urlscan.io logo urlscan.io
SecurityTrails logo

www.areatatafo.com Open in urlscan Pro
172.67.208.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.areatatafo.com/
Submission: On May 01 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 27 domains to perform 104 HTTP transactions. The main IP is 172.67.208.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.areatatafo.com.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2024. Valid for: 3 months.
This is the only time www.areatatafo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 172.67.208.31 13335 (CLOUDFLAR...)
1 172.240.253.132 7979 (SERVERS-COM)
5 172.253.118.155 15169 (GOOGLE)
6 192.0.77.37 2635 (AUTOMATTIC)
3 172.217.194.95 15169 (GOOGLE)
1 142.251.10.97 15169 (GOOGLE)
7 139.45.197.250 9002 (RETN-AS)
18 192.0.77.2 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
3 104.16.160.145 13335 (CLOUDFLAR...)
1 172.67.180.87 13335 (CLOUDFLAR...)
1 52.74.85.120 16509 (AMAZON-02)
1 192.243.61.225 39572 (ADVANCEDH...)
8 139.45.197.239 9002 (RETN-AS)
3 139.45.197.238 9002 (RETN-AS)
1 192.243.61.227 39572 (ADVANCEDH...)
5 74.125.130.94 15169 (GOOGLE)
2 216.239.36.178 15169 (GOOGLE)
2 172.253.118.157 15169 (GOOGLE)
2 139.45.195.8 9002 (RETN-AS)
2 4 192.243.59.13 39572 (ADVANCEDH...)
1 172.240.108.76 7979 (SERVERS-COM)
1 172.67.193.52 13335 (CLOUDFLAR...)
2 45.133.44.9 39572 (ADVANCEDH...)
1 139.45.195.254 9002 (RETN-AS)
2 142.251.12.132 15169 (GOOGLE)
3 172.67.22.216 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
1 74.125.68.104 15169 (GOOGLE)
104 30
16    172.67.208.31 (United States)

ASN13335 (CLOUDFLARENET, US)
www.areatatafo.com
1    172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)
pl22385983.toprevenuegate.com
5    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
pagead2.googlesyndication.com
6    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
3    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
1    142.251.10.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
7    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
saipsoan.net
18    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    172.67.180.87 (United States)

ASN13335 (CLOUDFLARENET, US)
downstairsnegotiatebarren.com
1    52.74.85.120 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-85-120.ap-southeast-1.compute.amazonaws.com
proftrafficcounter.com
1    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
shawljeans.com
8    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
goomaphy.com
gloaphoo.net
3    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
loajawun.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.topcreativeformat.com
5    74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net
fonts.gstatic.com
2    216.239.36.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
googleads.g.doubleclick.net
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
4    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
burialsupple.com
1    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
capaciousdrewreligion.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
2    45.133.44.9 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.cloudimagesb.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
2    142.251.12.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
tpc.googlesyndication.com
3    172.67.22.216 (United States)

ASN13335 (CLOUDFLARENET, US)
offerimage.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
unseenreport.com
1    74.125.68.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f104.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
26 wp.com
c0.wp.com — Cisco Umbrella Rank: 9469
i0.wp.com — Cisco Umbrella Rank: 3768
stats.wp.com — Cisco Umbrella Rank: 2879
pixel.wp.com — Cisco Umbrella Rank: 2841
268 KB
16 areatatafo.com
www.areatatafo.com
399 KB
7 saipsoan.net
saipsoan.net — Cisco Umbrella Rank: 103709
42 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
209 KB
5 gstatic.com
fonts.gstatic.com
79 KB
4 gloaphoo.net
gloaphoo.net — Cisco Umbrella Rank: 97190
37 KB
4 burialsupple.com
burialsupple.com
11 KB
4 goomaphy.com
goomaphy.com — Cisco Umbrella Rank: 214173
37 KB
3 offerimage.com
offerimage.com — Cisco Umbrella Rank: 38780
15 KB
3 loajawun.com
loajawun.com
34 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4672
onesignal.com — Cisco Umbrella Rank: 1533
73 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
2 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 30193
214 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
1 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
310 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 19957
425 B
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 24123
488 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 24616
8 KB
1 capaciousdrewreligion.com
capaciousdrewreligion.com — Cisco Umbrella Rank: 23983
329 B
1 topcreativeformat.com
www.topcreativeformat.com — Cisco Umbrella Rank: 77676
12 KB
1 shawljeans.com
shawljeans.com
469 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15702
303 B
1 downstairsnegotiatebarren.com
downstairsnegotiatebarren.com — Cisco Umbrella Rank: 17911
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
1 toprevenuegate.com
pl22385983.toprevenuegate.com
30 KB
104 27
Domain Requested by
18 i0.wp.com www.areatatafo.com
16 www.areatatafo.com www.areatatafo.com
7 saipsoan.net www.areatatafo.com
saipsoan.net
6 c0.wp.com www.areatatafo.com
5 fonts.gstatic.com fonts.googleapis.com
5 pagead2.googlesyndication.com www.areatatafo.com
pagead2.googlesyndication.com
4 gloaphoo.net www.areatatafo.com
gloaphoo.net
4 burialsupple.com 2 redirects www.areatatafo.com
4 goomaphy.com www.areatatafo.com
goomaphy.com
3 offerimage.com gloaphoo.net
3 loajawun.com www.areatatafo.com
loajawun.com
3 fonts.googleapis.com www.areatatafo.com
goomaphy.com
gloaphoo.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdn.cloudimagesb.com www.areatatafo.com
2 my.rtmark.net loajawun.com
www.areatatafo.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
2 cdn.onesignal.com www.areatatafo.com
cdn.onesignal.com
1 www.google.com tpc.googlesyndication.com
1 unseenreport.com
1 fleraprt.com tzegilo.com
1 tzegilo.com loajawun.com
1 capaciousdrewreligion.com pl22385983.toprevenuegate.com
1 onesignal.com cdn.onesignal.com
1 pixel.wp.com www.areatatafo.com
1 www.topcreativeformat.com www.areatatafo.com
1 shawljeans.com www.areatatafo.com
1 proftrafficcounter.com pl22385983.toprevenuegate.com
1 downstairsnegotiatebarren.com pl22385983.toprevenuegate.com
1 stats.wp.com www.areatatafo.com
1 www.googletagmanager.com www.areatatafo.com
1 pl22385983.toprevenuegate.com www.areatatafo.com
104 32

This site contains links to these domains. Also see Links.

Domain
whatsapp.com
t.me
facebook.com
instagram.com
twitter.com
mhthemes.com
shawljeans.com
Subject Issuer Validity Valid
areatatafo.com
GTS CA 1P5		 2024-03-22 -
2024-06-20		 3 months crt.sh
toprevenuegate.com
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
saipsoan.net
R3		 2024-03-07 -
2024-06-05		 3 months crt.sh
onesignal.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
downstairsnegotiatebarren.com
E1		 2024-03-04 -
2024-06-02		 3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
shawljeans.com
R3		 2024-04-29 -
2024-07-28		 3 months crt.sh
goomaphy.com
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
loajawun.com
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh
topcreativeformat.com
R3		 2024-03-20 -
2024-06-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
gloaphoo.net
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
capaciousdrewreligion.com
R3		 2024-03-06 -
2024-06-04		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-03-30 -
2024-06-28		 3 months crt.sh
cdn.cloudimagesb.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
offerimage.com
GTS CA 1P5		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.unseenreport.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.areatatafo.com/
Frame ID: E4DC9E9901B15F40EFEFADB8DE0FDC7C
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240430/r20110914/zrt_lookup_fy2021.html
Frame ID: 9ABD422ACC5CB25B66B68D3DFDFDE2E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1433157368208679&output=html&adk=3826760629&adf=1341073466&lmt=1714605785&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.areatatafo.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714605786692&bpp=3&bdt=1167&idt=417&shv=r20240430&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8769015728094&frm=20&pv=2&ga_vid=1209042326.1714605787&ga_sid=1714605787&ga_hid=51928133&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95329724%2C95331983%2C31083289%2C95331043%2C21065724&oid=2&pvsid=2184168005644271&tmod=1316452030&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=447
Frame ID: 7924DDAA5E989D5E8E1AC79D73ADA3EA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
Frame ID: B501D9DF07B756B5F0939995AF447F69
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/bi/65/00/2f/65002f0c0fb1656d2399bdae5ab7535b/1706636717.jpg
Frame ID: AA275BE816AFA08DF2C14EF4E5798C1D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5CA082B812F73162B9BAD61D4FAC6526
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55FFDFBC5CCFF021D11B72FF2B7FCD57
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: F046C6892FD89B20B319F55A9293D51B
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 1CB37953B5F0A94DA7257F0651152B57
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Area Tatafo | Entertainment Straight Out Of Warri

