booking.mountfaberleisure.com
Open in
urlscan Pro
3.1.126.46
Public Scan
Submission: On April 17 via manual from SG — Scanned from SG
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on November 10th 2023. Valid for: a year.
This is the only time booking.mountfaberleisure.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-126-46.ap-southeast-1.compute.amazonaws.com
booking.mountfaberleisure.com |
ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
gt-media-assets.s3.ap-southeast-1.amazonaws.com |
ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-16.sin2.r.cloudfront.net
go.affec.tv |
ASN29990 (ASN-APPNEX, US)
PTR: secure.datawrkz.com.pxlsrv.net
secure.datawrkz.com |
ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com | |
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: sf-in-f100.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: sh-in-f154.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net
adservice.google.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-130-160.ap-southeast-1.compute.amazonaws.com
map.go.affec.tv |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
mountfaberleisure.com
booking.mountfaberleisure.com |
569 KB |
7 |
adnxs.com
3 redirects
secure.adnxs.com — Cisco Umbrella Rank: 510 ib.adnxs.com — Cisco Umbrella Rank: 263 |
7 KB |
6 |
permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3322 api.permutive.com — Cisco Umbrella Rank: 2523 |
70 KB |
5 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
551 B |
5 |
affec.tv
2 redirects
go.affec.tv — Cisco Umbrella Rank: 6950 map.go.affec.tv — Cisco Umbrella Rank: 7234 |
4 KB |
5 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
446 KB |
4 |
doubleclick.net
3 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 156 |
435 B |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183 |
78 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 |
21 KB |
3 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 160 |
150 B |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 360 |
715 B |
2 |
google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 15594 |
562 B |
2 |
datawrkz.com
2 redirects
secure.datawrkz.com — Cisco Umbrella Rank: 571922 |
440 B |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 124 |
2 KB |
1 |
clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 11894 |
43 KB |
1 |
globaltix.com
product-image.globaltix.com |
639 KB |
1 |
amazonaws.com
gt-media-assets.s3.ap-southeast-1.amazonaws.com |
7 KB |
59 | 17 |
Domain | Requested by | |
---|---|---|
17 | booking.mountfaberleisure.com |
booking.mountfaberleisure.com
|
6 | secure.adnxs.com |
3 redirects
booking.mountfaberleisure.com
go.affec.tv |
5 | api.permutive.com |
cdn.permutive.com
|
5 | www.facebook.com |
booking.mountfaberleisure.com
|
5 | www.googletagmanager.com |
booking.mountfaberleisure.com
www.googletagmanager.com |
4 | connect.facebook.net |
booking.mountfaberleisure.com
connect.facebook.net |
4 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | map.go.affec.tv |
2 redirects
booking.mountfaberleisure.com
|
2 | match.adsrvr.org | 2 redirects |
2 | ad.doubleclick.net | 2 redirects |
2 | www.google.com.sg |
booking.mountfaberleisure.com
|
2 | www.google.com |
1 redirects
booking.mountfaberleisure.com
|
2 | secure.datawrkz.com | 2 redirects |
2 | go.affec.tv |
www.googletagmanager.com
go.affec.tv |
1 | ib.adnxs.com |
cdn.permutive.com
|
1 | cdn.permutive.com |
go.affec.tv
|
1 | adservice.google.com |
booking.mountfaberleisure.com
|
1 | googleads.g.doubleclick.net | 1 redirects |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.clickcease.com |
booking.mountfaberleisure.com
|
1 | product-image.globaltix.com |
booking.mountfaberleisure.com
|
1 | gt-media-assets.s3.ap-southeast-1.amazonaws.com |
booking.mountfaberleisure.com
|
59 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.mountfaberleisure.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.mountfaberleisure.com Amazon RSA 2048 M02 |
2023-11-10 - 2024-12-08 |
a year | crt.sh |
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01 |
2024-01-31 - 2025-01-22 |
a year | crt.sh |
globaltix.com E1 |
2024-02-25 - 2024-05-25 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-25 - 2024-04-24 |
3 months | crt.sh |
affec.tv Amazon RSA 2048 M01 |
2023-07-06 - 2024-08-03 |
a year | crt.sh |
clickcease.com Amazon RSA 2048 M02 |
