bareeqal5alij.hewaaya.com Open in urlscan Pro
2606:4700:3032::6815:1530 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bareeqal5alij.hewaaya.com/user/incomeface84
Submission: On February 15 via manual (February 15th 2023, 4:45:06 am UTC) from US — Scanned from SG

Summary HTTP 90 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 43 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3032::6815:1530, located in United States and belongs to CLOUDFLARENET, US. The main domain is bareeqal5alij.hewaaya.com. The Cisco Umbrella rank of the primary domain is 771374.
TLS certificate: Issued by GTS CA 1P5 on January 25th 2023. Valid for: 3 months.

This is the only time bareeqal5alij.hewaaya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3032::6815:1530	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c03::9d	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	2404:6800:400... 2404:6800:4003:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::9b	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c01::84	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::63	15169 (GOOGLE) (GOOGLE)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.33.33.104 13.33.33.104	16509 (AMAZON-02) (AMAZON-02)
1	13.33.33.31 13.33.33.31	16509 (AMAZON-02) (AMAZON-02)
1	13.33.88.100 13.33.88.100	16509 (AMAZON-02) (AMAZON-02)
1 3	209.191.163.208 209.191.163.208	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
3	52.84.251.78 52.84.251.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4aba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.124.209.251 34.124.209.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	209.191.163.152 209.191.163.152	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 4	13.250.233.33 13.250.233.33	16509 (AMAZON-02) (AMAZON-02)
1 7	18.141.80.142 18.141.80.142	16509 (AMAZON-02) (AMAZON-02)
1 3	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
4 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:df2:a300... 2001:df2:a300:bbbb::136	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:e4:... 2606:4700:e4::ac40:a71f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:1::... 2606:4700:1::6813:854e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	103.231.98.196 103.231.98.196	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	52.221.9.213 52.221.9.213	16509 (AMAZON-02) (AMAZON-02)
1	52.84.251.14 52.84.251.14	16509 (AMAZON-02) (AMAZON-02)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.16.111.154 104.16.111.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	13.213.82.171 13.213.82.171	16509 (AMAZON-02) (AMAZON-02)
1	52.29.227.173 52.29.227.173	() ()
1	35.81.232.231 35.81.232.231	() ()
1 1	18.234.4.255 18.234.4.255	() ()
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1 1	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.205.243 103.229.205.243	() ()
2 2	98.98.134.241 98.98.134.241	() ()
1	69.173.158.64 69.173.158.64	() ()
1	104.69.166.9 104.69.166.9	() ()
1	18.155.68.101 18.155.68.101	16509 (AMAZON-02) (AMAZON-02)
1 1	104.254.148.251 104.254.148.251	() ()
90	36

15 2606:4700:3032::6815:1530 (United States)

ASN13335 (CLOUDFLARENET, US)

bareeqal5alij.hewaaya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c03::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::9a (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::9b (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c01::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::63 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.33.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-104.sin2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-31.sin2.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-100.sin2.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.191.163.208 (United States) 1 redirects

ASN14744 (INTERNAP-BLOCK-4, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.251.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-78.sin5.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.124.209.251 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.250.233.33 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-233-33.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.141.80.142 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::136 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.179 (Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a71f (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.196 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.221.9.213 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.251.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-14.sin5.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.111.154 (None, )

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.213.82.171 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-82-171.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.227.173 (None, )

ASN- ()

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.232.231 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.234.4.255 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.162.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.243 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (None, ) 2 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.166.9 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-101.sin52.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.254.148.251 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1289 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1029 sync.crwdcntrl.net — Cisco Umbrella Rank: 813	27 KB
15	hewaaya.com bareeqal5alij.hewaaya.com — Cisco Umbrella Rank: 771374	123 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	255 KB
7	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1122	4 KB
5	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 630 ce.lijit.com — Cisco Umbrella Rank: 1050 vpod1q.qa.lijit.com Failed	6 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4144 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5165 data-beacons.s-onetag.com — Cisco Umbrella Rank: 13493	14 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 224	11 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 340	2 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 461	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 225 secure.adnxs.com	3 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16545 t.dtscout.com — Cisco Umbrella Rank: 12955	5 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	966 B
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1013 ups.analytics.yahoo.com — Cisco Umbrella Rank: 300	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 777	552 B
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1329	526 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 645	641 B
2	turn.com 2 redirects d.turn.com — Cisco Umbrella Rank: 1272	856 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 417	857 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 85 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16883 s4.histats.com — Cisco Umbrella Rank: 13663	5 KB
2	gstatic.com fonts.gstatic.com	43 KB
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 515	725 B
1	bluekai.com tags.bluekai.com	464 B
1	rubiconproject.com token.rubiconproject.com	676 B
1	mathtag.com 1 redirects sync.mathtag.com	661 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	617 B
1	krxd.net beacon.krxd.net	338 B
1	sharethis.com sync.sharethis.com	549 B
1	truoptik.com dmp.truoptik.com — Cisco Umbrella Rank: 2475
1	userreport.com audex.userreport.com — Cisco Umbrella Rank: 3515	432 B
1	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 20333	468 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 792	605 B
1	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2715
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2528	400 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14517
1	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 23250	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	606 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	950 B
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	amazon-adsystem.com Failed s.amazon-adsystem.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	liadm.com Failed i6.liadm.com Failed i.liadm.com Failed
90	43

	Domain	Requested by
15	bareeqal5alij.hewaaya.com	bareeqal5alij.hewaaya.com
10	sync.crwdcntrl.net	bcp.crwdcntrl.net
8	pagead2.googlesyndication.com	bareeqal5alij.hewaaya.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	ps.eyeota.net	1 redirects
4	match.adsrvr.org	4 redirects
4	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	pixel.tapad.com	3 redirects
3	cm.g.doubleclick.net	1 redirects bcp.crwdcntrl.net
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	ap.lijit.com	1 redirects data-beacons.s-onetag.com
3	get.s-onetag.com	e.dtscout.com get.s-onetag.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	pixel-sync.sitescout.com	2 redirects
2	dpm.demdex.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	ib.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	d.turn.com	2 redirects
2	ce.lijit.com
2	px.ads.linkedin.com	1 redirects
2	t.dtscout.com	e.dtscout.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	secure.adnxs.com	1 redirects
1	aa.agkn.com	bcp.crwdcntrl.net
1	tags.bluekai.com	bcp.crwdcntrl.net
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	a.dtssrv.com	e.dtscout.com
1	um.simpli.fi	1 redirects
1	spl.zeotap.com
1	pixel.onaudience.com	1 redirects
1	t.dtscdn.com	e.dtscout.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.com.sg	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s10.histats.com	bareeqal5alij.hewaaya.com
1	fonts.googleapis.com	bareeqal5alij.hewaaya.com
0	idsync.rlcdn.com Failed	bcp.crwdcntrl.net
0	s.amazon-adsystem.com Failed	bcp.crwdcntrl.net
0	sync.ipredictive.com Failed	bcp.crwdcntrl.net
0	vpod1q.qa.lijit.com Failed	ap.lijit.com
0	i.liadm.com Failed
0	i6.liadm.com Failed
90	57

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.hewaaya.com GTS CA 1P5	`2023-01-25` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
histats.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.s-onetag.com Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.dtscdn.com GTS CA 1P5	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-01` - `2023-07-01`	a year	crt.sh
*.userreport.com Amazon	`2022-12-20` - `2024-01-18`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-02-14` - `2023-08-31`	7 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://bareeqal5alij.hewaaya.com/user/incomeface84
Frame ID: B03E2C8BBD437DABAF3B12B6B3E24B1D
Requests: 48 HTTP requests in this frame

Frame: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676433600
Frame ID: 72A855A812ED8A4685012B693CAEE320
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html
Frame ID: 6FD13D5817BC614EF0F8970AAF85DF54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1676436301&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676436301427&bpp=4&bdt=693&idt=82&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4407595723813&frm=20&pv=2&ga_vid=752383755.1676436302&ga_sid=1676436302&ga_hid=243424722&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31072225%2C31072287%2C44779794%2C31071976&oid=2&pvsid=3188784990327955&tmod=1039955160&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
Frame ID: ADD5FFAAF55896D104941464FAD64DED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0593FA737DE0E2F03AE1B7C95DF2418A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D5852C4816F6E812291FE2E2ECB5DDB
Requests: 2 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301676436303862FFE08388547A2A9
Frame ID: 198F96DFFE7ED03D77098A303EB0E351
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7CABC7CDD614F7D245E01C8D3B55E60C
Requests: 2 HTTP requests in this frame