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

104
Requests

96 %
HTTPS

0 %
IPv6

27
Domains

32
Subdomains

30
IPs

4
Countries

1598 kB
Transfer

3508 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://burialsupple.com/watch.1542674851796.js?key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&refer=https%3A%2F%2Fwww.areatatafo.com%2F&tz=8&dev=r&res=14.4127&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1 HTTP 307
  • https://burialsupple.com/watch.1542674851796.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&pst=1714605849&refer=https%3A%2F%2Fwww.areatatafo.com%2F&res=14.4127&rmtc=t&shu=1aa0bb01f9ae983d0e4adadc89ba22104ca47d564f715a8ba0ab77f6258a8fa5baa033358e0863dc7eb5bb46205dbc927a1825904a3a151ad6dee6796fd0a2263774462231ddd372ed700e5b86661e3e3d67d22b517203c0f99d951ec31e3c&tz=8&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1
Request Chain 64
  • https://burialsupple.com/watch.1686349197559.js?key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&refer=https%3A%2F%2Fwww.areatatafo.com%2F&tz=8&dev=r&res=14.4127&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1 HTTP 307
  • https://burialsupple.com/watch.1686349197559.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&pst=1714605849&refer=https%3A%2F%2Fwww.areatatafo.com%2F&res=14.4127&rmtc=t&shu=35c21b550492276a9de955e1133dbff83238de06c98958e31807ca7a67a4062e3358f33d7dd578b02cd943f7e7a36d783872579f698fc01b66d45ef6c5aaa47f8736bd047b2272a9b80ad471d2b1f0b883a2e26e6830a89a57e6a2a8a345b9208cae6d&tz=8&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.areatatafo.com/ 		380 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37b3fd10df9eef77d6f77032da30ab28496fc676c451ca5658366d6128e9f03

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87d38460fed89c41-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 01 May 2024 23:23:05 GMT
last-modified
Wed, 01 May 2024 23:23:05 GMT
link
<https://www.areatatafo.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGDuo9qGG2oJwXPxq%2F6gKQwQu9Tsr6Wdn25P4og%2BRdMpZjknO9PjrH5J7EuIExWUeyQP31QCaEe1LAyXzNGQa4wUT%2BlFduvJyDaqCl1RM6Ls8VpzGijWZqH6Aym6OR6E%2BhwZYCQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
0c234197fd6104ba7080b031ecfcded4.js
pl22385983.toprevenuegate.com/0c/23/41/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pl22385983.toprevenuegate.com/0c/23/41/0c234197fd6104ba7080b031ecfcded4.js
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
7211ebde0d307bb03de9900dfbfd0c2be6333e1f71dd7c220f576d543db1d418
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 01 May 2024 23:23:06 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
50f65f7a0a9ffeef4cbfdf92346a0424
Expires
Thu, 01 Jan 1970 00:00:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1433157368208679
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
8c3ba46e52654b548eb306952818f95c2ebd4d26aa82b229fb01a0eaa2bfa009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Origin
https://www.areatatafo.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51313
x-xss-protection
0
server
cafe
etag
9060276958797268387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 01 May 2024 23:23:05 GMT
style.min.css
c0.wp.com/c/6.5.2/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.5.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT sin 1
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 May 2025 23:23:05 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/6.5.2/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.5.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT sin 1
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 May 2025 23:23:05 GMT
wp-mediaelement.min.css
c0.wp.com/c/6.5.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.5.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT sin 1
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 May 2025 23:23:05 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
6be755af024193288462dbefee1d1c4f60a253639df19ae10072d64f28676931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 May 2024 22:05:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 May 2024 23:23:05 GMT
style.css
www.areatatafo.com/wp-content/themes/mh-magazine-lite/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
738525
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 24 Jun 2023 02:17:52 GMT
server
cloudflare
etag
W/"b222-64965250-0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOfVkgwBxyeP1RLH3Lu7VaWmvF3dqvb8iPWsYRzT47CfvgKCEvpymE%2FH0qSLBBqQfb7KneOkSLXw8jXWy4T2edO3%2BmsYpW1TPIuEmV858iDoMY8c8Zxl9%2BZg%2Fnfed%2BxyGPo2Meg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
87d3846fbe7f9c41-SIN
expires
Wed, 23 Apr 2025 10:14:20 GMT
font-awesome.min.css
www.areatatafo.com/wp-content/themes/mh-magazine-lite/includes/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91958
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 24 Jun 2023 02:17:52 GMT
server
cloudflare
etag
W/"7918-64965250-0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKmGVD%2BHNTTo0eT2rqG6DAEFpPYo8eHrHY1kbRwm81Zh9SCTkQCId%2F7dPcJ2ZpqA9NMDAEZaY9SGP1eAYQQL1yH83xuS2Ol8gk1j%2FlkklkwbalOKPmjiEEu%2FLMe%2FATyBihvUkzk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
87d3846fbe819c41-SIN
expires
Wed, 30 Apr 2025 21:50:27 GMT
jetpack.css
c0.wp.com/p/jetpack/13.3.1/css/ 		105 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/13.3.1/css/jetpack.css
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2ec23484fae47980001eed8805ef2fa389d25d6b9db0a5aaeb41ecb76c411905
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT sin 1
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Wed, 10 Apr 2024 20:25:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 May 2025 23:23:05 GMT
jquery.min.js
c0.wp.com/c/6.5.2/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.5.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT sin 1
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 May 2025 23:23:05 GMT
jquery-migrate.min.js
c0.wp.com/c/6.5.2/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.5.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT sin 1
date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 May 2025 23:23:05 GMT
scripts.js
www.areatatafo.com/wp-content/themes/mh-magazine-lite/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91957
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 24 Jun 2023 02:17:52 GMT
server
cloudflare
etag
W/"91c9-64965250-0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPXbEed9X1LjiNiF0SN0PS3noDNEMIpwSHzF8v7pvlgsHGVTVmTwV0yUninhoLl6HmmHfumHvJS1se%2FV349s13ov7VwRS%2By7oaUg5HlEl60t9h%2F2mCbskVMHST4u%2FzYIPU31Oj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
87d3846fbe829c41-SIN
expires
Wed, 30 Apr 2025 21:50:27 GMT
js
www.googletagmanager.com/gtag/ 		298 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6Q683VSSJL
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c33829d4081d36ebd94b6efb8a5c60d40ea2a19a066c3ba433717dabd7be1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101498
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 May 2024 23:23:06 GMT
ntfc.php
saipsoan.net/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/ntfc.php?p=6792522
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ffa80b3ad4fd492dc7797cbf8b6a643201efa000c39adfd9f54df2365dde12c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:23:07 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 10:48:53 GMT
server
nginx
etag
W/"662a3515-37fb"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
40e2bd964edafc8d824dfa5438c5093f-1024x257.jpg
www.areatatafo.com/wp-content/uploads/2023/12/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.areatatafo.com/wp-content/uploads/2023/12/40e2bd964edafc8d824dfa5438c5093f-1024x257.jpg
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa0376e2a0874c96886770a2fa5ea0c2b0aa0ae031f5c351f228daaa8967eda5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
963042
alt-svc
h3=":443"; ma=86400
content-length
36940
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Dec 2023 23:18:56 GMT
server
cloudflare
etag
"904c-658f53e0-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPKMzRHRNhl4hejOKBmfYXO9OsVH%2F7922DX2SmO3fKTH4r2685zvMPyW0yjOPHzFQqSjMykOzxkXaV428ZlbD85NomHpVnA4dp7LT1%2F6YoBESxvPNaoE4SalHQkHwdB3jbc1ZLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87d38470befd9c41-SIN
expires
Sun, 20 Apr 2025 19:52:22 GMT
WhatsApp-Image-2024-01-07-at-12.41.55-PM.jpeg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-07-at-12.41.55-PM.jpeg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
598b290a9f70f3108ea5f9251937febb1087914791ab860845d58775f32774d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6242
x-nc
HIT sin 3
last-modified
Mon, 19 Feb 2024 13:15:56 GMT
server
nginx
etag
"aca73851decb535a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/01/WhatsApp-Image-2024-01-07-at-12.41.55-PM.jpeg>; rel="canonical"
expires
Thu, 19 Feb 2026 01:15:56 GMT
d840f2bfb3dba53cd270b959b7871c3a5831847742409989919.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/d840f2bfb3dba53cd270b959b7871c3a5831847742409989919.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
8d6a428738ea5bc7dd75186d0c57d62aebdac6f6b8983316c794b6c9eb664990
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
12638
x-nc
MISS sin 2
last-modified
Wed, 01 May 2024 23:23:05 GMT
server
nginx
etag
"7c6a3e49f6976d41"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/d840f2bfb3dba53cd270b959b7871c3a5831847742409989919.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:05 GMT
yuljudy6410200748151985954.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/yuljudy6410200748151985954.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
480b17214158c4517524a7c5054e2f1ffefdaba7dd385e08bb17015907ca139b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
18040
x-nc
MISS sin 1
last-modified
Wed, 01 May 2024 23:23:05 GMT
server
nginx
etag
"5739ce609fcd3e88"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/yuljudy6410200748151985954.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:05 GMT
images28229.jpeg
www.areatatafo.com/wp-content/uploads/2023/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.areatatafo.com/wp-content/uploads/2023/12/images28229.jpeg
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df3135ccaacb0d55ba4133c9f2d23a436b11ccc51a10f6d8cee908df6373018

