URL: https://medz.forumituct.com/
Submission: On January 02 via api from US — Scanned from US

Summary

This website contacted 91 IPs in 6 countries across 112 domains to perform 1152 HTTP transactions. The main IP is 104.21.49.157, located in and belongs to CLOUDFLARENET, US. The main domain is medz.forumituct.com.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.
This is the only time medz.forumituct.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 42 104.21.49.157 13335 (CLOUDFLAR...)
34 142.250.176.202 15169 (GOOGLE)
24 142.250.64.97 15169 (GOOGLE)
30 172.67.129.70 13335 (CLOUDFLAR...)
16 172.67.136.7 13335 (CLOUDFLAR...)
30 104.20.80.99 13335 (CLOUDFLAR...)
38 142.251.40.131 15169 (GOOGLE)
2 28 104.21.83.228 13335 (CLOUDFLAR...)
28 158.69.254.144 16276 (OVH)
38 141.101.120.10 13335 (CLOUDFLAR...)
48 18.238.55.22 16509 (AMAZON-02)
47 18.118.251.87 16509 (AMAZON-02)
3 172.64.153.173 13335 (CLOUDFLAR...)
2 104.21.14.49 13335 (CLOUDFLAR...)
10 108.138.128.34 16509 (AMAZON-02)
18 104.26.13.60 13335 (CLOUDFLAR...)
8 11 141.94.170.64 16276 (OVH)
7 8 50.16.197.56 14618 (AMAZON-AES)
7 25 35.169.211.189 14618 (AMAZON-AES)
4 5 185.167.164.39 198622 (ADFORM)
6 12 23.216.137.114 16625 (AKAMAI-AS)
10 10 34.200.65.202 14618 (AMAZON-AES)
12 18.173.132.61 16509 (AMAZON-02)
9 67.202.105.34 32748 (STEADFAST)
112 23.196.3.185 20940 (AKAMAI-ASN1)
13 26 34.197.192.192 14618 (AMAZON-AES)
14 18 142.250.65.194 15169 (GOOGLE)
1 19 13.107.42.14 8068 (MICROSOFT...)
2 2 67.202.105.23 32748 (STEADFAST)
2 156.146.36.24 60068 (CDN77 ^_^)
2 3 54.88.205.204 14618 (AMAZON-AES)
14 15 68.67.160.186 29990 (ASN-APPNEX)
18 19 3.33.220.150 16509 (AMAZON-02)
22 22 108.138.106.5 16509 (AMAZON-02)
12 12 199.38.167.130 54312 (ROCKETFUEL)
42 64 3.90.211.105 14618 (AMAZON-AES)
2 13 107.178.254.65 15169 (GOOGLE)
7 8 34.111.113.62 396982 (GOOGLE-CL...)
2 2 34.206.6.177 14618 (AMAZON-AES)
2 34.193.243.45 14618 (AMAZON-AES)
1 1 67.202.105.22 32748 (STEADFAST)
2 2 67.202.105.24 32748 (STEADFAST)
1 104.18.35.167 13335 (CLOUDFLAR...)
20 34 35.244.154.8 396982 (GOOGLE-CL...)
4 6 13.225.214.50 16509 (AMAZON-02)
1 2 13.225.63.20 16509 (AMAZON-02)
2 34.171.47.125 396982 (GOOGLE-CL...)
1 104.18.36.18 13335 (CLOUDFLAR...)
1 7 34.98.64.218 396982 (GOOGLE-CL...)
15 108.139.29.87 16509 (AMAZON-02)
4 3.130.26.161 16509 (AMAZON-02)
1 3 34.117.77.79 396982 (GOOGLE-CL...)
3 14 52.72.21.140 14618 (AMAZON-AES)
1 23.7.64.229 16625 (AKAMAI-AS)
36 192.0.72.19 2635 (AUTOMATTIC)
4 142.250.65.193 15169 (GOOGLE)
122 104.21.5.167 13335 (CLOUDFLAR...)
2 34 172.67.185.11 13335 (CLOUDFLAR...)
2 30 104.21.3.233 13335 (CLOUDFLAR...)
4 20 63.251.86.51 32475 (SINGLEHOP...)
8 142.251.40.170 15169 (GOOGLE)
3 6 172.67.40.173 13335 (CLOUDFLAR...)
15 107.21.239.57 14618 (AMAZON-AES)
15 13.226.34.120 16509 (AMAZON-02)
5 5 151.101.130.49 54113 (FASTLY)
2 104.21.62.111 13335 (CLOUDFLAR...)
2 104.21.234.231 13335 (CLOUDFLAR...)
3 3 50.116.194.23 6336 (TURN-US-ASN)
1 5 52.46.155.104 16509 (AMAZON-02)
4 7 44.234.228.147 16509 (AMAZON-02)
1 18.238.55.16 16509 (AMAZON-02)
2 2 104.18.21.134 13335 (CLOUDFLAR...)
2 2 74.119.119.139 19750 (AS-CRITEO)
4 4 52.73.244.49 14618 (AMAZON-AES)
7 7 52.86.139.62 14618 (AMAZON-AES)
15 15 34.171.234.26 396982 (GOOGLE-CL...)