2023-11-26 - 2024-12-24 |
a year | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2024-02-14 - 2025-03-16 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google.com.sg GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
permutive.com Cloudflare Inc ECC CA-3 |
2023-12-26 - 2024-12-25 |
a year | crt.sh |
api.permutive.com R3 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://booking.mountfaberleisure.com/experiences/product/cable-car-sky-pass-mount-faber-line-sentosa-line/51544
Frame ID: EAA7178A971CAD5C16D3849F5D004BE3
Requests: 59 HTTP requests in this frame
Screenshot
Page Title
Mount Faber Leisure - Attractions & Tours - Cable Car Sky Pass (Mount Faber Line + Sentosa Line)Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Select2 (JavaScript Libraries) Expand
Detected patterns
- select2(?:\.min|\.full)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Cyber Trust Mark (Promoter)
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://secure.datawrkz.com/seg?add=34413347&t=1 HTTP 302
- https://secure.adnxs.com/seg?add=34413347&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D34413347%26t%3D1
- https://secure.datawrkz.com/seg?add=33967860&t=1 HTTP 302
- https://secure.adnxs.com/seg?add=33967860&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D33967860%26t%3D1
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940908200/?random=1808522294&cv=11&fst=1713314517610&bg=ffffff&guid=ON&async=1>m=45be44f0z8830187758za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.mountfaberleisure.com%2Fexperiences%2Fproduct%2Fcable-car-sky-pass-mount-faber-line-sentosa-line%2F51544&label=o-R3CIT15dwBEKi91MAD&hn=www.googleadservices.com&frm=0&tiba=Mount%20Faber%20Leisure%20-%20Attractions%20%26%20Tours%20-%20Cable%20Car%20Sky%20Pass%20(Mount%20Faber%20Line%20%2B%20Sentosa%20Line)&value=0&npa=0&ec_m=body%3E%3Anth-child(4)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Afalse%3A26%3Afalse*1~body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Atrue%3A26%3Afalse*1&ec_sel=body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=STRONG%3Atrue%3A26%3Afalse&ec_lat=3&ec_s=1&pscdl=noapi&auid=1111908233.1713314518&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoDen3Qoa4ygDBPyK_hwAhQiNAbI4OhaonQ&pscrd=IhMIwNTZ-YHIhQMVvYlmAh11bQ1eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vYm9va2luZy5tb3VudGZhYmVybGVpc3VyZS5jb20v HTTP 302
- https://www.google.com/pagead/1p-conversion/940908200/?random=1808522294&cv=11&fst=1713314517610&bg=ffffff&guid=ON&async=1>m=45be44f0z8830187758za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.mountfaberleisure.com%2Fexperiences%2Fproduct%2Fcable-car-sky-pass-mount-faber-line-sentosa-line%2F51544&label=o-R3CIT15dwBEKi91MAD&hn=www.googleadservices.com&frm=0&tiba=Mount%20Faber%20Leisure%20-%20Attractions%20%26%20Tours%20-%20Cable%20Car%20Sky%20Pass%20(Mount%20Faber%20Line%20%2B%20Sentosa%20Line)&value=0&npa=0&ec_m=body%3E%3Anth-child(4)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Afalse%3A26%3Afalse*1~body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Atrue%3A26%3Afalse*1&ec_sel=body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=STRONG%3Atrue%3A26%3Afalse&ec_lat=3&ec_s=1&pscdl=noapi&auid=1111908233.1713314518&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIwNTZ-YHIhQMVvYlmAh11bQ1eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vYm9va2luZy5tb3VudGZhYmVybGVpc3VyZS5jb20v&is_vtc=1&cid=CAQSGwB7FLtq-qmva9TVhzVFPH-Qo8BK38BgiRaK1Q&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoHXo8sxpd8x7BKURqTzyCJPVvuIAsfmK2g&random=3832964286 HTTP 302
- https://www.google.com.sg/pagead/1p-conversion/940908200/?random=1808522294&cv=11&fst=1713314517610&bg=ffffff&guid=ON&async=1>m=45be44f0z8830187758za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbooking.mountfaberleisure.com%2Fexperiences%2Fproduct%2Fcable-car-sky-pass-mount-faber-line-sentosa-line%2F51544&label=o-R3CIT15dwBEKi91MAD&hn=www.googleadservices.com&frm=0&tiba=Mount%20Faber%20Leisure%20-%20Attractions%20%26%20Tours%20-%20Cable%20Car%20Sky%20Pass%20(Mount%20Faber%20Line%20%2B%20Sentosa%20Line)&value=0&npa=0&ec_m=body%3E%3Anth-child(4)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Afalse%3A26%3Afalse*1~body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*STRONG%3Atrue%3A26%3Afalse*1&ec_sel=body%3E%3Anth-child(6)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=STRONG%3Atrue%3A26%3Afalse&ec_lat=3&ec_s=1&pscdl=noapi&auid=1111908233.1713314518&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMIwNTZ-YHIhQMVvYlmAh11bQ1eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Jmh0dHBzOi8vYm9va2luZy5tb3VudGZhYmVybGVpc3VyZS5jb20v&is_vtc=1&cid=CAQSGwB7FLtq-qmva9TVhzVFPH-Qo8BK38BgiRaK1Q&eitems=ChAI8MP4sAYQ8P7YmfqLoNgVEh0AM9CBoHXo8sxpd8x7BKURqTzyCJPVvuIAsfmK2g&random=3832964286&ipr=y