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1320972
alt-svc
h3=":443"; ma=86400
content-length
9582
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Dec 2023 23:23:44 GMT
server
cloudflare
etag
"256e-658f5500-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uok4MsbxbCdqHv6DAsjQRzA8swO0ThgT0g21xPm3gWTf6R3iV%2BMQQhsPOF9eWJaNejnaj4ISJsU8DSwXlJok%2FnZ1b%2F49SGR71WxwGhwHhmyH5IPkALcftp%2FbM1Suy1dtFC2ty7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87d38475c9c09c41-SIN
expires
Wed, 16 Apr 2025 16:26:53 GMT
58e91b9eeb97430e81906506-1024x457.png
www.areatatafo.com/wp-content/uploads/2023/12/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.areatatafo.com/wp-content/uploads/2023/12/58e91b9eeb97430e81906506-1024x457.png
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3868dfc8c5a28ec5a469a748c3f16f47bcb28e4bef90c70b3e7f769d9c74be3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91955
alt-svc
h3=":443"; ma=86400
content-length
156518
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Dec 2023 23:29:07 GMT
server
cloudflare
etag
"26366-658f5643-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhQr3Xa2%2B7cVeoZrKzakYvTclirqf4bAF0S%2BB4n4SRs%2FK%2FTBy%2F8vUd542V30SwAA4nA4BachI1Y8iHXspbo2ucckYzKkS%2BfESbwyAtUVfv9vWkEdnq9zUtraSkaA3ndd%2BWdgj%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87d38476ca669c41-SIN
expires
Wed, 30 Apr 2025 21:50:31 GMT
images28129.jpeg
www.areatatafo.com/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.areatatafo.com/wp-content/uploads/2023/12/images28129.jpeg
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
909e54592905c0ec957aa07b781615ee2435c1ff6feb669f89206cb8ba7ed76a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1320972
alt-svc
h3=":443"; ma=86400
content-length
13152
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Dec 2023 23:31:28 GMT
server
cloudflare
etag
"3360-658f56d0-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRHvHSrQggT5q0dX3mzb2PBvIDZsw%2BS7%2BMpCI6XlmXm2y%2Fg7gcuPx6ONPC5Q6DucmTu96bPuGzyUSo0gKUu81n316bNuycHMY92TCBOpCsruqHs3qmXXZeW6wc1wf8s6ke8cbsk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87d38476ca679c41-SIN
expires
Wed, 16 Apr 2025 16:26:53 GMT
images.png
www.areatatafo.com/wp-content/uploads/2023/12/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.areatatafo.com/wp-content/uploads/2023/12/images.png
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bcccb05e321263e89dfaf52ce0c13ba4586583c6ca18106d50b1b0fdf858b9c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
202150
alt-svc
h3=":443"; ma=86400
content-length
4448
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Dec 2023 23:35:00 GMT
server
cloudflare
etag
"1160-658f57a4-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FlIU2pO2wsHGcoBDeRaL2LoH9P%2BUQAC6o5jji5ml3iNGz1mxznIVVIdMBmmoKhRbNkvqjLLujgGnpdRmL4qFNNrB0OoqvjCz%2BkwVAaECeq6g7Ag%2BniQWaSEMqMWQb5eKdPONHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87d38476ca689c41-SIN
expires
Tue, 29 Apr 2025 15:13:56 GMT
image-cdn.js
www.areatatafo.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 		701 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91956
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Apr 2024 02:47:31 GMT
server
cloudflare
etag
W/"2bd-6618a0c3-0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FM%2FrUWY0XcRY%2F2DMsOMI2x1lwJvdChtmAglvGRY6UE7ODur8rIVYlmcFecfw1GUie053ZJpHCM5684QLVn%2FmiGeRJyaIg%2BN12aV0jcYTuiw1fhzsA1sIjE7VTExk7VrvaWFebpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
87d384726fbf9c41-SIN
expires
Wed, 30 Apr 2025 21:50:29 GMT
e-202418.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202418.js
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT sin
date
Wed, 01 May 2024 23:23:06 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356685.7622
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 27 Apr 2025 23:52:44 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
103
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
87d38478fbdb5fe4-SIN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 04 May 2024 23:23:07 GMT
sfp.js
downstairsnegotiatebarren.com/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downstairsnegotiatebarren.com/sfp.js
Requested by
Host: pl22385983.toprevenuegate.com
URL: https://pl22385983.toprevenuegate.com/0c/23/41/0c234197fd6104ba7080b031ecfcded4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.180.87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
1a45e73a27e63597bdc212f8b3aaf639
last-modified
Wed, 01 May 2024 23:23:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Bh8Im28I7qgO5KEmm%2BGXVokoyN5e9Ulpxvsdb6JxuoHxZPCYFymMYIz2%2BUpPtcZqzQhMGdkKKEcFY77eo0mkFmTLCHOFp7%2BVt%2BrZ4FyW%2BEqO34kErTxEs8b%2BRw08IY4oe%2F8PvpoC0yQNUyGlrGHGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
87d38478ebbaab4f-SIN
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/ 		40 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: pl22385983.toprevenuegate.com
URL: https://pl22385983.toprevenuegate.com/0c/23/41/0c234197fd6104ba7080b031ecfcded4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.85.120 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-85-120.ap-southeast-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
c81dcfce1c773bfde459a4099a46c8d2a664453c74dc0cdf5ef82aff0d42bd0a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.areatatafo.com
date
Wed, 01 May 2024 23:23:06 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
purst
shawljeans.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shawljeans.com/pixel/purst?dl=0&th=0&sc=0&rs=3799.099998474121&rd=3799.099998474121&fd=971.0999984741211&bv=24.4.6923&tmpl=70
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 01 May 2024 23:23:07 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
www.areatatafo.com/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:06 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
last-modified
Wed, 01 May 2024 23:23:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiPK7hmhIeS2XoUuTAJoApff9GkiQdlZfjXuZRQiaMePkoYd4XkX6pHk0AACW1w%2FlwX5rLtA%2BFB7UBzGKSsD93GbHR8o%2BxywYmGudnNUjBw108CXlO0nVekqJcrgpy5N%2F4pN7Jk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
87d384764a1b9c41-SIN
link
<https://www.areatatafo.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
6074685
goomaphy.com/400/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goomaphy.com/400/6074685
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f9050952aacd887d9f39fd0a06e916282e3e46f3143f2d4f0c6d53299341d443
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
af4801df21189a76675ced2f36760f33
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
www.areatatafo.com/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
last-modified
Wed, 01 May 2024 23:23:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4X0s1SWA2cAgcZYDG26Dfu1RNjrZiWdbnog8r8huxddlwmMrUODcoyMThJoEeeHeXS9pbq7jcaQzYb%2FbXUfAEHYoXjcVgqm3681tDlOWZLzs6p%2BxlLYnM%2F%2BtG9TCftoyMn%2FswA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
87d38477ab079c41-SIN
link
<https://www.areatatafo.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
/
www.areatatafo.com/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
last-modified
Wed, 01 May 2024 23:23:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD8cXII77l33EvQYB3I1R9V7JnL4q2rl1g3QU2q9vlbnEG%2BZWpyZGPTFry7kkQVcsyTam2iCKdQ1Gjwef5FIcmJH334aNilwkpi6g3%2F2W71YzwzDLfaZW35%2FTdh3TenrRepGEgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
87d38478fbc39c41-SIN
link
<https://www.areatatafo.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
6792561
loajawun.com/400/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loajawun.com/400/6792561
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9aebeb0065184111b3aa97bd1b5258da2435e591533ca72236dd12ec854a8282
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
b4bfefd2290d9ac7813ce97900d6ff53
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/ 		411 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_fy2021.js?bust=31083289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1433157368208679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
2b6de88ce54fc05547bf8ebe0eb1a194b723c0fd5795f73361a8a2493256ce45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142454
x-xss-protection
0
server
cafe
etag
11128234584376589197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 May 2024 23:23:07 GMT
09307e4a-4f59-4d29-ae75-005aad83ce02
https://www.areatatafo.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.areatatafo.com/09307e4a-4f59-4d29-ae75-005aad83ce02
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
invoke.js
www.topcreativeformat.com/0842c4c64616021fff3fa766a7ef0c64/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.topcreativeformat.com/0842c4c64616021fff3fa766a7ef0c64/invoke.js
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
4737729add4c50b8195af6de2a30986c3f7d78d3703598ae82231e89f189919f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 01 May 2024 23:23:08 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
d154f19d2b8b9ab24e626a65539a4d92
Expires
Thu, 01 Jan 1970 00:00:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.areatatafo.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 10:14:09 GMT
x-content-type-options
nosniff
age
47338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 May 2025 10:14:09 GMT
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6Q683VSSJL&gtm=45je44t0v9123540196za200&_p=1714605786554&gcd=13l3l3l3l1&npa=0&dma=0&cid=1209042326.1714605787&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714605786&sct=1&seg=0&dl=https%3A%2F%2Fwww.areatatafo.com%2F&dt=Area%20Tatafo%20%7C%20Entertainment%20Straight%20Out%20Of%20Warri&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4033
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Q683VSSJL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:23:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.areatatafo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240430/r20110914/ Frame 9ABD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240430/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_fy2021.js?bust=31083289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://www.areatatafo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
14724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 May 2024 19:17:44 GMT
etag
5035419970550746386
expires
Wed, 15 May 2024 19:17:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7924 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1433157368208679&output=html&adk=3826760629&adf=1341073466&lmt=1714605785&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.areatatafo.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNzgiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3Ljc4Il0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny43OCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714605786692&bpp=3&bdt=1167&idt=417&shv=r20240430&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8769015728094&frm=20&pv=2&ga_vid=1209042326.1714605787&ga_sid=1714605787&ga_hid=51928133&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95329724%2C95331983%2C31083289%2C95331043%2C21065724&oid=2&pvsid=2184168005644271&tmod=1316452030&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=447