Frame: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: A1DA7E47AF40CFC44E2E7C72A89EA0C9
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: AF8B1D597B8CB2C9F516D43D671E9522
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Frame ID: 33BF7DBDF84A8C99807CB09A74C1F274
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بريق الخليج

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

69 %
HTTPS

34 %
IPv6

43
Domains

57
Subdomains

36
IPs

6
Countries

498 kB
Transfer

1247 kB
Size

53
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 45

https://pixel.onaudience.com/?partner=137085098&mapped=4C301676436303862FFE08388547A2A9 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=a2d63af09bf92f96

Request Chain 47

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=75015 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=75015&_li_chk=true&previous_uuid=a0099fac60f24ec89da20ad3ac9de227 HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=75015&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR

Request Chain 48

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GKK9CSZHEdnG-UF5SqKDg7DR&rand=59570&pu= HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GKK9CSZHEdnG-UF5SqKDg7DR&rand=59570&pu=&expected_cookie=9a0e23a0-69cb-4d04-9d9e-6917fb87de6e

Request Chain 49

https://um.simpli.fi/lj_match?r=25741 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=03A11D81833A4BC4B9CB8BED738F57B6

Request Chain 50

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=2575 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=2575&_li_chk=true&previous_uuid=4e870245276c4ba1ae7c009b8f13bf68

Request Chain 53

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GKK9CSZHEdnG-UF5SqKDg7DR/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GKK9CSZHEdnG-UF5SqKDg7DR/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=569c2be79933c5fd89ec0ed52412325

Request Chain 54

https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkZNUHJGOGY3NjVxUXVmSGJ4M3dpNWNjcTNzOEdlc0NUdnhfb2luaU5HWk0&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ9E_kswKfiCFjhHfqVxgtg&google_cver=1

Request Chain 57

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=ad56dd58-f1e3-46e1-823b-2894fefcc82a&bid=1e2n4ou

Request Chain 58

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2669022351091686327&newuser=1&referrer_pid=51md42u

Request Chain 59

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=Y_xjUAAAAIgmiwAF HTTP 302
https://ps.eyeota.net/match?uid=Y_xjUAAAAIgmiwAF&bid=0rijhbu&referrer_pid=51md42u&_test=Y_xjUAAAAIgmiwAF

Request Chain 60

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u HTTP 302
https://ps.eyeota.net/match?uid=5495863024256833094&bid=2cr76e1&referrer_pid=51md42u

Request Chain 66

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=569c2be79933c5fd89ec0ed52412325 HTTP 307
https://cm.mgid.com/m?c=569c2be79933c5fd89ec0ed52412325&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 69

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E6D9B595-401D-4D0E-ACDC-1E389C14CBC0&gdpr=0

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad56dd58-f1e3-46e1-823b-2894fefcc82a/gdpr=0/gdpr_consent=

Request Chain 72

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=569c2be79933c5fd89ec0ed52412325&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=569c2be79933c5fd89ec0ed52412325&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ac87daed-bc37-401e-b9d7-935a77f2dc81%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253Dac87daed-bc37-401e-b9d7-935a77f2dc81%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ad56dd58-f1e3-46e1-823b-2894fefcc82a&ttd_puid=ac87daed-bc37-401e-b9d7-935a77f2dc81%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253Dac87daed-bc37-401e-b9d7-935a77f2dc81%2C HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ac87daed-bc37-401e-b9d7-935a77f2dc81

Request Chain 74

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=569c2be79933c5fd89ec0ed52412325&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=569c2be79933c5fd89ec0ed52412325&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=29622473263268028353007880313114169142/gdpr=0

Request Chain 77

https://aorta.clickagy.com/pixel.gif?ch=120&cm=569c2be79933c5fd89ec0ed52412325 HTTP 302
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:9c414d09fb940df06cae8a6b5f08aac5

Request Chain 78

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f08ef056-3f87-4bf7-6968-69b8a226cfba$ip$103.254.153.226&gdpr=0&gdpr_consent=

Request Chain 79

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-.HCRqQpE2pyzXOhCDZqWwgfCgR67nWNIRls-~A&gdpr=0

Request Chain 80

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=525e63ec-6351-4900-943c-c2ec460b59af&src=lot&gdpr=0

Request Chain 81

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347/gdpr=0

Request Chain 87

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/569c2be79933c5fd89ec0ed52412325/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2669022351091686327/gdpr=0

Request Chain 88

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=177801871 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5495863024256833094/gdpr=0/rand=177801871

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request incomeface84 Show response
bareeqal5alij.hewaaya.com/user/ 9 KB
4 KB 675ms
648ms Document
text/html 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf0d616493ed0b6722a75150b6a3a39d01e7dd52269de6f3e0f58f9adf928eaa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 799b643b8fd2a12f-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 15 Feb 2023 04:45:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWm2gk0AYJoYizNu5Hip66thW8YmBUFfv8T151fWGwn3FFNgMrrUa3PcuMRNmijf3X66R5fj9b%2B2o15ym%2F7%2B7uAGMtKExVosmX99o5xy1ZPBuvgvygpVzycljCSP%2Fx1iXjmBONh0J5ZPB1qXqEjsqL9DK%2BiIPFYt"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/ 57 KB
11 KB 16ms
15ms Stylesheet
text/css 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37dc34da0809c1150251a605939830aa9a0bc74d66e8afb335b040f4eb6e7dc2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/user/incomeface84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168842
cf-polished: origSize=72433
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 12 Jan 2019 22:22:42 GMT
server: cloudflare
etag: W/"5c3a68b2-11af1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8X54mhkSeiFeVD7YjmKNfapYtHVmvix1ZLnu5r3a9GNzTWsw%2FSHRCi4jy5OSit2cNcWvNuqprKY2wz0wTlhn2oZ3gsq3kpcFHdPOLUGdss289orKkAsV3POEG1NYoLXdTvhzdLmCA7PBps1oXP1VQ13o4xVnW0o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 799b643f9db9a12f-SIN
expires: Wed, 15 Mar 2023 05:50:58 GMT

GET
H2 200 qa-styles-rtl.css
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/ 6 KB
2 KB 13ms
12ms Stylesheet
text/css 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles-rtl.css?1.8.3
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a0a840d54ebc1a4525af39787c3aa67bdd8a9c75813d0fded90652401dcade5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/user/incomeface84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168842
cf-polished: origSize=7514
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 12 Jan 2019 22:22:42 GMT
server: cloudflare
etag: W/"5c3a68b2-1d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j7SLq7rQfsyHgBKrnNxkgCEhWsbybfsVagD%2FxlMLoDhZ%2Fayp%2FgY9wPXJKTGCE7Tqv0VIAa%2FCFuG7aek9rXgUTAKX02OuqiZuIeSar79BXcGPEIAKESMiU7ZCaMkkdtK%2FWr4mjqhgPxoSLtUX0kT2gZEYhNS0RN0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 799b643f9dbba12f-SIN
expires: Wed, 15 Mar 2023 05:50:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
950 B 17ms
7ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=El+Messiri:wght@400;500;600;700&display=swap

Requested by

Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1604d7fd902f76d2b32dfc2bbdd7a6c6fa0184d5b937af08b546f82701ebb287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 04:45:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Feb 2023 04:45:00 GMT

GET
H3 200 rocket-loader.min.js Show response
bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 7ms
6ms Script
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/user/incomeface84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2023 12:46:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63e4eb3a-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwA1%2B1jHfORC0MMU2dIWoy841MQSaCtnw%2FL9UOrh9Pb08F2hPD73K845Q5%2FUxv2VrCZnfqTlaHNFEWUtlfnQkEfUHG3neThO%2BE5k56ee7bTja8D3ULQfAOo%2FjhB7L%2BtPsXmiSfFBX6YUPTPTMrLQMk0aMWXVBw%2Bo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 799b643fbd934c77-SIN
expires: Fri, 17 Feb 2023 04:45:00 GMT