- https://ad.doubleclick.net/ddm/activity/src=12599811;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%20+%20a%20+%20%27?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=12599811;dc_pre=CPrz4fmByIUDFYBaDwId-r0M4A;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%20+%20a%20+%20%27?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 302
- https://adservice.google.com/ddm/fls/z/src=12599811;dc_pre=CPrz4fmByIUDFYBaDwId-r0M4A;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%20+%20a%20+%20%27?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
- https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
- https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D661f1ad5a820910001b8c577%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
- https://map.go.affec.tv/map/an/1368642620088550369?ch=661f1ad5a820910001b8c577&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
- https://map.go.affec.tv/map/ttd/a0606c0f-768f-42ce-aa27-c5dcd1d26282?ttd_puid=&gdpr=0&gdpr_consent=
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
51544
booking.mountfaberleisure.com/experiences/product/cable-car-sky-pass-mount-faber-line-sentosa-line/ |
82 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
booking.mountfaberleisure.com//assets/css/ |
157 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.min.css
booking.mountfaberleisure.com//assets/css/ |
514 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
booking.mountfaberleisure.com//assets/css/mflg/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr.css
booking.mountfaberleisure.com//assets/vendors/flatpickr/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.css
booking.mountfaberleisure.com//assets/vendors/select2/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
booking.mountfaberleisure.com/assets/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mflg_logo.png
gt-media-assets.s3.ap-southeast-1.amazonaws.com/images/gt-forge/mflg/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
04bb0475-14b4-4c50-89d0-e8af9270c05f
product-image.globaltix.com/live-gtImage/ |
638 KB 639 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
booking.mountfaberleisure.com/assets/dist/js/ |
79 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flatpickr.js
booking.mountfaberleisure.com/assets/vendors/flatpickr/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.js
booking.mountfaberleisure.com/assets/vendors/select2/ |
71 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
185 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
350 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.woff2
booking.mountfaberleisure.com//assets/fonts/ |
118 KB 119 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic-Bold.woff2
booking.mountfaberleisure.com//assets/fonts/centurygothic/ |
49 KB 50 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic.woff2
booking.mountfaberleisure.com//assets/fonts/centurygothic/ |
55 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic-Italic.woff2
booking.mountfaberleisure.com//assets/fonts/centurygothic/ |
59 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CenturyGothic-BoldItalic.woff2
booking.mountfaberleisure.com//assets/fonts/centurygothic/ |
53 KB 54 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
options
booking.mountfaberleisure.com/experiences/ |
8 KB 9 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
287 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
310 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
destination
www.googletagmanager.com/gtag/ |
219 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6322c3394d15a31047e594ab
go.affec.tv/j/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stat.js
www.clickcease.com/monitor/ |
142 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 180 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.googleadservices.com/pagead/conversion/940908200/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
