value: 1
.openx.net/	1970-01-20 19:36:35	Name: i Value: 40a2b0cd-ad5d-054b-1651-1d1cd3da1c72\|1680659372
.teads.tv/	1970-01-20 19:35:08	Name: tt_viewer Value: 33d7eff8-b60f-4fc7-bcc7-a54fb4708b14
.connectad.io/	1970-01-20 11:34:47	Name: uid Value: b8b692035a655c0a302c2c039bb2b903c5f4bae3
.lijit.com/	1970-01-20 19:36:35	Name: ljt_reader Value: GbWtJBZHNBjASnN8SpWgCzxN
.prebid.a-mo.net/	1970-01-20 19:36:35	Name: __amc Value: 1_1680659373_1680659373
.a-mo.net/	1970-01-20 19:36:35	Name: amuid2 Value: 8d5936a0-cfe3-4390-9b52-e01b8d7121d1
.prebid.a-mo.net/	1970-01-20 19:36:35	Name: sd_amuid2 Value: 8d5936a0-cfe3-4390-9b52-e01b8d7121d1
.theonlinecitizen.com/	1970-01-20 20:12:35	Name: __gads Value: ID=9dfb0299e99182b0:T=1680659373:S=ALNI_MY0eAquIYs5Zj-THa-YntnbN7IMag
.theonlinecitizen.com/	1970-01-20 20:12:35	Name: __gpi Value: UID=00000bec8bd505b9:T=1680659373:RT=1680659373:S=ALNI_MaiT-5lARYzka2aTsBDEN_5Xo9veA
.doubleclick.net/	1970-01-20 20:26:59	Name: IDE Value: AHWqTUmgJVVAwyhj-nxf-HSa_Ry1WF0Qv4clxdvgQRZYBOA7PLF53fbeDCQ7Yo-alq4
.criteo.com/	1970-01-20 20:12:35	Name: uid Value: 67a00500-bc0f-4e7b-9ea6-5f7db04f416f
.theonlinecitizen.com/	1970-01-20 20:12:35	Name: cto_bundle Value: 7ZsmMV9hdEpjQk9qd2VRMkpaSHJKN3VmcVg1dVJTaXFFdzFVeGR1UDQwZmhGQndMbk5rYXUlMkIzV29vVm9ESjJSTlBwbEtKcEdTMjV2UWNtbkZ1NGxZTGZpNWFrU0lCUlMlMkJCeDM0cmVicEs2SGEyR0tOMXpoU0FFZ2dDQWhsN3RrV25GSiUyQjBqcFZCR0JJQjJOenRSSEpVcVdFJTJCdFlFQXRVMVNlRzNselhKJTJCbmt1QmtjJTNE