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_fy2021.js?bust=31083289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://www.areatatafo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 May 2024 23:23:08 GMT
expires
Wed, 01 May 2024 23:23:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=diixxjs&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=diixxjs&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:23:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal.min.js
saipsoan.net/pfe/current/ 		88 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/pfe/current/universal.min.js?v=3.1.504
Requested by
Host: saipsoan.net
URL: https://saipsoan.net/ntfc.php?p=6792522
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:23:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 10:48:52 GMT
server
nginx
etag
W/"662a3514-15efa"
content-type
application/javascript
access-control-allow-origin
https://www.areatatafo.com
cache-control
no-cache
access-control-allow-credentials
true
zone
saipsoan.net/ 		881 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/zone?pub=0&zone_id=6792522&is_mobile=false&domain=www.areatatafo.com&var=&ymid=&var_3=&tg=0&sw=3.1.504&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3Ljc4In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI0LjAuNjM2Ny43OCJ9LHsiYnJhbmQiOiJOb3QtQS5CcmFuZCIsInZlcnNpb24iOiI5OS4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwid293NjQiOmZhbHNlfQ==
Requested by
Host: saipsoan.net
URL: https://saipsoan.net/ntfc.php?p=6792522
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
29935b03529540a7523b77ca5ec986428ad901ee92f3ab7cb6e581b31a3593e9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
4b932d5a78eb5b5686f164ef4fcce3ac
date
Wed, 01 May 2024 23:23:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.areatatafo.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
881
gid.js
my.rtmark.net/ 		65 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: loajawun.com
URL: https://loajawun.com/400/6792561
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f16e759b7e90a265ec75410d580cf814a99719026a5cdbd567c9795cb3b08da4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.areatatafo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
watch.1542674851796.js
burialsupple.com/
Redirect Chain
  • https://burialsupple.com/watch.1542674851796.js?key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&r...
  • https://burialsupple.com/watch.1542674851796.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%2...
3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://burialsupple.com/watch.1542674851796.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&pst=1714605849&refer=https%3A%2F%2Fwww.areatatafo.com%2F&res=14.4127&rmtc=t&shu=1aa0bb01f9ae983d0e4adadc89ba22104ca47d564f715a8ba0ab77f6258a8fa5baa033358e0863dc7eb5bb46205dbc927a1825904a3a151ad6dee6796fd0a2263774462231ddd372ed700e5b86661e3e3d67d22b517203c0f99d951ec31e3c&tz=8&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
2f543211f68ad15e00046152cfa52928c3aa1b58c98515d1198d237335069c74
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://www.areatatafo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Wed, 01 May 2024 23:23:09 GMT
Custom-Referer
https://www.areatatafo.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://www.areatatafo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
44f6dd304a608de31291da23120d4ed9
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Wed, 01 May 2024 23:23:09 GMT
Custom-Referer
https://www.areatatafo.com
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://www.areatatafo.com
Location
https://burialsupple.com/watch.1542674851796.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&pst=1714605849&refer=https%3A%2F%2Fwww.areatatafo.com%2F&res=14.4127&rmtc=t&shu=1aa0bb01f9ae983d0e4adadc89ba22104ca47d564f715a8ba0ab77f6258a8fa5baa033358e0863dc7eb5bb46205dbc927a1825904a3a151ad6dee6796fd0a2263774462231ddd372ed700e5b86661e3e3d67d22b517203c0f99d951ec31e3c&tz=8&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
7e1dd8b8032f6cd1689e74587f639f1e
Expires
Thu, 01 Jan 1970 00:00:01 GMT
6074566
gloaphoo.net/401/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloaphoo.net/401/6074566
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
13666ae869f5206fda6d458bb69181ab64f9ca313bf4ad40732ef9a91dd30e37
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
becb8f3c0e115ad6949900b8a71456fe
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=220102592&post=0&tz=1&srv=www.areatatafo.com&j=1%3A13.3.1&host=www.areatatafo.com&ref=&fcp=4021&rand=0.2448767552765032
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 01 May 2024 23:23:08 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
fontawesome-webfont.woff2
www.areatatafo.com/wp-content/themes/mh-magazine-lite/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin
https://www.areatatafo.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
77160
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
"12d68-64965250-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khXfq3T2Hnbbeus2FHU9Yx6YwwXA2NwVY9bZYkxm4PmmPFvQ%2BXJ1buBV1gmaYFw%2Bo6qdBKdqH6VWXIOCOPU0%2FdDZ4nVFHDP1YdHdUlxN5btFY6BhOZYg2RRfGWYuBU33VZ%2F1MWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
87d3848289239c41-SIN
expires
Thu, 01 May 2025 23:23:09 GMT
6-kg-of-suspected-drugs-seized-2-arrested-in-Kootenays.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/04/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/04/6-kg-of-suspected-drugs-seized-2-arrested-in-Kootenays.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ebe756c388d280814dba58c3dbebc3ef1e5d4229b06a579ef8d7a29cd44370a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
9578
x-nc
MISS sin 3
last-modified
Fri, 26 Apr 2024 05:37:51 GMT
server
nginx
etag
"dd65d79f56c84e32"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/04/6-kg-of-suspected-drugs-seized-2-arrested-in-Kootenays.jpg>; rel="canonical"
expires
Sun, 26 Apr 2026 17:37:51 GMT
a579c13749a5613a65ef0e8e712392605575569218313508028.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/a579c13749a5613a65ef0e8e712392605575569218313508028.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c459cc2cfbbbf04dbdd9e4a8d865712f0561939fda0ccb591f0490b4c5fd9283
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
10324
x-nc
MISS sin 1
last-modified
Wed, 01 May 2024 23:23:08 GMT
server
nginx
etag
"efd74a7150229a4d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/a579c13749a5613a65ef0e8e712392605575569218313508028.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:08 GMT
E28098let-p-square-or-don-jazzy-help-your-career-osaze-odemwingie7617554687123338116.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/E28098let-p-square-or-don-jazzy-help-your-career-osaze-odemwingie7617554687123338116.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
071d0ba0162302de6ec9256e14bf52b485fcb4210a82eb7f218a6073c6c4833d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
9974
x-nc
MISS sin 1
last-modified
Wed, 01 May 2024 23:23:08 GMT
server
nginx
etag
"b8a7ed60a2cdac36"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/E28098let-p-square-or-don-jazzy-help-your-career-osaze-odemwingie7617554687123338116.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:08 GMT
FB_IMG_1695665532184.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/FB_IMG_1695665532184.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
302be81d33c386eb82e4da9ebdb326b78684eb37f8cc904d3c27b274ad651dd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
13798
x-nc
MISS sin 1
last-modified
Wed, 01 May 2024 23:23:08 GMT
server
nginx
etag
"db8403dec8989ed3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/FB_IMG_1695665532184.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:08 GMT
Cyriel-Dessers.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/Cyriel-Dessers.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
cf3edd234fb57ffb057d5b6b1fdec4e399c7b5510ceb17ef922915f27501803e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
8258
x-nc
MISS sin 2
last-modified
Wed, 01 May 2024 23:23:08 GMT
server
nginx
etag
"a3ec023cfbdd8850"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/Cyriel-Dessers.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:08 GMT
TSX-flat-as-oil-falls-US-stock-markets-mixed-after.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/TSX-flat-as-oil-falls-US-stock-markets-mixed-after.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
828b90110cbd44b4a5d540d8e3f07d987caa169ba312f1d336d0185b89416277
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6916
x-nc
MISS sin 4
last-modified
Wed, 01 May 2024 23:23:08 GMT
server
nginx
etag
"6cf884b84c2ccef9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/TSX-flat-as-oil-falls-US-stock-markets-mixed-after.jpg>; rel="canonical"
expires
Sat, 02 May 2026 11:23:08 GMT
Collage-Maker-12-Jun-2023-07-24-PM-5676.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/11/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/11/Collage-Maker-12-Jun-2023-07-24-PM-5676.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
255bac7f629da6bf5d9128b0943ddb1f7b7c972ea1c4383060e29cc42aafeee5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6064
x-nc
MISS sin 3
last-modified
Wed, 01 May 2024 21:27:45 GMT
server
nginx
etag
"93a21571e572840d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2023/11/Collage-Maker-12-Jun-2023-07-24-PM-5676.jpg>; rel="canonical"
expires
Sat, 02 May 2026 09:27:45 GMT
freddie-leonard-peggy-ovire7567192396315539102.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/05/freddie-leonard-peggy-ovire7567192396315539102.jpg?resize=326%2C245&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
675d38503b94e433c26867123fc873dfb19ae280812f54ea175b799e54ace614
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
11708
x-nc
MISS sin 1
last-modified
Wed, 01 May 2024 21:27:45 GMT
server
nginx
etag
"3285a7219dd2bfda"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/05/freddie-leonard-peggy-ovire7567192396315539102.jpg>; rel="canonical"
expires
Sat, 02 May 2026 09:27:45 GMT
download-5.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/download-5.jpg?resize=200%2C200&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
bb746a8d7199bf51f4a0959d4583806cd3400425d1cd99df5986b08ebf829bd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
5080
x-nc
HIT sin 1
last-modified
Wed, 07 Feb 2024 22:32:42 GMT
server
nginx
etag
"6c97eb7255d5fa5f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/01/download-5.jpg>; rel="canonical"
expires
Sat, 07 Feb 2026 10:32:42 GMT
RTX4HPB4-e1542673923834.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/10/RTX4HPB4-e1542673923834.jpg?fit=1200%2C675&ssl=1&resize=200%2C200
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2dfb7a6b420fbf84c1ddbeec636018e78a4e3156909113257c3870e39b222df0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6944
x-nc
HIT sin 4
last-modified
Fri, 05 Jan 2024 23:42:40 GMT
server
nginx
etag
"3098695b8e4d7cb7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2023/10/RTX4HPB4-e1542673923834.jpg>; rel="canonical"
expires
Mon, 05 Jan 2026 11:42:40 GMT
download-4.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/download-4.jpg?resize=200%2C200&ssl=1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c9c64479ee79238740b54e9a44bf7bfbfbdf960a8016e41b4f66277cb37c9d58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3612