659598044517335
connect.facebook.net/signals/config/ |
56 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
8 B 362 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com.sg/pagead/1p-conversion/940908200/ Redirect Chain
|
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px
secure.adnxs.com/ |
0 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
go.affec.tv/per/ |
846 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
src=12599811;dc_pre=CPrz4fmByIUDFYBaDwId-r0M4A;type=invmedia;cat=mflgs0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=%27%2...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 63 B |
Script
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a0606c0f-768f-42ce-aa27-c5dcd1d26282
map.go.affec.tv/map/ttd/ Redirect Chain
|
0 486 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.sg/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1776302552539060
connect.facebook.net/signals/config/ |
20 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 273 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e416bb9-355b-453e-9363-5a08383a8b89-async.js
cdn.permutive.com/ |
243 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getuidj
ib.adnxs.com/ |
29 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geoip
api.permutive.com/v2.0/ |
240 B 352 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f4d84658-af65-4cc7-98ee-e0fc9b978ec8
https://booking.mountfaberleisure.com/ |
48 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a3ba9357-f60b-47cc-89a2-d9eafa15d37a
https://booking.mountfaberleisure.com/ |
48 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5449233991790817
connect.facebook.net/signals/config/ |
30 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 102 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 32 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
identify
api.permutive.com/v2.0/ |
50 B 264 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 19 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
booking.mountfaberleisure.com//assets/images/favicon_mflg/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
audiences
api.permutive.com/audience-matching/v1/id/3dd0cdf6-e388-4f76-b22b-46f021c017a2/ |
12 B 66 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
events
api.permutive.com/v2.0/batch/ |
101 B 129 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
state
api.permutive.com/v1.0/ |
0 34 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| dataLayer object| bootstrap function| flatpickr function| matchCustom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| script string| target object| elem function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData function| loadPiggybacks object| piggybacks object| regeneratorRuntime object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| permutive26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
map.go.affec.tv/map/ttd | Name: oo Value: 1 |
|
map.go.affec.tv/map/an | Name: oo Value: 1 |
|
booking.mountfaberleisure.com/ | Name: oaj9IQFqO71O0DYPY3MOGk5REwMeuTPc Value: e5abc3f1d86c5e4f2b09b2bf485692ac |
|
booking.mountfaberleisure.com/ | Name: gt_forge Value: fe3msulkmiervo44i6q9m1kb9m8ioskn |
|
.mountfaberleisure.com/ | Name: _gcl_au Value: 1.1.1111908233.1713314518 |
|
.mountfaberleisure.com/ | Name: _ga_MR7WK61PLB Value: GS1.1.1713314517.1.0.1713314517.0.0.0 |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: XANDR_PANID Value: lDX4Yx6kWzTdo6sfZjy4LaD_1J5F0vysKHgCh29-Zw5_v7RgEhpyllWWC89ib1Evj_5AObGY2vXMoq4-En4PTXltR57s21kV-XmZ4eih18U. |
|
.adnxs.com/ | Name: uuid2 Value: 1368642620088550369 |
|
.mountfaberleisure.com/ | Name: _ga_K1Z44P1D9D Value: GS1.1.1713314517.1.0.1713314517.0.0.0 |
|
.mountfaberleisure.com/ | Name: _ga Value: GA1.2.1500370992.1713314518 |
|
.mountfaberleisure.com/ | Name: _gid Value: GA1.2.836815823.1713314518 |
|
.mountfaberleisure.com/ | Name: _gat_UA-60583474-1 Value: 1 |
|
.go.affec.tv/ | Name: ck Value: 661f1ad5f1b56c00011a110a |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8D>6NRF']wIg2GVQttJpo!fss0=Ir4A3KL9D3I?.1r3y9B |
|
.go.affec.tv/ | Name: oo Value: 1 |
|
.adsrvr.org/ | Name: TDID Value: a0606c0f-768f-42ce-aa27-c5dcd1d26282 |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwiUpMewvaDvPBAFOAE. |
|