GET
H3 200 spinner-icon-14x14.gif
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 13ms
13ms Image
image/gif 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781
last-modified: Sat, 12 Jan 2019 22:15:16 GMT
server: cloudflare
etag: "5c3a66f4-1e65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFTbPNrdNQXGeVTpHYsR%2B9K3%2BqF7xoLaL%2BZpj9R5jXt1vGGndOgQIT3O9x1eAJBv1Z5YR%2BjEgIfxIUFKcYzknWVhUT35UPRM6vlBIXcXXjw7w%2FmP3%2Bq5vBRlLDQT%2BnPuGuUFbnpLIj3FsHMniBzZ6NnbbE9IRWay"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 799b643fddbc4c77-SIN
expires: Thu, 16 Mar 2023 12:09:01 GMT

GET
H3 200 fontello.woff
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 638ms
637ms Font
font/woff 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Origin: https://bareeqal5alij.hewaaya.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Jul 2016 22:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "57968c56-1c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXK%2B71wM0Tps1kohncSyCr0MRopcC7csbvTaxRwnyzSveDsOuYSgL51dOw5NI5P3fRIADsJ%2BV7PsLsx1jPuL38a7SzFIw8sW0lNOTGhLarTpI5PNqsbaYdqftWRxT0aDeYPmcX8rXrUVtST1Ucz9F%2BHvx5nK5PdJ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 799b643fddbe4c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H2 200 K2F0fZBRmr9vQ1pHEey6MoiAAhLz.woff2
fonts.gstatic.com/s/elmessiri/v18/ 20 KB
20 KB 19ms
5ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/elmessiri/v18/K2F0fZBRmr9vQ1pHEey6MoiAAhLz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21ea66884a90a9148d3f6e109a6bb1e2bcad851e2a06b46350eb1edefa5a546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bareeqal5alij.hewaaya.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 01:50:38 GMT
x-content-type-options: nosniff
age: 528862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20108
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:08:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 01:50:38 GMT

GET
H2 200 K2F0fZBRmr9vQ1pHEey6Mo2AAg.woff2
fonts.gstatic.com/s/elmessiri/v18/ 23 KB
23 KB 21ms
6ms Font
font/woff2 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/elmessiri/v18/K2F0fZBRmr9vQ1pHEey6Mo2AAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feafd9234c68a7f1d92fee6ec91b0f37668660b83611bf3e91fa73621f56d58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bareeqal5alij.hewaaya.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 22:24:04 GMT
x-content-type-options: nosniff
age: 22856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23296
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 17:51:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 22:24:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 37ms
25ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cc2c6e52a4c5efb45722888e71fde3a06fa31ab6611592d1153a564ec41d41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49358
x-xss-protection: 0
server: cafe
etag: 1457774716763076294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 04:45:00 GMT

GET
H3 200 snow-core.js Show response
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/js/ 1 KB
980 B 13ms
12ms Script
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/js/snow-core.js?1.8.3
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/user/incomeface84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59759
cf-polished: origSize=2383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 12 Jan 2019 22:22:42 GMT
server: cloudflare
etag: W/"5c3a68b2-94f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzxwXho7iK%2FuUNJrcFU7OxdC3LpI6kkPvbbZ6CK9JRUDi18rfKGnZp%2FoV6%2Fcsn2rKr6Miaa7TRR8ARLfXKoXGw3JnMn1YThIJeR9nLVUhwTWxslDL2QNu2yqaq9gOzmvyzgWO%2BQZhZIRPhTDLsrk%2B7N8SSJJGPrp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 799b643feddc4c77-SIN
expires: Thu, 16 Mar 2023 12:09:01 GMT

GET
H3 200 qa-global.js Show response
bareeqal5alij.hewaaya.com/qa-content/ 15 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/qa-content/qa-global.js?1.8.3
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/user/incomeface84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59759
cf-polished: origSize=20550
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 12 Jan 2019 22:22:42 GMT
server: cloudflare
etag: W/"5c3a68b2-5046"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRLDJ6oJvd2oez%2FayxKyDa88ApJO9xmNUmYXZifdAI1QPiMFot82HiXyypoe3IAJlvmU7F6CCSy7Jhgr5Xa7TsqSCT9A3pLZs8rxt9bnqYXG2sprkKJT2brvHCfDIf2ZaRUaO4j6acdODGOR1Bzjl%2BZS0293SKSq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 799b643feddf4c77-SIN
expires: Thu, 16 Mar 2023 12:09:01 GMT

GET
H3 200 jquery-3.3.1.min.js Show response
bareeqal5alij.hewaaya.com/qa-content/ 85 KB
31 KB 17ms
16ms Script
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/qa-content/jquery-3.3.1.min.js
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/user/incomeface84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:26:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 59759
etag: W/"6137aec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib8WiWZG36QggHdqKW1Wz6Ij7Dgi9ig5KH2bt53W1iul%2BpA0o0vD67JT6Nt2%2F8C97uqNmAb74NOY4TJ9c3n%2BkNEQMzgOMCxaDb5vRkNCnlnwdCmG5LLdJgPMOpLsLdSVyg%2FmiCOO1vrzdVcAttwQmdMQP3GuZqSn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 799b643fede34c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 16 Mar 2023 12:09:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 28ms
17ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Requested by

Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22d8719aa9ff6045ed010bf945f9397367a663f123215921061fd3951c159153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Origin: https://bareeqal5alij.hewaaya.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49539
x-xss-protection: 0
server: cafe
etag: 11023691623722809788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 04:45:00 GMT

GET
H3 200 invisible.js Show response
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 72A8 39 KB
17 KB 12ms
11ms Script
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676433600
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a780b8dbf9bd5b3379eeb590762817384c43aed7b4f62994608e814b32a1359

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO5ttrS495uAFtz3Ip%2BaUujc1aA8H46TB8OPKQSU85eNI6XIkrwZW0fu0CaX%2FGwQWLPr5qzpOqPe34Pf3uh6ClyPnyAlimIrrejZg3AwSEzAj6udso5VtDXWXcVFcJAyIwgopLu8uaoW%2FoKOuHu9uLTi7JBWOdut"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 799b643fede64c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 72A8 19 KB
9 KB 10ms
9ms Other
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e0e89a135cbddbe5d3414fb5ab25e8f5ca0e22a2048516d3b5ae945363c774

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:00 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUXKGeOoJLtBCA613IBGFNPOMm9jy9AROWNWOHvdzxge3%2FQ7tRa9qoRQwpEApEz%2B7SbMXwYSd1RRd18z1zOmagymIn2v77FWj3CjASdD%2FIeBp1E4hR6D2CPNwdu6419ubi4wMhLCqqzsexI%2F13uf1BfaJ7uu87Z3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 799b64402e264c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 799b643b8fd2a12f Show response
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 72A8 2 B
684 B 29ms
28ms XHR
text/plain 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/799b643b8fd2a12f
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676433600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txGQPqIiLGnP9Fxcv9kIly41pz732xiuHHITEvoENB1EG3v4%2BDy5xejlB5oeh4YflYsGA4Y5p%2F4E2r7cX2P8e6m4v%2Bk94RQKX7DUlkoezrmmmhHP6J7cYR%2By5hSZSFoWAZTAVXW5hs%2Fc4Yf307ysTKcQ49EOqUkQ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 799b6442496d4c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 757ms
250ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:44:23 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
content-type: application/javascript; charset=UTF-8
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 224757969

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/ 366 KB
120 KB 51ms
50ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

295c14d79fb3a907f612e08d9dd6faf04848ef6cd6b6702700b656035899919f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123016
x-xss-protection: 0
server: cafe
etag: 17388156186018130018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 04:45:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/ Frame 6FD1 10 KB
5 KB 14ms
4ms Document
text/html 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 37412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 18:21:29 GMT
etag: 10353107486223812946
expires: Tue, 28 Feb 2023 18:21:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 invisible.js Show response
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 72A8 35 KB
15 KB 10ms
9ms Script
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676433600
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/incomeface84
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56eed107f102587144e2804a93d535bca000894bcdd9c3e4bfee7757a1a92218

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3ndq6v1nW3g%2F4UD5sCOsXLsCitDe97thgLmG%2BbfT9DU5mywZ6GWJPmT3VOhrZRpIM5cPN7bde2u62W9S9pcFJjjysDJXi9V1EuaDgBNw6L7cOZndwVUcEFhQ3juMfvvdWHlHh%2BJ0kddM7XtdwXVvkkmD9IrGzqc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 799b64441d674c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 72A8 19 KB
9 KB 13ms
10ms Other
application/javascript 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e0e89a135cbddbe5d3414fb5ab25e8f5ca0e22a2048516d3b5ae945363c774