x-nc
HIT sin 1
last-modified
Sat, 17 Feb 2024 05:20:08 GMT
server
nginx
etag
"f5099a0475390fd1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/01/download-4.jpg>; rel="canonical"
expires
Mon, 16 Feb 2026 17:20:08 GMT
download-3.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/download-3.jpg?fit=225%2C225&ssl=1&resize=200%2C200
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
710161247c7fe2a475786833a297d32cb73d3dbdf0a15cac84e146096ee0d74b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
3864
x-nc
HIT sin 3
last-modified
Fri, 05 Jan 2024 23:42:40 GMT
server
nginx
etag
"ae32526c72a51778"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/01/download-3.jpg>; rel="canonical"
expires
Mon, 05 Jan 2026 11:42:40 GMT
Adewale-Adeniyi.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/10/Adewale-Adeniyi.jpg?fit=1200%2C800&ssl=1&resize=200%2C200
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
20b1f3b637373125414415c4ca633ca803a7ab6d9b1348cbe0d354a3f4b4dbff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
8296
x-nc
HIT sin 1
last-modified
Sat, 17 Feb 2024 05:20:09 GMT
server
nginx
etag
"6300f5b559f0dde6"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2023/10/Adewale-Adeniyi.jpg>; rel="canonical"
expires
Mon, 16 Feb 2026 17:20:09 GMT
Olamide-Summer-Body-artwork.webp
i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2024/01/Olamide-Summer-Body-artwork.webp?fit=320%2C350&ssl=1&resize=200%2C200
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
58e0a8743fff9dc7c7fd065678fe9a2c3b5bc1c47e050d904aa59561791fb042
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
43916
x-nc
HIT sin 1
last-modified
Fri, 05 Jan 2024 23:42:40 GMT
server
nginx
etag
"38f86d1e1f726fd5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2024/01/Olamide-Summer-Body-artwork.webp>; rel="canonical"
expires
Mon, 05 Jan 2026 11:42:40 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
59
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
87d384828a7b5fe4-SIN
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 04 May 2024 23:23:08 GMT
watch.1686349197559.js
burialsupple.com/
Redirect Chain
  • https://burialsupple.com/watch.1686349197559.js?key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&r...
  • https://burialsupple.com/watch.1686349197559.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%2...
3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://burialsupple.com/watch.1686349197559.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&pst=1714605849&refer=https%3A%2F%2Fwww.areatatafo.com%2F&res=14.4127&rmtc=t&shu=35c21b550492276a9de955e1133dbff83238de06c98958e31807ca7a67a4062e3358f33d7dd578b02cd943f7e7a36d783872579f698fc01b66d45ef6c5aaa47f8736bd047b2272a9b80ad471d2b1f0b883a2e26e6830a89a57e6a2a8a345b9208cae6d&tz=8&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
df1dcf907a649afbeb7641c293c70e050f447596b307132e1cdefc3a6ac9db03
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://www.areatatafo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Wed, 01 May 2024 23:23:09 GMT
Custom-Referer
https://www.areatatafo.com
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://www.areatatafo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
166bee08e0f38a66612ce48c0c4f7bae
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Wed, 01 May 2024 23:23:09 GMT
Custom-Referer
https://www.areatatafo.com
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://www.areatatafo.com
Location
https://burialsupple.com/watch.1686349197559.js?dev=r&key=0842c4c64616021fff3fa766a7ef0c64&kw=%5B%22area%22%2C%22tatafo%22%2C%22entertainment%22%2C%22straight%22%2C%22out%22%2C%22of%22%2C%22warri%22%5D&pst=1714605849&refer=https%3A%2F%2Fwww.areatatafo.com%2F&res=14.4127&rmtc=t&shu=35c21b550492276a9de955e1133dbff83238de06c98958e31807ca7a67a4062e3358f33d7dd578b02cd943f7e7a36d783872579f698fc01b66d45ef6c5aaa47f8736bd047b2272a9b80ad471d2b1f0b883a2e26e6830a89a57e6a2a8a345b9208cae6d&tz=8&uuid=7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
64ff47d9553abb8e3d36193b1f5873aa
Expires
Thu, 01 Jan 1970 00:00:01 GMT
wp-emoji-release.min.js
www.areatatafo.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91956
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Apr 2024 20:33:34 GMT
server
cloudflare
etag
W/"4926-660dbd1e-0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FikBnEuJXIeNlz9TfqlHDQwQj1AKY6qAgf9Ph5L1EHpuBy7butvkg5rStekr3OaHdqK5oLhrgrhpdLKQgD5Ilz1raJ1JfJA9IhYO66JWDZmnXYDitMFI20XltFaJiqi3JvHgPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
87d38482992d9c41-SIN
expires
Wed, 30 Apr 2025 21:50:31 GMT
web
onesignal.com/api/v1/sync/568ceccd-15a0-42cb-9a36-2c086b4e77a5/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/568ceccd-15a0-42cb-9a36-2c086b4e77a5/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b7bae55fccbc6d8b8930e140cf2c169a8b35206c2aa01a8eef7f3a26c528f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2342
cf-polished
origSize=3412
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
4a18e221-8d53-4a60-8427-9f4fb6f10b25
x-runtime
0.036167
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"de085d264850c748de3ca7fac8afdbbb"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
87d38484cba75fe4-SIN
access-control-allow-headers
SDK-Version
expires
Thu, 02 May 2024 00:23:08 GMT
advertisers.js
capaciousdrewreligion.com/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capaciousdrewreligion.com/advertisers.js
Requested by
Host: pl22385983.toprevenuegate.com
URL: https://pl22385983.toprevenuegate.com/0c/23/41/0c234197fd6104ba7080b031ecfcded4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 01 May 2024 23:23:09 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
c3a89159e57f5c8dc25be22818150ebb
Expires
Thu, 01 Jan 1970 00:00:01 GMT
6792561
loajawun.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://loajawun.com/500/6792561?excludes=&oaid=08004f2098a9444efed317e0b2a2919e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.areatatafo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.areatatafo.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 01 May 2024 23:23:09 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
6074685
goomaphy.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://goomaphy.com/500/6074685?excludes=&oaid=08004f2098a9444efed317e0b2a2919e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.areatatafo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.areatatafo.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 01 May 2024 23:23:09 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: loajawun.com
URL: https://loajawun.com/400/6792561
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 12:51:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3237
etag
W/"65c37cc1-4ac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dv5mYgI1tKI6iVBBb%2BcPx5AOOj8B8p3mG0NW3r0LMv0yWCcZ7ygT01%2F69EcefTnVdST6DZvq3h8Oc8%2FroJ4gmPW4eIPIV%2FQO2ggA98n9BhmYlUNjcKDv7Jm74lIQTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
87d38488bd62601c-SIN
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
6792561
loajawun.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://loajawun.com/500/6792561?excludes=&oaid=08004f2098a9444efed317e0b2a2919e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Requested by
Host: loajawun.com
URL: https://loajawun.com/400/6792561
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8058e49f5c0b78c04faa602309e01a7185574a325a5d5944e92c931e61eefb19
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
19cb622738a5c940d37683d1b3bc7ad5
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.areatatafo.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6074685
goomaphy.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://goomaphy.com/500/6074685?excludes=&oaid=08004f2098a9444efed317e0b2a2919e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Requested by
Host: goomaphy.com
URL: https://goomaphy.com/400/6074685
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ed5ef928971183a2eb513442a9382e0cc27c78ba8bc1cf0af10846638ca41fe7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
63eba3f61300a85b80bab2850df90d8f
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.areatatafo.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
saipsoan.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.areatatafo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.areatatafo.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 01 May 2024 23:23:09 GMT
server
nginx
custom
saipsoan.net/ 		39 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/custom
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
115913cb754f48f6b9ec5b52cf297e95
date
Wed, 01 May 2024 23:23:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.areatatafo.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
sw.js
www.areatatafo.com/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.areatatafo.com/sw.js
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e626cdd38da47b58d8f3337c8429a16da5108a0e310ab7c41b9db5be53ae52d5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 24 Jun 2023 23:20:31 GMT
server
cloudflare
etag
W/"1476-64977a3f-0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYQpcDR6ry7%2Bf9Py%2BArmaEFZICRCu8%2BDAGkHKNg3Sd6SnnoeN4TrhqBM0mIVnd6cvgjq30LNoWYate82hH5iKUwZMpMYb0t53qZAW7Oykj%2FfgxIIkfVhjxibHU4LD9ACjEM8WKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
87d384850a669c41-SIN
expires
Thu, 01 May 2025 23:23:09 GMT
1658920033.png
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/ Frame B501 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 03 May 2024 23:23:09 GMT
date
Wed, 01 May 2024 23:23:09 GMT
last-modified
Wed, 27 Jul 2022 11:07:21 GMT
server
nginx/1.17.6
etag
"62e11c69-233fb"
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
content-length
144379
x-proxy-cache
HIT
1706636717.jpg
cdn.cloudimagesb.com/bi/65/00/2f/65002f0c0fb1656d2399bdae5ab7535b/ Frame AA27 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudimagesb.com/bi/65/00/2f/65002f0c0fb1656d2399bdae5ab7535b/1706636717.jpg
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e9da52c9754f3ac8ec3fe50aba33dce00332ff76f61657ac1ba8f036dae1ede2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 03 May 2024 23:23:09 GMT
date
Wed, 01 May 2024 23:23:09 GMT
last-modified
Tue, 30 Jan 2024 17:45:26 GMT
server
nginx/1.21.6
etag
"65b935b6-1210f"
content-type
image/jpeg
cache-control
max-age=172800
accept-ranges
bytes
content-length
73999
x-proxy-cache
HIT
add
fleraprt.com/log/ 		12 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4ae5c7cc-4ac0-4204-8e0d-f988108dde73
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 01 May 2024 23:23:10 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.areatatafo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
custom
saipsoan.net/ 		39 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/custom
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
13c6dc219555f10451f718aaeae11c6e
date
Wed, 01 May 2024 23:23:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.areatatafo.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240430&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_fy2021.js?bust=31083289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