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.theonlinecitizen.com/cdn Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.publift.com/fuse/tag/2/1319/fuse.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad-delivery.net
ad.doubleclick.net
ads.as.criteo.com
adservice.google.com
adservice.google.com.sg
ap.lijit.com
api.btloader.com
b449ada7c6f49d3bd903c85d256de3f5.safeframe.googlesyndication.com
bidder.criteo.com
btloader.com
cat.sg1.as.criteo.com
cdn.fuseplatform.net
cdn.publift.com
cdnjs.cloudflare.com
cmp.quantcast.com
csm.as.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googlesecureapis.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.connectad.io
mug.criteo.com
pagead2.googlesyndication.com
pix.as.criteo.net
pixel.wp.com
prebid.a-mo.net
publift-d.openx.net
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.addtoany.com
static.criteo.net
stats.wp.com
tlx.3lift.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.theonlinecitizen.com
googlesecureapis.com
103.231.98.193
104.18.25.185
13.228.131.41
130.211.23.194
142.251.10.148
147.28.129.37
18.140.88.29
182.161.73.132
182.161.73.136
184.26.21.27
192.0.76.3
2404:6800:4003:c00::5e
2404:6800:4003:c00::9c
2404:6800:4003:c01::67
2404:6800:4003:c03::9a
2404:6800:4003:c04::9b
2404:6800:4003:c04::9d
2404:6800:4003:c05::84
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::84
2404:6800:4003:c11::9c
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::15
2406:2600:7:100::7
2406:2600:7:100::9
2406:2600:7:100::f
2600:1413:b000:14::b857:c156
2600:9000:229f:d400:9:46dc:4700:93a1
2606:4700:10::6816:37ce
2606:4700:10::6816:47c5
2606:4700:20::681a:26f
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:3031::ac43:dc0d
2606:4700::6811:190e
35.244.159.8
63.251.14.14
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ba2a0da5c4bbb91065d70e8d6e9e22b1eb1c2e066ac876e261efcc96036b031
0d31ff9077184eee2d35cdaa3ee8f519114d38efa4ce61b03b3d4f6c8d7aa861
0db382a89d475661af1ba2f2bcfcc18fbf8fce0bf0763399a67519e9273c30ee
11ad59fb6b7c32f08093d5c7b922ae66d3621719bff45c6b6ecc3aa26d65580c
1a4dd11c3764a3be7caee75eeb660be2d9f01fc3ba61f95990d8f64e5e441875
1c02d5750f1de52549e2910ce20ed530341e56e42ef653497c761495aafe0993
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22eadacd2708090fd941e85769d2898fb6d9061d81f7b670a2eb1f7541243e10
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26a6e02b52f547e5d8727ae8a96b3510014d37e54e7b577524bcef18d330e89e
2c43789f4e61770bace61983297b2dadc0711e06687ac0d224d35bf9a0e3502a
2c5cc47eb8499efe3f4353bc50b38690756e78da21b0e158e14293b39c5ef812
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
30315b347428a0e4b7554c63ed38d7a8b2114cd29227a6c650ca10ffa439228d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a4e0f2d17f0e489c259eb86061835c0918fd2ede3e96e7ffb659b77f8fdf2d9
3d98c32d37199987b82fb0783cff7d427f9f77b07d8b272858bfb0b7f9f634b6
4129d4faedfec7346f92d4307e5b8f81b9436a266d6eb9b34d6477957fe2e519
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484f935f743dadae7d276edbb8f95e6375825f179122d24848357428bb8b598b
4bac7ef0b19bbe5b5fa18aa20de6d63fbafec15872c2a93b8661696b32e15e6f
4bafeb0db2e6af85d34fd1d2898bd94f7be9bf106419a6b588b08c56dddec811
4db911ac3e415c6ca9f805d69f8109e7256893d71418eddd325436fb8fd64fea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
52060df67101cab2c5e0991d58b4a5bad54c365926fc89d6d47a97d3e5834d09
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58097a2b80aadb4e6392530c9e30bf0f7395e27dbec1d7598a97c64b8e11b069
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b951467b7ed3f7d3a41a7692b0f2cc40a6c267df391b38875f7447d3af6437a
5ba7921effb05d0b041ed4a8d29fe8f9f941e6976214baec08496dea53b888ed
5cbcd38ed0e6b90400eeec682eb41cbfca8d756f635ca053161510770adb7675
5f10deb86c27fc07aa4a863f5a2b5b5f126159552bd3af6ed01bf1e11fb98441
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
66c875ec2551b46bd17fb6210a0e88a871a7d5978a9021945cb6fd84f702e0d8
68913807aacac6ab4cc1e1d9a895a5298450883f0db31d7bb71f4ce077a6feaf
68ee855a9fc7a49e37a4b8b8d58e364f716146a89d0d7438c68fa23bd746f45d
6a44445ce52d083f850b9d5cba806097c167653863034aa33dc8774fcc7b3bf5
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c277eea69ec9bfee9a7bd4aff50550185fc1e5868be9b05d1dab41cd570fae2
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
73cfb0ed71e314a835831530e27ba1fde5609b224781f7dbc2dd3eb9a08603cd
74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5
7998aa11dfb57dbfaaa534bdfc2c13e6e2a0cbc4e944a619581f2a12cc3d5957
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
850c7b23728835e7625f26536e8e04105c494f8122f3e563727b32ce4b7af178
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
877e115d52ac1100602fd1ab3aed78bdb26a3db8995c9e8bcba590409d877ca9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
941fefa67997f20785f8b10da2d423031dc634bd6f446b5456ddc7d2229357a7
96820e59b8353e3074685924bd1f1dbc43a9e4eebf5d107785f3bcec182b69bf
97dc67431dbd3360ea838fecad611a30f540f8389bbd15b89a1e14ba8dbb54aa
97e522d31713d62e061d4d6b17f3e4fb1edf711df3de411e338811585965578c
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
9c8278221147696926ffbde372b3afc957210a7b293caad1cdad02af8795dbc9
9f0dbfe030ed8d9f9bb5d2d5e9cad9c75d19707edfbb5cd36eb9c8d8d93b5b76
a114789344ede7d3ce4e64a8993750f7c6e93e7f6e6104f837d57853570da4e1
a15e530e5c2ecf56f02734b014ea604bc9416bbb6c3ae7370c9fa946252dd593
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3194aa81823c7bd1d45f861c649fd55e5ee0660c4618ec76cf6a3b3990abcab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b13057241e7bc92d2c0f4128b9f576d1ce49e15588d0d2ddaf317ab4420b3e
a557e07f21d1e0db998e74426ff8d4b4f7513600edb19112c69cf784c5dc06fa
a6dd7578bc51758526c11cb18fab8108dd4c71c626dc755283823af395d2996f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad3871884e962fda6a078aeba896f8e8f55686bfa4bd808a08e320ce17f098aa
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
af0a0eb8f73401454e8fb2f5b226992632731df431fedf2998dc2002059f099f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b95c5258150f6bc71af0867b46da7505c757fbe2c78d0817919f752fb6e3899b
bb96d10b4b71a90568c571d4420edd4e2e38e7faf4eafe7f9adba5374c14fc60
c0f37aa23b5971d5177db43e9f187a666ef1875a4e5b111bb84f4421ad4fec16
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c797562ca95bc983870a404cba7fb1fe97e74d94ca21046bb67c62a5029e66d8
c876310bfecc912717f22dcd49365473ef0ac30c6e1fbdc00998811be71dc820
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d5d4a5cfb1aaebd712414dd85dd56aede736edbddf0437271f2e5ccb2544dbc2
d747309169883235d49cfb56b8bc2c7638665404aa28a6dbc5c80ff3971cfe3b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dacb5257a365935127492cd3b165dc17dd12c3021393e9f53b26e49619e3f557
db0eaf5eedb92698a9505b8a03632bd7a61710c2ccb355b15ce034bc804a792c
df245a99c70accc1221fc122005760f844b1a9c85406711144585f463069447f
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
ebce8cc491ecb1502ab428122fafa57b5a2a963e47df27e2f3949ff8afffb065
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

www.theonlinecitizen.com Open in urlscan Pro 2606:4700:20::681a:26f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

98 %HTTPS

67 %IPv6

28 Domains

41 Subdomains

40 IPs

4 Countries

2219 kBTransfer

5703 kBSize

13 Cookies

5 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.theonlinecitizen.com Open in urlscan Pro
2606:4700:20::681a:26f Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

98 %
HTTPS

67 %
IPv6

28
Domains

41
Subdomains

40
IPs

4
Countries

2219 kB
Transfer

5703 kB
Size

13
Cookies

128 HTTP transactions
2 data transactions