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8q2F0Lxp3ChkFJydYfnfrvqIlmg1qCa47d62T9wjTTQKreuudnEuPh8Ms4SVjtgJgGY6jjqanszKL%2FQkbiq5UUPRlfTaPWoswYTWg5my1cm%2BAhnseRAaZG8lxaTIdjfDlk0ZzVlsc%2B3zGIQzl7fAO68u4%2FAp7Ox"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 799b64444dc54c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
606 B 20ms
6ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bareeqal5alij.hewaaya.com&callback=_gfp_s_&client=ca-pub-8343227950611411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a8f8dffedfe0616a9f94c07e6a349ef49a209904f9522bf14c8f809b485cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 22ms
6ms Script
application/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=bareeqal5alij.hewaaya.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 22ms
7ms Script
application/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bareeqal5alij.hewaaya.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADD5 13 KB
5 KB 174ms
168ms Document
text/html 2404:6800:4003:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1676436301&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676436301427&bpp=4&bdt=693&idt=82&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4407595723813&frm=20&pv=2&ga_vid=752383755.1676436302&ga_sid=1676436302&ga_hid=243424722&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31072225%2C31072287%2C44779794%2C31071976&oid=2&pvsid=3188784990327955&tmod=1039955160&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57cc6d3d4c669ec78ef0d4077fc073a3043d536d9c2b3fd098b42396e2b79cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4886
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 04:45:01 GMT
expires: Wed, 15 Feb 2023 04:45:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 15ms
9ms XHR
application/json 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230213&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c5fea40a6f3d80c9abe971716d3f4633371fd0fe562dda6b4b6769b37727ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11298
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 17ms
6ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 04:45:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0593 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 383992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 18:05:09 GMT
expires: Sat, 10 Feb 2024 18:05:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2D58 783 B
1 KB 21ms
6ms Document
text/html 2404:6800:4003:c04::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2a1a1be85df60fd978094fd66f6a1baa0ab301827bcc8aa1ebf0d53377bf7b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MWWNMNoZkh3XH4iw04MkKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-MWWNMNoZkh3XH4iw04MkKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Feb 2023 04:45:01 GMT
expires: Wed, 15 Feb 2023 04:45:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0593 36 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 554132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14458
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 17:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 18:49:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2D58 0
0 6ms
5ms Image
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230213&jk=3188784990327955&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0593 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XPu9rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 799b643b8fd2a12f Show response
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 72A8 2 B
682 B 25ms
24ms XHR
text/plain 2606:4700:3032::6815:1530
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/799b643b8fd2a12f
Requested by: Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676433600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1530 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Feb 2023 04:45:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4J6qZ7mbXic61pBEcbMK%2BZ4rupkCJhYGsaLENhyHZquBmCivkr%2BL%2BYj492pBQWLwIHaLSjNoTimtqLQZhc%2FBb5K8esmq0cqopTNO%2FiTYLa1qTYYDv987NawhCmPfW3VKJ9OtiboHB6hnH6CZ1kCqTIcUY7Kx75T"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 799b64468a0e4c77-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 6ms
6ms Image
image/gif 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-8343227950611411&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=false&a=6%2C1%2C5%2C7&apv=20230213_093457&sat=1676402649807&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=23&fd=(0%2C8%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=n&su=bareeqal5alij.hewaaya.com&pvc=3188784990327955&r=0.1&eid=44759876%2C44759842%2C44759927%2C31072225%2C31072287%2C44779794%2C31071976

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 378 B
513 B 764ms
253ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4631733&@f16&@g1&@h1&@i1&@j1676436302175&@k0&@l1&@m%D8%A8%D8%B1%D9%8A%D9%82%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:17317297&@b3:1676436302&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: 763c7f871382fc9967f91199a2d276666b32acee7fa1b85ceb1d51e5985d9a88

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 04:45:02 GMT
Connection: close
Content-Length: 378
Content-Type: text/html;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 7ms
7ms Image
text/html 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230213&jk=3188784990327955&bg=!paalpvLNAAYuhb89DoU7ADkAdvg8WkMgcFxxxinQOSq6YHLHiDurqZ-aMoGlhCeNfwk0eTLQc5e0vssREdnaaSgwr0UJHlQP4H8CAAAAS1IAAAACaAEHCgAdvrk-KAkyzB13s6HlTnLAFkRZtWEF-utWHXDFgXWZArXyNNy9R-ikqJdmBy5o0Fky6QVHSuqWlUNpR1FFYTM7iMo-3RQJQac-WX247rwLPaF4_YOG4ZgVnME-K38GiiRGAvZtMJTntUDsyaPCWt1y2SZDc6gQW3vnLz0v-UL44T8EWd9R3NzAlXvFGDrL-K7s9Al2zR3_4W81G9fUjZWiswFtlQhA0KVakVwzGkBdVBxVFayEGJaC6Umd5jHyiYsNNUGzxgs7gn49RRR616yTLTg_PeelxGJmCyDg5uNyO2epcE1468jTBLKnaH8R0cS7F-nHLdofo38GVqcot-5YkBk7axD6_Lhxmpu96AIY6ScZLRbUPwa_4eMtLoD7Cn4UrNfcUvtT-L_T0GyP4Bv36jgXa-ElIF6xkObJ9s5ZSKB7zJx0-dAhMlbQljCAN8pMWAUjN5QdZj5ogx4QTVXqv0IHNOr9c5coFUZT11wjuJceIKjsrFa348PD8kNXQfLRA7LvkmEr5CXEGfhYrsgJWZZvL6N11c-ldbO_SpbuZLLd78gH4_4Pu7TOMJW_Oxiinb9VYoH0b2DuLeTRk6cERglRuJ77qJmI9GJE8F1fWMk_NEKzjtFmKFtn0tU12UQgfsBybv0aGwvlpvYHnVjF6Ebqp7Zooj-771T-iEVG_EKs-R_JmrLN7GTjdJq7xARmKv6qQEabupJYkCsQRn6HpyMl5tnuCkrrofkIgONF0fS5YnBUGdA9Sv8IUH_RCazwLB5-UFp-D3eMyrz5Il98Y7hgasz6x-hj6fay6HsspS0HsyTIyETKrb8VKw6n8TTGSu2a7BVUQ1JmjWoeQ81mkGkGESOqHWnNCHZitK5B1Ndua6iG1bgpJxq-tvLIMoYRroXuaG9uX9k1ZAxRysn0FElEUflb_Eg4njmPwUiKV2H1otcV3FmGr3e4Wz5vPCc0LnVo9vc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
3 KB 488ms
469ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4631733&@f16&@g1&@h1&@i1&@j1676436302175&@k0&@l1&@m%D8%A8%D8%B1%D9%8A%D9%82%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:17317297&@b3:1676436302&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd5593387a3217b33f239d4b3efdea1697cbfe50ba93a97b91598ed45fdfc35

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:03 GMT
x-t: 0.476
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGl4GNjgRnL4ochD8TA2eeWWt6xLwqc8SUTh%2BtO2qmGNH53qNiPKw5CddngTXPhJeXpUktvH1TozyUoQJZ7md5TmvQN4BubNr%2FtOyHVSfJUAo6l70xYJAE3jwQo2LLrJsHr42UUKzCG8Gyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl3
cf-ray: 799b644d8cc39fd3-SIN
expires: Wed, 15 Feb 2023 04:45:02 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 198F 1 KB
740 B 480ms
474ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=4C301676436303862FFE08388547A2A9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f48eced2d445c357bf58d50c2db363bd25e79893e596426f47c1af748f95ca1

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 799b6450892c9fd3-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 Feb 2023 04:45:03 GMT
expires: Wed, 15 Feb 2023 04:45:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BkMDB5BBoDZXIym%2FViI5RyAZ2YsgHgFIKmeydoCK5soG%2FS%2FsvBNa4zu742EaOzNbycPokLJBkskyZnU%2Fuq1EVMquiv90rLXYrWzUdDfmvzQI5PYkltXEJLEyx3NFS0b7ZPI89T0KMP4HNI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 20ms
4ms Script
text/javascript 13.33.33.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-104.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding: gzip
via: 1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date: Tue, 14 Feb 2023 19:19:46 GMT
last-modified: Thu, 25 Aug 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 33917
x-amz-server-side-encryption: AES256
etag: W/"c722c8e06c3a9be75b009576c49f7792"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: fVE24GVn38egI0TEWOXKyZmXdFkM4_-Xh3iBjwtnf2-4kfr1wKtipw==