80b2a233c7a7d3a6b6147a97b5cf6745200ff38e7c6986f7aa333636877f309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12185
x-xss-protection
0
custom
saipsoan.net/ 		39 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://saipsoan.net/custom
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
57fd5f4a2a52353a7ed0ead6395694e5
date
Wed, 01 May 2024 23:23:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.areatatafo.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
39
6074566
gloaphoo.net/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gloaphoo.net/500/6074566?excludes=&oaid=08004f2098a9444efed317e0b2a2919e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Requested by
Host: gloaphoo.net
URL: https://gloaphoo.net/401/6074566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
12e65e7e25f2756e2667336cd9e785c8e1b24951bbfb9a8dfdceaed2920ae9a7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 May 2024 23:23:10 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
a380dce0a18925750226cb0792ef6eb4
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.areatatafo.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6074566
gloaphoo.net/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gloaphoo.net/500/6074566?excludes=&oaid=08004f2098a9444efed317e0b2a2919e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.areatatafo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.areatatafo.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 01 May 2024 23:23:10 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
cropped-Screenshot_2023-06-12-11-33-02-93_40deb401b9ffe8e1df2f1cc5ba480b12.jpg
i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/06/ 		660 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i0.wp.com/www.areatatafo.com/wp-content/uploads/2023/06/cropped-Screenshot_2023-06-12-11-33-02-93_40deb401b9ffe8e1df2f1cc5ba480b12.jpg?fit=32%2C32&ssl=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
ed4b022f136389408dc346b5b62289267dcc3ff12e39d48eeb7c56a5e76fb2da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:09 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
660
x-nc
MISS sin 3
last-modified
Sat, 17 Feb 2024 17:01:03 GMT
server
nginx
etag
"a858ff9092373320"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.areatatafo.com/wp-content/uploads/2023/06/cropped-Screenshot_2023-06-12-11-33-02-93_40deb401b9ffe8e1df2f1cc5ba480b12.jpg>; rel="canonical"
expires
Tue, 17 Feb 2026 05:01:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_fy2021.js?bust=31083289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 May 2024 23:23:10 GMT
8425d9f535b61e3f65d5fcb05809412b.png
offerimage.com/www/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/8425d9f535b61e3f65d5fcb05809412b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82de270858d8a5bc6a84df7c98d168f7dfe7afb86dd728ae5c2165c8f9b7b71b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:10 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 08:57:16 GMT
server
cloudflare
age
77959
etag
"65b7686c-3bfc"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87d3848cba839f98-SIN
content-length
15356
expires
Thu, 02 May 2024 01:43:51 GMT
pxf.gif
unseenreport.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unseenreport.com/pxf.gif?uuid=7662aac3-6e64-40e4-969d-90ab3580519f&eb=15697f8d9f30dacab34ef8555a24ed96&te=e14a953079af88fa48cddb1d38c47099&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&dev=r&res=14.4127&b_frame=0&pk=0c234197fd6104ba7080b031ecfcded4&bl=zh-SG&sr=1200x1600&sz=1200x1600&hjs=7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 01 May 2024 23:23:10 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
dc06c8051a33007f691e12f09051896f
Expires
Thu, 01 Jan 1970 00:00:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5CA0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://www.areatatafo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
441108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Apr 2024 20:51:22 GMT
expires
Sat, 26 Apr 2025 20:51:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 55FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f104.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6rblTCcxkorbNXis9CaDBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://www.areatatafo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6rblTCcxkorbNXis9CaDBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 01 May 2024 23:23:10 GMT
expires
Wed, 01 May 2024 23:23:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=27ceefdfe20041679959d681c8610b9c&zoneId=6792522&checkDuplicate=true&ymid=&var=&source=pusher
Requested by
Host: www.areatatafo.com
URL: https://www.areatatafo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f16e759b7e90a265ec75410d580cf814a99719026a5cdbd567c9795cb3b08da4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:11 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.areatatafo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6Q683VSSJL&gtm=45je44t0v9123540196za200&_p=1714605786554&gcd=13l3l3l3l1&npa=0&dma=0&cid=1209042326.1714605787&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1714605786&sct=1&seg=0&dl=https%3A%2F%2Fwww.areatatafo.com%2F&dt=Area%20Tatafo%20%7C%20Entertainment%20Straight%20Out%20Of%20Warri&en=scroll&epn.percent_scrolled=90&_et=14&tfd=9049
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6Q683VSSJL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 01 May 2024 23:23:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.areatatafo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JMDtgZxyPlGDr856yoikHX46BcKTfF70LyM1b7na43X_P5MTjx_OkmjAiwyYQ5j5PVDVCeTHoaZDBc6UdqsvokqyAR9AuqDmcd80DpIW-cB5XSGXfpwnpxoO23qFNMRGCOxcKgE6V1-LZCJEG665SKf26eBnFLYpFFqjhtHzJs7dqew08BXrpElgw_u5C3nUjs3K7...
gloaphoo.net/impression/ 		43 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloaphoo.net/impression/JMDtgZxyPlGDr856yoikHX46BcKTfF70LyM1b7na43X_P5MTjx_OkmjAiwyYQ5j5PVDVCeTHoaZDBc6UdqsvokqyAR9AuqDmcd80DpIW-cB5XSGXfpwnpxoO23qFNMRGCOxcKgE6V1-LZCJEG665SKf26eBnFLYpFFqjhtHzJs7dqew08BXrpElgw_u5C3nUjs3K7TbeufVfkdx6-y9GjDxHR6d_0l7SlREOfmLJ6H7fRmzAvR8F1hJ8WZeW5DOPRDNVnnEcdAfMF2i2CWLO6Apy1H2OEJ-OYiMLaoKft2XjXMWPCIe0V_v2iWV2nFD6-qOZHJZjIkJPb_AzAAiTbD49C3oujWTAuA1Eoq-10KEAevwbi1JXSs4Af7--yZ3p2itj2R20EtT-qzX6jiymZS95iJCvGDmESANUb5hSw3FTDAt3afrKyjfzYMxk8sMCHCP-bU1LsqRl8kQ-NgBmTzs_hm8m4Gw8RqwduvVz9B_OePwArD7fY1Ei3yraZZSVJnfiNL-LOxWhuIVISuBpxdcNUv3a-9QpmYXIPt0m83BsS2c47Nh4ftccXH2YhAheWa-lWtHPcYsp8RrsnuTlR-65l3Fx92jF_6N3MCD6T0XYzBuWjTJ6aO36XDl_LlFZGKCj52MaWTWdZ64baRd-GgEEV3GH1UYbUZlyuUnocv-QuJHc3gy3iKyVmcR687okCodIEzY9ZK3V9Cq1z9tJbqcjK2k5fjNyVkbMj_Y3k5CilTwpstSUryhn7G0uvNUiuFUK4Lf_7mDnJwK2RL7Oqgf8EtmKKCCVsq6e-Cz42u3zMuARWrXlbRGeiM37Be4RTqhqwwHn1rO27Tiwz-PqPCthAnVwaExN_6V2oA==?_z=6074566&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
43
x-trace-id
b5d2d33a47b7ff5099eef0344f4cd65f
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
CmpcldmooH1rMl8JbuJC1kvbZkA77rdeofJa030Ihjj7qEoMDyYu3FoCQ4r3y-_MJz8bAhnovIM_Ewd6f3xGW79GmAmRw7vqyatDCzzz1Kf-K0BhXvUVI4egZ4Aa9e6EbnbgFyUk2pQXithX5O_4wHmvN2tN1_5UMRX-qjBmjjSHBXIMOZUE6VA3rgvkUcgft-XYM...
goomaphy.com/impression/ 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goomaphy.com/impression/CmpcldmooH1rMl8JbuJC1kvbZkA77rdeofJa030Ihjj7qEoMDyYu3FoCQ4r3y-_MJz8bAhnovIM_Ewd6f3xGW79GmAmRw7vqyatDCzzz1Kf-K0BhXvUVI4egZ4Aa9e6EbnbgFyUk2pQXithX5O_4wHmvN2tN1_5UMRX-qjBmjjSHBXIMOZUE6VA3rgvkUcgft-XYMfOG_zjnoPHmx9EgCeEcuGGniJ2Qhi4pVOJY1ZnXVYlpP3eIv5-MKis6H2Yu4YomgTNJUnsO34vNNc0iEhZq-xdxFNIDo1b80CxgZ98daIZpnXUMM_479499aPihZYEAkjJo0dpzTLeEXhL-16EJvbWsQv_9EL0Vtye4UXYoZ4jaUH3DIvT1twrZoIvviPEQcKmJzV75CDRqlKbINO9nRLYmCC4MW_MdIWP-tm4S53qsC-JKvIfnSRX1B9je3JcVGg5YNqWcif9GL0enPNJC6t1h-A_QjTaVpwDxtaxFYBw86GAeIKOu6e-23DBf9h7EY2lauYld_Qb43xNiPEpDZqcygKbNg0FLobPBCbtvElDVd5d8E7KEwNZ7DsuhAq4fBEiNGdGUmyRkKaRvys7tAminOpXuORLwENmc3a8DWEZTUFxumT1aec1JC5OnZrclcO0UDkFszfqnFs6ZCbdn9KvPzAMDn5vTc0qVgSKZeikWHpF-ACCBeYeVffjTe6_bZ3vpUnKjwmSjAb0Mnha5YbVkRq_aBTmvVXsGdauLvMCGV9rhloqYg_0z271qGbGUXWl0dIxaDTFNZLgE8dYqjBbrBvHaASNBTGjehrdY3HMRTSCpl4J4ajTMrbsVp43CKP5ZRLhUZtQfTmTznOKcSJAd7CBJWN9EmA==?_z=6074685&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=70&wy=70&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=9&pl=https%3A%2F%2Fwww.areatatafo.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=480&btz=Asia%2FSingapore&bto=-480&os=win32&os_version=10.0.0&browser_version=124.0.6367.78&js_build=8&sw_version=v1.337.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.areatatafo.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
43
x-trace-id
6d7d16d872fc4a0345e0309337898cea
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ Frame F046 		11 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Requested by
Host: goomaphy.com
URL: https://goomaphy.com/400/6074685
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 May 2024 23:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 May 2024 22:27:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 May 2024 23:23:13 GMT
8425d9f535b61e3f65d5fcb05809412b.png
offerimage.com/www/images/ Frame F046 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/8425d9f535b61e3f65d5fcb05809412b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82de270858d8a5bc6a84df7c98d168f7dfe7afb86dd728ae5c2165c8f9b7b71b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:10 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 08:57:16 GMT
server
cloudflare
age
77959
etag
"65b7686c-3bfc"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87d3848cba839f98-SIN
content-length
15356
expires
Thu, 02 May 2024 01:43:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F046 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.areatatafo.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 10:01:04 GMT
x-content-type-options
nosniff
age
48129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 May 2025 10:01:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F046 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.areatatafo.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 10:13:49 GMT
x-content-type-options
nosniff
age
47364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 May 2025 10:13:49 GMT
css2
fonts.googleapis.com/ Frame 1CB3 		11 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Requested by
Host: gloaphoo.net
URL: https://gloaphoo.net/401/6074566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 May 2024 23:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 May 2024 22:27:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 May 2024 23:23:13 GMT
8425d9f535b61e3f65d5fcb05809412b.png
offerimage.com/www/images/ Frame 1CB3 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/8425d9f535b61e3f65d5fcb05809412b.png
Requested by
Host: gloaphoo.net
URL: https://gloaphoo.net/401/6074566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82de270858d8a5bc6a84df7c98d168f7dfe7afb86dd728ae5c2165c8f9b7b71b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 01 May 2024 23:23:10 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 08:57:16 GMT
server
cloudflare
age
77959
etag
"65b7686c-3bfc"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87d3848cba839f98-SIN
content-length
15356
expires
Thu, 02 May 2024 01:43:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1CB3 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