.go.affec.tv/ | Name: pt Value: eyJhbiI6eyJkdCI6MTcxMzMxNDUxNywiaWQiOiIxMzY4NjQyNjIwMDg4NTUwMzY5IiwibHMiOjE3MTMzMTQ1MTd9LCJ0ZCI6eyJkdCI6MTcxMzMxNDUxNywiaWQiOiJhMDYwNmMwZi03NjhmLTQyY2UtYWEyNy1jNWRjZDFkMjYyODIiLCJscyI6MTcxMzMxNDUxN30sInYiOjB9|1713314517|1d967fd32c2de88c5286978b4c29e63cf3bd16d4 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkgASBdLE5CPVIwIXkr27NwROwddTStJnTKo_UTmCwZVR8XAL4iW4Kbz5VBptY |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.mountfaberleisure.com/ | Name: _fbp Value: fb.1.1713314517970.1236154462 |
|
.mountfaberleisure.com/ | Name: permutive-id Value: 3dd0cdf6-e388-4f76-b22b-46f021c017a2 |
|
booking.mountfaberleisure.com/ | Name: AWSALB Value: vRW52aTlq79QWYv027VKz8x86RFDuZv173tBOE6j3E9OBk22hIlNxtBJ3wq765ioxKeGc5uQ+8+pasIRPaevA+9kivi+JUe8bjeLKATSVbylKOggnCm6zrkQ2UFm |
|
booking.mountfaberleisure.com/ | Name: AWSALBCORS Value: vRW52aTlq79QWYv027VKz8x86RFDuZv173tBOE6j3E9OBk22hIlNxtBJ3wq765ioxKeGc5uQ+8+pasIRPaevA+9kivi+JUe8bjeLKATSVbylKOggnCm6zrkQ2UFm |
50 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
api.permutive.com
booking.mountfaberleisure.com
cdn.permutive.com
connect.facebook.net
go.affec.tv
googleads.g.doubleclick.net
gt-media-assets.s3.ap-southeast-1.amazonaws.com
ib.adnxs.com
map.go.affec.tv
match.adsrvr.org
product-image.globaltix.com
secure.adnxs.com
secure.datawrkz.com
stats.g.doubleclick.net
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
103.43.90.53
108.156.133.16
142.250.4.97
142.251.175.154
157.240.235.1
157.240.235.35
172.217.194.106
172.253.118.156
172.67.215.75
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::8b
2404:6800:4003:c1c::61
2404:6800:4003:c1c::9d
2600:9000:200a:7e00:15:a0d3:77c0:93a1
2606:4700::6811:7711
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
3.1.126.46
3.33.220.150
3.5.146.102
34.107.254.252
43.250.0.197
52.220.130.160
64.233.170.154
74.125.200.149
74.125.24.100
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1c1ebc4a5f0d31d36ded952ee2222103fbc99e2fc736748ca0c730c083860991
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
31ab13513083ed85e1a478f5432d7c393f09cbcedb5874af099c64830be235ea
340ef5288df2a59fc1e884f18767f7138d896eb34ea8f3eb22e7a7629b1964eb
3591c2d985e2a6bd50fee4e05acdb6b9e1fec388bfd07ba945ad9de3fb798780
45e4b1b6cbc482361a7dfd35fddcdedc68147ef41d0ad81a8a66e8d0954a45af
45eb51d369c4004a58fcb6f8b291317c5ee520b9236be2840b73fa1378f45615
4614ea85dd845d00136f295c31d1a875e99125f3c8d10139f05c9917a8b74973
47776b637a476dffb9e112cb6637c80729e6db940365f2b922679f9d0bf8de52
4b6a1e597cef84053491409485e7dad2f3eef97389143b3254896c0ed3d14d0c
500885fc62c7cd87142060c9192f58fe607fb724805a411b8f0840ffca2ecf11
59e118a491c44d5d7efe413af48b353abbbefe60f5e2e2fab42c25663636679d
614f7e9f78ca140ed1f5d405b2cba2869a0ff184b73bc1c5cf9b151104343421
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
621495b332d530998ea8379ba9cb2007dcfdf04c864a3aa23b9d4158d290b03c
6902e1ea047dd6c45f5fe863c84f3ec3e062272a66b10e96810f3e3768db7d22
6ecb5332d1ee8447bc764230ffc0adc65e61c06c3eacc6471f8dfc7bef6e8356
72858851dc257b8a5a1e9417b51c19014c84db74f89d484aa5cd8cf662b92f2b
82c89c42c1e97ce55961a5dda066ac5bca13ea035f174ec7ff7f3d62111e3cdc
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8f460c5a7bae8b74e2dcc52aa3a13cf94912329ccf09b5b85774694f31a41420
9c04b5c034013c1a9ad5f9d9abcc1dd59e8237e3e09875cb15d328d20da961fd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b23ded86e82dfec4bef2fb54d34cb6650aba927188161426bfb593e4417361cd
baf47de7b957692555e74e339935346773b50e2f246a20ecadf122b1677ce437
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
bf69d7032130db554dd4a73052a52dae6d36e6b318081521b40c689a15aafb6e
c090cb0c40f7ff8ac94e71ad81db01eccc397981c1a967590940e009e87188ea
c176be6bc99875557afb428af8e0d973ef1aaaebc2a2d862be315689f0005edf
c479bd399696a7923044d68b2052f7e93e6f2142924666c70d167abdb33d7c2c
cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f
d2c28a483b1d2c9d98413cebbb34777354fc69887c06173ca3ce3dd9dfb36b47
d66a3f7203e5d4cc1f81be748f72572d9619e0bbec4b82e9e73709d08fb07433
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91fbc946efb9e05443c79d2c4f314d6ce74474a06345d236fae41f08b5e9462
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f
f8aa22a8a02f645022cdf3dfe8a8873e372b25c8ef17caf01c9e1b1e08e31077
fce08d5d463d7fef85523fcb2573d5edf694a2dd9682dd99ede059f5a245d8e9
ff2b6a18cce9068236f0950ff42a49481b276b0e75c22ae6091f1fc5215e5ad0