GET
H2 200 / Show response
t.dtscout.com/pv/ 50 B
340 B 470ms
465ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bareeqal5alij.hewaaya.com&_ss=4aoibheatg&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=2fxx&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edf449331bfc4d5885350b86ed2f3bbfe51b22ee211416222c44110aa7fe2f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:03 GMT
x-t: 0.134
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgNb0BdCy4WtqnbtNmt8Sr122sUmYeRFWHrCBRYS0NuUkX9EZ97h%2BDo2O13bvDkXLZdyoKkvyHhCbzNzuAQ2CYUln4rQHsChc5jwy9b98gZWSYu2Qn287LNtnY%2Bt2s0vwns3tHGP1q7IVZE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 799b6450892d9fd3-SIN
expires: Wed, 15 Feb 2023 04:45:02 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
948 B 72ms
4ms Fetch
application/json 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: /
Resource Hash: c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 12:29:58 GMT
via: 1.1 e8cd61c9b2a785e4fc8167b0177016b8.cloudfront.net (CloudFront), 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1, SIN2-P1
age: 58505
x-amzn-requestid: 6459087f-b31e-485a-a3b5-8170e5d8f438
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: AVC_EGdOCYcFmwg=
content-length: 535
x-amz-cf-id: xST4vsUGoxUZxyRoaxoJyL9yVcXqRoRXe96GnIpiu_c8bM5OoAkSNw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 72ms
3ms Script
text/javascript 13.33.88.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-100.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding: gzip
via: 1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
date: Wed, 15 Feb 2023 04:26:01 GMT
last-modified: Mon, 30 Jan 2023 17:09:16 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 1143
etag: W/"b33b67ced6b706568683ecea83e198c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: h68MMspN16oGdBUqoTHQ0j7bdv-VokUGD_rQdxrt7FqoPhiPko5uRg==

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
473 B

177ms
177ms

Fetch
application/json

209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol: HTTP/1.1
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: /
Resource Hash: f9baa48a57d4c147298737cb13b6792fe6cfdbc3bb701ca5c3c73e83856b087c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bareeqal5alij.hewaaya.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Wed, 15 Feb 2023 04:45:04 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://bareeqal5alij.hewaaya.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 52 KB
16 KB 26ms
5ms Script
text/javascript 52.84.251.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-78.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 19:35:10 GMT
content-encoding: gzip
via: 1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 32994
etag: W/"d92273856cbc8d3aad0c2259f9be9a68"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 8k-f6_i2gJQFXBCZvDvhhxfiV-PJiu5EqJYtkWKw17nJFi8m0Flj_A==

GET
H2 503 /
t.dtscdn.com/widget/ 0
0 310ms
288ms Script
text/html 2606:4700:20::ac43:4aba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C301676436303862FFE08388547A2A9&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

/
spl.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=4C301676436303862FFE08388547A2A9
https://spl.zeotap.com/?zdid=1332&zcluid=a2d63af09bf92f96

0
0

95ms
77ms

Image
text/html

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=a2d63af09bf92f96
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=a2d63af09bf92f96
content-length: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 1038ms
1022ms XHR
application/json 52.84.251.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-78.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Feb 2023 04:45:05 GMT
content-encoding: gzip
via: 1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
etag: W/"6db43f44304c37d76768275ee4f01ba4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age: 86400
x-amz-cf-id: 42R8gvxYLVspTi5O1L_voy2eIWOlBp5pIE-IBKLGRmd8EwTzY8Ro6A==

GET

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=75015
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=75015&_li_chk=true&previous_uuid=a0099fac60f24ec89da20ad3ac9de227
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=75015&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR

0
0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GKK9CSZHEdnG-UF5SqKDg7DR&rand=59570&pu=
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GKK9CSZHEdnG-UF5SqKDg7DR&rand=59570&pu=&expected_cookie=9a0e23a0-69cb-4d04-9d9e-6917fb87de6e

0
142 B

181ms
181ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GKK9CSZHEdnG-UF5SqKDg7DR&rand=59570&pu=&expected_cookie=9a0e23a0-69cb-4d04-9d9e-6917fb87de6e
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 40390B4F66DA4B51A198F6DA08261E1F Ref B: SIN30EDGE0411 Ref C: 2023-02-15T04:45:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0tb5uowe3AMDF2yLruw==

Redirect headers

date: Wed, 15 Feb 2023 04:45:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 32D3828042944F2486B4F79406C4A3F2 Ref B: SIN30EDGE0411 Ref C: 2023-02-15T04:45:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=15697&puuid=GKK9CSZHEdnG-UF5SqKDg7DR&rand=59570&pu=&expected_cookie=9a0e23a0-69cb-4d04-9d9e-6917fb87de6e
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0tb5sAx+Ne02/yfw74A==

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=25741
https://ce.lijit.com/merge?pid=2&3pid=03A11D81833A4BC4B9CB8BED738F57B6

43 B
684 B

538ms
180ms

Image
image/gif

209.191.163.152
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=03A11D81833A4BC4B9CB8BED738F57B6
Protocol: HTTP/1.1
Server: 209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
pod: X-Sovrn-Pod: ad_ap1sfo1
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 15 Feb 2023 04:45:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=03A11D81833A4BC4B9CB8BED738F57B6
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 14 Feb 2023 04:45:04 GMT

GET

57333
i.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=2575
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=2575&_li_chk=true&previous_uuid=4e870245276c4ba1ae7c009b8f13bf68

0
0

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7CAB 85 B
480 B 4ms
3ms Document
text/html 13.33.33.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-104.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 377007
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 10 Feb 2023 20:01:38 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id: 3wrUXeglOTKXtitsSRIZ5JsRCursD9BG33cWOSQ4h8gZmDdQzrpIlQ==
x-amz-cf-pop: SIN2-P1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7CAB 766 B
1 KB 8ms
5ms Script
text/javascript 13.33.33.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-104.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 07 Feb 2023 02:50:52 GMT
via: 1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 698052
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: RmaDTuXd2aL4IHvCFq0hqjKlrC4r8Sqps2wMCUmvFa2BdUxgqtxgYQ==

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GKK9CSZHEdnG-UF5SqKDg7DR/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GKK9CSZHEdnG-UF5SqKDg7DR/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=569c2be79933c5fd89ec0ed52412325

43 B
686 B

533ms
178ms

Image
image/gif

209.191.163.152
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=569c2be79933c5fd89ec0ed52412325
Protocol: HTTP/1.1
Server: 209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
pod: X-Sovrn-Pod: ad_ap1sfo1
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=569c2be79933c5fd89ec0ed52412325
cache-control: no-cache
x-server: 10.42.9.17
content-length: 0
expires: 0

GET
H/1.1

200
OK

/ Show response
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0

873 B
1 KB

7ms
7ms

Script
application/javascript

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Protocol: HTTP/1.1
Server: 18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: b2176f47e15e2a55fe0252f64a286e190de875eb9dc4d57c52ad4b40027c88d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Length: 873
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 12 KB
4 KB 178ms
178ms Script
text/javascript 209.191.163.208
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: nginx /
Resource Hash: f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Mar 2020 17:51:39 GMT
Server: nginx
ETag: W/"5e628dab-2e98"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 22 Feb 2023 04:45:04 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkZNUHJGOGY3NjVxUXVmSGJ4M3dpNWNjcTNzOEdlc0NUdnhfb2luaU5HWk0&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ9E_kswKfiCFjhHfqVxgtg&google_cver=1

70 B
440 B

5ms
5ms

Image
image/gif

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ9E_kswKfiCFjhHfqVxgtg&google_cver=1
Protocol: HTTP/1.1
Server: 18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEJ9E_kswKfiCFjhHfqVxgtg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=ad56dd58-f1e3-46e1-823b-2894fefcc82a&bid=1e2n4ou