date
Wed, 01 May 2024 10:13:49 GMT
x-content-type-options
nosniff
age
47364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 May 2025 10:13:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1CB3 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer

Response headers

date
Wed, 01 May 2024 10:01:04 GMT
x-content-type-options
nosniff
age
48129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 May 2025 10:01:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240430&jk=2184168005644271&bg=!kpGlkd7NAAY3z2SHF887ADQBe5WfOPicptCMTIgU1ihXh-3NGYv6g9KtcWWBZM-RAPoIIWwRFtn-3t9VtDdLOwmKtV21AgAAAExSAAAABGgBB34ANY1SJiXeQEgrnGZ5O4aKzx45eEOyzu1oPfHFhK5sOpK-qdGFp21pDzMhizYbSjqz_-GMDHdImQKsEqg6EkqMsiGq23P0N7JP4om3H_PSV4RfEwqrdzJ8ODVnHA5ELNF1AqcN_yz4fgNsg7zyomNQvnbrc1bOCv9axgRQ_9bWSWhSRp7Gk6zAzdDVterhL2sj9700bskpkctu2LeB4YFw4aEGUza1KyGPIxEmj5MjxwjumLGn8EPo51SckjUwQChc00An563g_xK8tdutgDVGpYOa4cqhNp05hGuCLnuvov0Ebyj_X2b09tUWMsobTsMv6PCVeOIhzUNv3Dvg9w3cCgyC-QXGwLTsFDgh_EdjBSGufDeNXGEkUB-SUB4UitKh7a8C1lyFalelmBeH73CMgqwtdyC4S6CtJY1LW_ME-dJsNZ3GtHZtlwBTgNufMV0PQ6ZMukpaqAyDkq4v7wLfbajz0_W4aRICsWA6g9CVWV4BtHBlhaHTlIkNQHLk0uTfs7aMv8fLVtKbEuVu1Y4EE0sgXXRU6_Ep_9OIELyp8IEaCZIYHWcYejO_vH8CSAILdIBTAuey5cClg81ohrY_qLiQI5Uyog5ok9Bi84j02HWPuoLRyQTlF_kymBsm2yB65Rdo8B6M87F5epBhJjOwjpG00jyWdgVkjj621HVLt5Orn2kNpcQL7IV3KID1asfJAtoG_GoenJuWV8gz-ZQsGDWui-36KeARATOl1ZtE6Pg-txKTt_G1HyPZhKJvRsWLrLibQyof04lW1w7BEnvyQ7PgQTovmsvSyI17Y17qy19n8V0847_FtP3junhEGmhXjqP1fQD8UvITOEv2vDR1ddPRE3rjo3yPf6-b2Thpw4CMc2MxCr04RT8wjdpHHCtCIzet6GU7zbR5_5GRDQL5FBp32KB-WiszME2oaoGulKaecZoIrSEDzVTFScNndC3OK1KghKjtyafDrX6Q3KpgQE0drzU_

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| a0F function| a0X object| LieDetector object| AaDetector object| mm object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr function| documentInitOneSignal function| OneSignal function| gtag object| dataLayer string| k object| _psno9iy97 object| 9tukvesz3k object| zfgformats function| setImmediate function| clearImmediate function| _okatv function| _ljzasrw object| _bckl90i6uav function| _phweauz function| _xlqfyqkv object| _2y2i7j3go9e function| _resmlqy function| _xwfuvpi object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _0x50b2 function| _0x35b8 object| zfgstorage object| syncCallbacks object| webpushlogs function| _0x1e60 function| _0x3c53 object| atAsyncContainers function| st_go function| linktracker_init object| wpcom object| _stq function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| twemoji object| wp number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 boolean| __lwkemfd9q__ object| sdk boolean| installOnFly object| __ds3dcV__ boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| GoogleGcLKhOms number| __qwe33wweq__ object| _shownFakepushFormats function| arrive function| unbindArrive function| leave function| unbindLeave