70 B
440 B

11ms
6ms

Image
image/gif

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ad56dd58-f1e3-46e1-823b-2894fefcc82a&bid=1e2n4ou
Protocol: HTTP/1.1
Server: 18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=ad56dd58-f1e3-46e1-823b-2894fefcc82a&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2669022351091686327&newuser=1&referrer_pid=51md42u

70 B
440 B

5ms
5ms

Image
image/gif

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2669022351091686327&newuser=1&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 15 Feb 2023 04:45:05 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2669022351091686327&newuser=1&referrer_pid=51md42u
pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=Y_xjUAAAAIgmiwAF
https://ps.eyeota.net/match?uid=Y_xjUAAAAIgmiwAF&bid=0rijhbu&referrer_pid=51md42u&_test=Y_xjUAAAAIgmiwAF

70 B
440 B

10ms
9ms

Image
image/gif

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=Y_xjUAAAAIgmiwAF&bid=0rijhbu&referrer_pid=51md42u&_test=Y_xjUAAAAIgmiwAF
Protocol: HTTP/1.1
Server: 18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-bkk2310024-BKK
pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1676436305.919316,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=Y_xjUAAAAIgmiwAF&bid=0rijhbu&referrer_pid=51md42u&_test=Y_xjUAAAAIgmiwAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u
https://ps.eyeota.net/match?uid=5495863024256833094&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

11ms
6ms

Image
image/gif

18.141.80.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5495863024256833094&bid=2cr76e1&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 15 Feb 2023 04:45:04 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Wed, 15 Feb 2023 04:45:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.226; 103.254.153.226; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 47dd4c24-da6f-48d3-b57a-5bd0c3b6a9a4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ps.eyeota.net/match?uid=5495863024256833094&bid=2cr76e1&referrer_pid=51md42u
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET beacon
vpod1q.qa.lijit.com/ Frame A1DA 0
0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 314 B
1 KB 60ms
60ms XHR
application/json 13.250.233.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.233.33 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-233-33.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2553f2454d4da428abc3f6ba2d900827b55df347aea22e410c38e8999dd0df91

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bareeqal5alij.hewaaya.com
cache-control: no-cache
x-server: 10.42.25.156
access-control-allow-credentials: true
content-length: 314
expires: 0

POST
H2 200 a
a.dtssrv.com/ 0
468 B 268ms
249ms Ping
text/html 2606:4700:e4::ac40:a71f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=4C301676436303862FFE08388547A2A9&k=lotpano&v=a5fb8a809f03e78129e54ff4ba7c16d53938ad4bb50de85bdff9840d2674f591
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a71f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bareeqal5alij.hewaaya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:45:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho%2F%2F96PdKPlDKEbq1mg4xlRKvg%2F48MLjmOQrRBaNEzc8gY0InRNoUVmBz1XH4frq3DaWoABVzmXXXEBqCBaYUUI0Zy3PD9R1i62cWcDbQwqtHV4IXrtW4UcTcBiEhp04lcjAKwzidQTaqi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 799b645acf6c8944-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame AF8B 2 KB
1 KB 5ms
5ms Document
text/html 52.84.251.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-78.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer: https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 32996
cache-control: max-age: 86400
content-encoding: gzip
content-type: text/html
date: Tue, 14 Feb 2023 19:35:10 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
x-amz-cf-id: NMPzcp4pLgFMV8aH3fE5jwkd5ANbdNKCbVpGL-Zue2LpaFyI-epfQw==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 33BF 4 KB
4 KB 5ms
5ms Document
text/html 13.250.233.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.233.33 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-233-33.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: df80ca1466954b504a9de241e0acab0599adc29e4a8127832888d858dd4ccbbc

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-length: 4052
content-type: text/html
date: Wed, 15 Feb 2023 04:45:05 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.25.150

GET
H2

200

m
cm.mgid.com/ Frame 33BF
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=569c2be79933c5fd89ec0ed52412325
https://cm.mgid.com/m?c=569c2be79933c5fd89ec0ed52412325&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
157 B

219ms
219ms

Image
image/gif

2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=569c2be79933c5fd89ec0ed52412325&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 799b645c6f69885b-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=569c2be79933c5fd89ec0ed52412325&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 799b645afd5c885b-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 33BF 0
0

GET dcm
s.amazon-adsystem.com/ Frame 33BF 0
0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 33BF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E6D9B595-401D-4D0E-ACDC-1E389C14CBC0&gdpr=0

49 B
264 B

55ms
54ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E6D9B595-401D-4D0E-ACDC-1E389C14CBC0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.18.34
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E6D9B595-401D-4D0E-ACDC-1E389C14CBC0&gdpr=0
date: Wed, 15 Feb 2023 04:45:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad56dd58-f1e3-46e1-823b-2894fefcc82a/gdpr=0/ Frame 33BF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad56dd58-f1e3-46e1-823b-2894fefcc82a/gdpr=0/gdpr_consent=

49 B
265 B

31ms
13ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad56dd58-f1e3-46e1-823b-2894fefcc82a/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.4.162
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=ad56dd58-f1e3-46e1-823b-2894fefcc82a/gdpr=0/gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 249

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 33BF 43 B
432 B 198ms
162ms Image
image/gif 52.84.251.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=569c2be79933c5fd89ec0ed52412325
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-14.sin5.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 04:45:05 GMT
Via: 1.1 ae495479ab117e6473f411eb6dd0ba98.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: SIN5-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: mHei5DobAEOXckPkWjEHfpCYw49nySJB3yfcvYsLsXNvntidjtUXnA==

GET
H2

200

tpid=ac87daed-bc37-401e-b9d7-935a77f2dc81
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 33BF
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=569c2be79933c5fd89ec0ed52412325&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpi...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=569c2be79933c5fd89ec0ed52412325&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ac87daed-bc37-401e-b9d7-935a77f2dc81%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ad56dd58-f1e3-46e1-823b-2894fefcc82a&ttd_puid=ac87daed-bc37-401e-b9d7-935a77f2dc81%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ac87daed-bc37-401e-b9d7-935a77f2dc81

49 B
265 B

13ms
13ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ac87daed-bc37-401e-b9d7-935a77f2dc81
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.17.118
content-length: 49
expires: 0

Redirect headers

date: Wed, 15 Feb 2023 04:45:05 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=ac87daed-bc37-401e-b9d7-935a77f2dc81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 33BF 0
0 31ms
11ms Image
text/html 104.16.111.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.111.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=29622473263268028353007880313114169142/ Frame 33BF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=569c2be79933c5fd89ec0ed52412325&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=569c2be79933c5fd89ec0ed52412325&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID...
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=29622473263268028353007880313114169142/gdpr=0

49 B
264 B

7ms
7ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=29622473263268028353007880313114169142/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.24.15
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-apse-2-v043-0fa4601c8.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vuTFhir8TSo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=29622473263268028353007880313114169142/gdpr=0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 33BF 42 B
549 B 657ms
161ms Image
image/gif 52.29.227.173

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=569c2be79933c5fd89ec0ed52412325&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.227.173 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 04:45:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHsAAmPsY1EAAAAIHFckAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 33BF 0
338 B 743ms
208ms Image
text/plain 35.81.232.231

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=569c2be79933c5fd89ec0ed52412325
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.81.232.231 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: beacon-n005-pdx-prod.krxd.net
date: Wed, 15 Feb 2023 04:45:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1676436305
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET

420246.gif
idsync.rlcdn.com/ Frame 33BF
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=569c2be79933c5fd89ec0ed52412325
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347
https://idsync.rlcdn.com/420246.gif?partner_uid=c:9c414d09fb940df06cae8a6b5f08aac5

0
0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 33BF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f08ef056-3f87-4bf7-6968-69b8a226cfba$ip$103.254.153.226&gdpr=0&gdpr_consent=

49 B
265 B

9ms
9ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f08ef056-3f87-4bf7-6968-69b8a226cfba$ip$103.254.153.226&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.18.139
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f08ef056-3f87-4bf7-6968-69b8a226cfba$ip$103.254.153.226&gdpr=0&gdpr_consent=
Date: Wed, 15 Feb 2023 04:45:05 GMT
Connection: keep-alive
Content-Length: 169
Content-Type: text/html; charset=utf-8

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 33BF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-.HCRqQpE2pyzXOhCDZqWwgfCgR67nWNIRls-~A&gdpr=0

49 B
264 B

8ms
7ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-.HCRqQpE2pyzXOhCDZqWwgfCgR67nWNIRls-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.30.66
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-.HCRqQpE2pyzXOhCDZqWwgfCgR67nWNIRls-~A&gdpr=0
date: Wed, 15 Feb 2023 04:45:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 33BF
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=525e63ec-6351-4900-943c-c2ec460b59af&src=lot&gdpr=0

49 B
265 B

12ms
12ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=525e63ec-6351-4900-943c-c2ec460b59af&src=lot&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.23.145
content-length: 49
expires: 0

Redirect headers

Date: Wed, 15 Feb 2023 04:45:05 GMT
Server: MT3 457 2362390 master nrt-pixel-x18 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=525e63ec-6351-4900-943c-c2ec460b59af&src=lot&gdpr=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 15 Feb 2023 04:45:04 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347/ Frame 33BF
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347/gdpr=0

49 B
265 B

8ms
8ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.24.242
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=60b9adaa-530d-4a4c-a3aa-66d29b7b4958-63ec6351-5347/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 33BF 0
676 B 174ms
5ms Image
text/plain 69.173.158.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=569c2be79933c5fd89ec0ed52412325&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 33BF 170 B
243 B 9ms
7ms Image
image/png 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTY5YzJiZTc5OTMzYzVmZDg5ZWMwZWQ1MjQxMjMyNQ&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame 33BF 62 B
464 B 205ms
186ms Image
image/gif 104.69.166.9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=78c830f539cad9110fc75a72db7b33e9
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.69.166.9 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 15 Feb 2023 04:45:05 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 33BF 108 B
725 B 202ms
166ms Script
application/json 18.155.68.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-101.sin52.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 6544d0492adb33c3b922e497842f62fd4630d48368943d96863adfcc36df6b95

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: SIN52-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 108
x-amz-cf-id: bmS9mqggUeVGq7jmQxF2mLaFVflsUF1vzBO9Ux7o7yzpO7RIYZ02Sw==
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 33BF 170 B
232 B 11ms
9ms Image
image/png 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=NTY5YzJiZTc5OTMzYzVmZDg5ZWMwZWQ1MjQxMjMyNQ&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2669022351091686327/ Frame 33BF
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/569c2be79933c5fd89ec0ed52412325/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2669022351091686327/gdpr=0

49 B
265 B

8ms
7ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2669022351091686327/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.24.145
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2669022351091686327/gdpr=0
pragma: no-cache
date: Wed, 15 Feb 2023 04:45:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=177801871
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5495863024256833094/gdpr=0/ Frame 33BF
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=177801871
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5495863024256833094/gdpr=0/rand=177801871

49 B
265 B

8ms
8ms

Image
image/gif

52.221.9.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5495863024256833094/gdpr=0/rand=177801871
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C153%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C79%2C54%2C41%2C38%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 52.221.9.213 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-9-213.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 04:45:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.26.245
content-length: 49
expires: 0

Redirect headers

Date: Wed, 15 Feb 2023 04:45:06 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.254.153.226; 103.254.153.226; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 30bf40c9-541d-41c3-aacf-2d28ef8ed298
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5495863024256833094/gdpr=0/rand=177801871
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i6.liadm.com
URL: https://i6.liadm.com/s/59074?bidder_id=204553&rnd=75015&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR

Domain: i.liadm.com
URL: https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GKK9CSZHEdnG-UF5SqKDg7DR&rnd=2575&_li_chk=true&previous_uuid=4e870245276c4ba1ae7c009b8f13bf68

Domain: vpod1q.qa.lijit.com
URL: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=569c2be79933c5fd89ec0ed52412325

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:9c414d09fb940df06cae8a6b5f08aac5

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bareeqal5alij.hewaaya.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lhm6lfgnbg37qlhg6n5k3p9ooq
bareeqal5alij.hewaaya.com/	1970-01-20 09:43:29	Name: qa_key Value: yyygo8gf3p11ltz1537jfmxoyk02zgwz
.hewaaya.com/	1970-01-20 19:02:12	Name: __gads Value: ID=57c7a07dcf96eeab-22e2c853c6d900cc:T=1676436301:RT=1676436301:S=ALNI_MZ4YLg4JKX_OEwL_vZuV1GDKjYVyA
.hewaaya.com/	1970-01-20 19:02:12	Name: __gpi Value: UID=00000bc3e3efd1c0:T=1676436301:RT=1676436301:S=ALNI_Mb5h-tMKQRWa50CD5jCKRWXLHFtkA
.hewaaya.com/	1970-01-20 09:40:38	Name: __cf_bm Value: 71oSJvOlnglCD2uh730LxfGWqRcOxkEtvcY_A0NqLtA-1676436301-0-AdLT+br8UvMc4y9rr43WQRonCLDc8ixzdh/4vosgrqTUrv5+YNz7fxPQSPqzbVcTKzGMmAo72QBEhHWwCQbLucUAFYQGyP1rxKQ8IkmreCn5Xfw0/wMKcBd7O4tNJ2Zan8xlKxCzcKPugiI4qPD5lbU=
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstCfa4631733 Value: 1676436302175
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstCla4631733 Value: 1676436302175
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstCmu4631733 Value: 1676436302175
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstPn4631733 Value: 1
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstPt4631733 Value: 1
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstCnv4631733 Value: 1
bareeqal5alij.hewaaya.com/	1970-01-20 18:26:12	Name: HstCns4631733 Value: 1
.dtscout.com/	1970-01-20 09:40:41	Name: m Value: 1
.dtscout.com/	1970-01-20 09:40:50	Name: oa Value: 1
.dtscout.com/	1970-01-20 12:04:36	Name: df Value: 1676436303
.dtscout.com/	1970-01-20 11:48:45	Name: l Value: 4C301676436303862FFE08388547A2A9
.hewaaya.com/	1970-01-20 11:45:53	Name: __dtsu Value: 4C301676436303862FFE08388547A2A9
.hewaaya.com/	1970-01-20 09:40:36	Name: lotame_domain_check Value: hewaaya.com
.lijit.com/	1970-01-20 18:26:12	Name: ljt_reader Value: GKK9CSZHEdnG-UF5SqKDg7DR
.simpli.fi/	1970-01-20 18:27:38	Name: suid Value: 03A11D81833A4BC4B9CB8BED738F57B6
.eyeota.net/	1970-01-20 18:26:12	Name: mako_uid Value: 1865363f287-2236000001084c38
.eyeota.net/	1970-01-20 09:40:36	Name: SERVERID Value: 19512~DM
.crwdcntrl.net/	1970-01-20 16:09:22	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 16:09:22	Name: _cc_id Value: 569c2be79933c5fd89ec0ed52412325
.adsrvr.org/	1970-01-20 18:26:12	Name: TDID Value: ad56dd58-f1e3-46e1-823b-2894fefcc82a
.adnxs.com/	1970-01-20 11:50:12	Name: uuid2 Value: 5495863024256833094
.doubleclick.net/	1970-01-20 19:16:36	Name: IDE Value: AHWqTUmXWqeS_5GA3WpWLGOWBkbv-HlxxI-tPudGbasGqz-FOZA3rn3koWGLx-TyfW0
.linkedin.com/	1970-01-20 11:50:12	Name: li_sugr Value: 9a0e23a0-69cb-4d04-9d9e-6917fb87de6e
.linkedin.com/	1970-01-20 18:26:12	Name: bcookie Value: "v=2&ca443b92-6cc8-423e-8756-7d9c5ba1fabd"
.linkedin.com/	1970-01-20 09:42:02	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2433:u=1:x=1:i=1676436304:t=1676522704:v=2:sig=AQFGtoiaX2gJPvptCbJ-HveRgCqWjZyS"
.everesttech.net/	1970-01-20 18:26:12	Name: everest_g_v2 Value: g_surferid~Y_xjUAAAAIgmiwAF
.onaudience.com/	1970-01-20 18:26:12	Name: cookie Value: a2d63af09bf92f96
.onaudience.com/	1970-01-20 09:42:02	Name: done_redirects219 Value: 1
.lijit.com/	1970-01-20 18:26:12	Name: _ljtrtb_2 Value: 03A11D81833A4BC4B9CB8BED738F57B6
.crwdcntrl.net/	1970-01-20 16:09:24	Name: _cc_cc Value: "ACZ4XmOQNzWzTDZKSjW3tDQ2TjZNS7GwTE02SE0xNTIxNDI2MmUAguQ3yYH%2FgYAfxAEDrvNHDzEz7dFi%2BM%2FI%2BFEWRDLs3ndZAFXk%2BXl1VIG2L5aoAocXz2FBFXm3BF3kQ8N9NHM%2Fnjilgarr78YpaOY8wzAZAK9hTBk%3D"
.crwdcntrl.net/	1970-01-20 16:09:24	Name: _cc_aud Value: "ABR4XmNgYGBIfpMcCKQggI2BgWsGmLmoFUQyas2GULNAFJ%2B7A5j3sB5IAgDcNAdU"
.hewaaya.com/	1970-01-20 16:09:24	Name: _cc_id Value: 569c2be79933c5fd89ec0ed52412325
.hewaaya.com/	1970-01-20 09:50:41	Name: panoramaId_expiry Value: 1677041105009
.hewaaya.com/	1970-01-20 09:50:41	Name: panoramaId Value: a5fb8a809f03e78129e54ff4ba7c16d53938ad4bb50de85bdff9840d2674f591
.lijit.com/	1970-01-20 18:26:12	Name: _ljtrtb_5001 Value: 569c2be79933c5fd89ec0ed52412325
.pubmatic.com/	1970-01-20 09:42:02	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:26:12	Name: KADUSERCOOKIE Value: E6D9B595-401D-4D0E-ACDC-1E389C14CBC0
.demdex.net/	1970-01-20 13:59:48	Name: demdex Value: 29622473263268028353007880313114169142
.dpm.demdex.net/	1970-01-20 13:59:48	Name: dpm Value: 29622473263268028353007880313114169142
.tapad.com/	1970-01-20 11:07:00	Name: TapAd_TS Value: 1676436305145
.tapad.com/	1970-01-20 11:07:00	Name: TapAd_DID Value: ac87daed-bc37-401e-b9d7-935a77f2dc81
.yahoo.com/	1970-01-20 18:26:33	Name: A3 Value: d=AQABBFFj7GMCEK0Jpq9gO_Bl8tQ2BRschgkFEgEBAQG07WP2YwAAAAAA_eMAAA&S=AQAAAjDTnmKYcwctog9uZG1f2c8
.adsrvr.org/	1970-01-20 18:26:12	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjuhcuLrsbHOxAFGAEgASgCMgsI7v3NuMTGxzsQBTgBWgV0YXBhZGAC
.analytics.yahoo.com/	1970-01-20 18:26:12	Name: IDSYNC Value: 19bk~2a04
.tapad.com/	1970-01-20 11:07:00	Name: TapAd_3WAY_SYNCS Value: 1!1108
.agkn.com/	1970-01-20 18:26:12	Name: ab Value: 0001%3ALfXyVukbTIpFmKKx7eBU81Cgs2GRANYC
.mgid.com/	1970-01-20 18:26:12	Name: muidn Value: n1e5IOkY7iJk
.turn.com/	1970-01-20 13:59:48	Name: uid Value: 2669022351091686327