19 Cookies

Domain/Path Name / Value
proftrafficcounter.com/ Name: uid_id2
Value: 7662aac3-6e64-40e4-969d-90ab3580519f:3:1
www.areatatafo.com/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 7662aac3-6e64-40e4-969d-90ab3580519f%3A3%3A1
.areatatafo.com/ Name: _ga
Value: GA1.1.1209042326.1714605787
.areatatafo.com/ Name: _ga_6Q683VSSJL
Value: GS1.1.1714605786.1.0.1714605786.0.0.0
www.areatatafo.com/ Name: pp_main_0c234197fd6104ba7080b031ecfcded4
Value: 1
.onesignal.com/ Name: __cf_bm
Value: 6tZM1wQSB9vjZOEqbBIaw824BEMOYdXgNPOUMwIVmEs-1714605787-1.0.1.1-OlpN9P_UMwOK8ComZkQ46DiQaDKrgd9Be9W_ELw57D_1ImuM.lpQ0DAoI.0HVk468oP5bV2XW1Dmmoq4bGbHCQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
my.rtmark.net/ Name: ID
Value: 08004f2098a9444efed317e0b2a2919e
burialsupple.com/ Name: u_pl
Value: 21399498
burialsupple.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTM5OTQ5OCwiayI6IjA4NDJjNGM2NDYxNjAyMWZmZjNmYTc2NmE3ZWYwYzY0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjQyMjgzLCJwaWQiOjk2NTA2NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ0dHQwYTdzMWgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjM5MTY2Mzg4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMyNTM1LCJibiI6IkNocm9tZSIsImJ2IjoiMTI0Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTkxLCJjIjoiU0ciLCJuIjoiU2luZ2Fwb3JlIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiU3Rhckh1YiJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmFyZWF0YXRhZm8uY29tLyIsImFyIjpbXX19.kamUhr5StmtsIO2UPJr-SJNKE1XXLVQqez7a_oIRhK8
burialsupple.com/ Name: uid_id2
Value: 7662aac3-6e64-40e4-969d-90ab3580519f:3:1
burialsupple.com/ Name: iprc96a85942b96359261243c642d9edd979
Value: 3569806
burialsupple.com/ Name: pdhtkv
Value: true
burialsupple.com/ Name: uncs
Value: 1
burialsupple.com/ Name: pdhtkv5
Value: true
burialsupple.com/ Name: uncs5
Value: 1
goomaphy.com/ Name: OAID
Value: 08004f2098a9444efed317e0b2a2919e
loajawun.com/ Name: OAID
Value: 08004f2098a9444efed317e0b2a2919e
gloaphoo.net/ Name: OAID
Value: 08004f2098a9444efed317e0b2a2919e

42 Console Messages

Source Level URL
Text
other warning URL: https://www.areatatafo.com/(Line 187)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://www.areatatafo.com/(Line 227)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/0842c4c64616021fff3fa766a7ef0c64/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.areatatafo.com/(Line 227)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/0842c4c64616021fff3fa766a7ef0c64/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://www.areatatafo.com/(Line 1072)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/0842c4c64616021fff3fa766a7ef0c64/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.areatatafo.com/(Line 1072)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/0842c4c64616021fff3fa766a7ef0c64/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.areatatafo.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

burialsupple.com
c0.wp.com
capaciousdrewreligion.com
cdn.cloudimagesb.com
cdn.onesignal.com
downstairsnegotiatebarren.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
gloaphoo.net
googleads.g.doubleclick.net
goomaphy.com
i0.wp.com
loajawun.com
my.rtmark.net
offerimage.com
onesignal.com
pagead2.googlesyndication.com
pixel.wp.com
pl22385983.toprevenuegate.com
proftrafficcounter.com
saipsoan.net
shawljeans.com
stats.wp.com
tpc.googlesyndication.com
tzegilo.com
unseenreport.com
www.areatatafo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.topcreativeformat.com
pagead2.googlesyndication.com
104.16.160.145
139.45.195.254
139.45.195.8
139.45.197.238
139.45.197.239
139.45.197.250
142.251.10.97
142.251.12.132
172.217.194.95
172.240.108.76
172.240.253.132
172.253.118.155
172.253.118.157
172.67.180.87
172.67.193.52
172.67.208.31
172.67.22.216
192.0.76.3
192.0.77.2
192.0.77.37
192.243.59.13
192.243.59.20
192.243.61.225
192.243.61.227
216.239.36.178
45.133.44.9
52.74.85.120
74.125.130.94
74.125.68.104
071d0ba0162302de6ec9256e14bf52b485fcb4210a82eb7f218a6073c6c4833d
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c
0bcccb05e321263e89dfaf52ce0c13ba4586583c6ca18106d50b1b0fdf858b9c
12e65e7e25f2756e2667336cd9e785c8e1b24951bbfb9a8dfdceaed2920ae9a7
13666ae869f5206fda6d458bb69181ab64f9ca313bf4ad40732ef9a91dd30e37
20b1f3b637373125414415c4ca633ca803a7ab6d9b1348cbe0d354a3f4b4dbff
255bac7f629da6bf5d9128b0943ddb1f7b7c972ea1c4383060e29cc42aafeee5
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
29935b03529540a7523b77ca5ec986428ad901ee92f3ab7cb6e581b31a3593e9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6de88ce54fc05547bf8ebe0eb1a194b723c0fd5795f73361a8a2493256ce45
2dfb7a6b420fbf84c1ddbeec636018e78a4e3156909113257c3870e39b222df0
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ec23484fae47980001eed8805ef2fa389d25d6b9db0a5aaeb41ecb76c411905
2f543211f68ad15e00046152cfa52928c3aa1b58c98515d1198d237335069c74
302be81d33c386eb82e4da9ebdb326b78684eb37f8cc904d3c27b274ad651dd6
38b7bae55fccbc6d8b8930e140cf2c169a8b35206c2aa01a8eef7f3a26c528f0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
4737729add4c50b8195af6de2a30986c3f7d78d3703598ae82231e89f189919f
480b17214158c4517524a7c5054e2f1ffefdaba7dd385e08bb17015907ca139b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58e0a8743fff9dc7c7fd065678fe9a2c3b5bc1c47e050d904aa59561791fb042
598b290a9f70f3108ea5f9251937febb1087914791ab860845d58775f32774d5
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5df3135ccaacb0d55ba4133c9f2d23a436b11ccc51a10f6d8cee908df6373018
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00
675d38503b94e433c26867123fc873dfb19ae280812f54ea175b799e54ace614
6be755af024193288462dbefee1d1c4f60a253639df19ae10072d64f28676931
710161247c7fe2a475786833a297d32cb73d3dbdf0a15cac84e146096ee0d74b
7211ebde0d307bb03de9900dfbfd0c2be6333e1f71dd7c220f576d543db1d418
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8058e49f5c0b78c04faa602309e01a7185574a325a5d5944e92c931e61eefb19
80b2a233c7a7d3a6b6147a97b5cf6745200ff38e7c6986f7aa333636877f309e
828b90110cbd44b4a5d540d8e3f07d987caa169ba312f1d336d0185b89416277
82de270858d8a5bc6a84df7c98d168f7dfe7afb86dd728ae5c2165c8f9b7b71b
859bbc3840ddbfac2cbabd04217077fcab6f31a0e24a9f7ff1a2ee6246ba5319
8c3ba46e52654b548eb306952818f95c2ebd4d26aa82b229fb01a0eaa2bfa009
8d6a428738ea5bc7dd75186d0c57d62aebdac6f6b8983316c794b6c9eb664990
909e54592905c0ec957aa07b781615ee2435c1ff6feb669f89206cb8ba7ed76a
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9aebeb0065184111b3aa97bd1b5258da2435e591533ca72236dd12ec854a8282
a3868dfc8c5a28ec5a469a748c3f16f47bcb28e4bef90c70b3e7f769d9c74be3
aa0376e2a0874c96886770a2fa5ea0c2b0aa0ae031f5c351f228daaa8967eda5
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb746a8d7199bf51f4a0959d4583806cd3400425d1cd99df5986b08ebf829bd5
c33829d4081d36ebd94b6efb8a5c60d40ea2a19a066c3ba433717dabd7be1fbe
c37b3fd10df9eef77d6f77032da30ab28496fc676c451ca5658366d6128e9f03
c459cc2cfbbbf04dbdd9e4a8d865712f0561939fda0ccb591f0490b4c5fd9283
c81dcfce1c773bfde459a4099a46c8d2a664453c74dc0cdf5ef82aff0d42bd0a
c9c64479ee79238740b54e9a44bf7bfbfbdf960a8016e41b4f66277cb37c9d58
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf3edd234fb57ffb057d5b6b1fdec4e399c7b5510ceb17ef922915f27501803e
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
df1dcf907a649afbeb7641c293c70e050f447596b307132e1cdefc3a6ac9db03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e626cdd38da47b58d8f3337c8429a16da5108a0e310ab7c41b9db5be53ae52d5
e9da52c9754f3ac8ec3fe50aba33dce00332ff76f61657ac1ba8f036dae1ede2
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ebe756c388d280814dba58c3dbebc3ef1e5d4229b06a579ef8d7a29cd44370a2
ed4b022f136389408dc346b5b62289267dcc3ff12e39d48eeb7c56a5e76fb2da
ed5ef928971183a2eb513442a9382e0cc27c78ba8bc1cf0af10846638ca41fe7
f16e759b7e90a265ec75410d580cf814a99719026a5cdbd567c9795cb3b08da4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9050952aacd887d9f39fd0a06e916282e3e46f3143f2d4f0c6d53299341d443
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ffa80b3ad4fd492dc7797cbf8b6a643201efa000c39adfd9f54df2365dde12c6