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.dtscdn.com/widget/?d=4C301676436303862FFE08388547A2A9&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fincomeface84&r= Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
aa.agkn.com
adservice.google.com
adservice.google.com.sg
ap.lijit.com
audex.userreport.com
bareeqal5alij.hewaaya.com
bcp.crwdcntrl.net
beacon.krxd.net
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
d.turn.com
data-beacons.s-onetag.com
dmp.truoptik.com
dpm.demdex.net
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
secure.adnxs.com
spl.zeotap.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vpod1q.qa.lijit.com
www.google.com
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
s.amazon-adsystem.com
sync.ipredictive.com
vpod1q.qa.lijit.com
103.229.205.243
103.231.98.196
103.43.90.179
104.16.111.154
104.254.148.251
104.69.166.9
106.10.236.147
13.213.82.171
13.250.233.33
13.33.33.104
13.33.33.31
13.33.88.100
141.94.171.212
15.197.193.217
151.101.194.49
172.217.194.156
18.141.80.142
18.155.68.101
18.234.4.255
2001:df2:a300:bbbb::136
209.191.163.152
209.191.163.208
2404:6800:4003:c01::84
2404:6800:4003:c02::9b
2404:6800:4003:c03::9d
2404:6800:4003:c04::63
2404:6800:4003:c05::5f
2404:6800:4003:c05::9b
2404:6800:4003:c06::9a
2404:6800:4003:c0f::5e
2404:6800:4003:c11::9d
2606:4700:10::6816:1857
2606:4700:1::6813:854e
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:3032::6815:1530
2606:4700:e4::ac40:a71f
2620:1ec:21::14
34.111.113.62
34.124.209.251
35.81.232.231
46.105.201.240
52.221.9.213
52.29.227.173
52.74.162.2
52.84.251.14
52.84.251.78
54.39.156.32
69.173.158.64
98.98.134.241
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1604d7fd902f76d2b32dfc2bbdd7a6c6fa0184d5b937af08b546f82701ebb287
1f48eced2d445c357bf58d50c2db363bd25e79893e596426f47c1af748f95ca1
22d8719aa9ff6045ed010bf945f9397367a663f123215921061fd3951c159153
2553f2454d4da428abc3f6ba2d900827b55df347aea22e410c38e8999dd0df91
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
295c14d79fb3a907f612e08d9dd6faf04848ef6cd6b6702700b656035899919f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
37dc34da0809c1150251a605939830aa9a0bc74d66e8afb335b040f4eb6e7dc2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56eed107f102587144e2804a93d535bca000894bcdd9c3e4bfee7757a1a92218
57cc6d3d4c669ec78ef0d4077fc073a3043d536d9c2b3fd098b42396e2b79cb7
5a780b8dbf9bd5b3379eeb590762817384c43aed7b4f62994608e814b32a1359
5edf449331bfc4d5885350b86ed2f3bbfe51b22ee211416222c44110aa7fe2f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6544d0492adb33c3b922e497842f62fd4630d48368943d96863adfcc36df6b95
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
763c7f871382fc9967f91199a2d276666b32acee7fa1b85ceb1d51e5985d9a88
7dd5593387a3217b33f239d4b3efdea1697cbfe50ba93a97b91598ed45fdfc35
8a0a840d54ebc1a4525af39787c3aa67bdd8a9c75813d0fded90652401dcade5
8c5fea40a6f3d80c9abe971716d3f4633371fd0fe562dda6b4b6769b37727ee1
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9cc2c6e52a4c5efb45722888e71fde3a06fa31ab6611592d1153a564ec41d41d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2176f47e15e2a55fe0252f64a286e190de875eb9dc4d57c52ad4b40027c88d9
bf0d616493ed0b6722a75150b6a3a39d01e7dd52269de6f3e0f58f9adf928eaa
c2a1a1be85df60fd978094fd66f6a1baa0ab301827bcc8aa1ebf0d53377bf7b3
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5
c9e0e89a135cbddbe5d3414fb5ab25e8f5ca0e22a2048516d3b5ae945363c774
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d21ea66884a90a9148d3f6e109a6bb1e2bcad851e2a06b46350eb1edefa5a546
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df80ca1466954b504a9de241e0acab0599adc29e4a8127832888d858dd4ccbbc
e0a8f8dffedfe0616a9f94c07e6a349ef49a209904f9522bf14c8f809b485cd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75
f9baa48a57d4c147298737cb13b6792fe6cfdbc3bb701ca5c3c73e83856b087c
feafd9234c68a7f1d92fee6ec91b0f37668660b83611bf3e91fa73621f56d58c

bareeqal5alij.hewaaya.com Open in urlscan Pro 2606:4700:3032::6815:1530 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

69 %HTTPS

34 %IPv6

43 Domains

57 Subdomains

36 IPs

6 Countries

498 kBTransfer

1247 kBSize

53 Cookies

2 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bareeqal5alij.hewaaya.com Open in urlscan Pro
2606:4700:3032::6815:1530 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

69 %
HTTPS

34 %
IPv6

43
Domains

57
Subdomains

36
IPs

6
Countries

498 kB
Transfer

1247 kB
Size

53
Cookies

90 HTTP transactions
0 data transactions