32 63.251.86.49 10913 (INTERNAP-BLK)
1 74.119.119.150 19750 (AS-CRITEO)
1 3.223.167.169 14618 (AMAZON-AES)
2 3 15.235.42.103 16276 (OVH)
15 29 18.214.231.102 14618 (AMAZON-AES)
2 72.44.44.12 14618 (AMAZON-AES)
6 178.128.53.131 14061 (DIGITALOC...)
8 10 35.211.178.172 19527 (GOOGLE-2)
2 2 54.156.159.24 14618 (AMAZON-AES)
2 2 23.22.70.171 14618 (AMAZON-AES)
1 74.121.140.211 30419 (MEDIAMATH...)
2 104.17.24.14 13335 (CLOUDFLAR...)
8 99.83.181.31 16509 (AMAZON-02)
2 2 50.31.142.127 23352 (SERVERCEN...)
12 12 207.198.113.87 13768 (COGECO-PEER1)
1 1 198.148.27.131 ()
2 2 185.184.8.90 ()
1 2 8.2.110.134 ()
1 1 54.236.155.124 ()
2 2 35.207.24.140 ()
4 4 69.194.240.13 ()
1 1 50.116.194.21 ()
1 1 213.19.162.90 ()
1 1 82.145.213.8 ()
1 1 192.184.68.215 ()
1 142.251.32.102 ()
1 2 69.173.151.100 ()
4 4 54.89.198.103 ()
1 1 51.222.105.60 ()
1 34.96.105.8 ()
2 23.51.57.13 ()
3 172.67.163.146 ()
2 104.36.115.113 ()
1 2 104.19.129.76 ()
1 40.71.11.141 ()
5 6 52.200.110.248 ()
4 4 13.225.214.96 ()
1 70.42.32.95 ()
1 108.138.106.126 ()
1 151.101.129.44 ()
1 1 34.232.56.123 ()
2 2 35.210.53.219 ()
1 2 34.232.140.51 ()
1 1 18.232.255.36 ()
1 2 89.108.120.68 ()
1 2 107.178.240.89 ()
1 1 212.83.160.162 ()
1 2 51.158.29.13 ()
2 2 50.57.31.206 ()
2 2 18.210.253.180 ()
1152 91
Apex Domain
Subdomains
Transfer
163 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 20639
t.sharethis.com — Cisco Umbrella Rank: 7726
sync.sharethis.com — Cisco Umbrella Rank: 4415
395 KB
122 itupaito.com
net.itupaito.com
blog.itupaito.com
27 MB
83 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5297
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6989
data-beacons.s-onetag.com — Cisco Umbrella Rank: 9474
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5163
252 KB
65 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
42 KB
58 histats.com
s10.histats.com — Cisco Umbrella Rank: 8421
s4.histats.com — Cisco Umbrella Rank: 7990
173 KB
52 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
71 KB
49 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
97 KB
42 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
ajax.googleapis.com — Cisco Umbrella Rank: 708
331 KB
42 forumituct.com
medz.forumituct.com
net.forumituct.com
3 MB
38 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 9697
t.dtscout.com — Cisco Umbrella Rank: 8357
62 KB
38 gstatic.com
fonts.gstatic.com
950 KB
36 wordpress.com
sniperbom.files.wordpress.com
29 MB
34 comunityhk.com
net.comunityhk.com
pools.comunityhk.com
2 MB
34 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
rc.rlcdn.com — Cisco Umbrella Rank: 8002
2 KB
30 bolamerah.net
bolamerah.net
data.bolamerah.net
214 KB
30 aimistik.com
master.aimistik.com
10 MB
29 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
nlsn.thrtle.com
15 KB
28 aijos.info
master.aijos.info
194 KB
26 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
13 KB
24 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10066
44 MB
22 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
18 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
data.adsrvr.org — Cisco Umbrella Rank: 6961
7 KB
19 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
3 KB
18 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
4 KB
18 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 8870
7 KB
17 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 6388
um.simpli.fi — Cisco Umbrella Rank: 1428
7 KB
16 livedraw.pro
livedraw.pro
60 KB
15 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2042
15 securedvisit.com
track2.securedvisit.com — Cisco Umbrella Rank: 7102
3 KB
15 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
11 KB
13 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
2 KB
12 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
7 KB
12 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
14 KB
12 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 19456
ic.tynt.com — Cisco Umbrella Rank: 15905
de.tynt.com — Cisco Umbrella Rank: 2424
36 KB
11 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3785
4 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
4 KB
10 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
pr-bh.ybp.yahoo.com Failed
2 KB
10 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1624
tags.bluekai.com — Cisco Umbrella Rank: 1261
3 KB
10 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 40158
loadus.exelator.com — Cisco Umbrella Rank: 2319
load77.exelator.com — Cisco Umbrella Rank: 6128
loadm.exelator.com — Cisco Umbrella Rank: 3106
7 KB
8 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
d.agkn.com — Cisco Umbrella Rank: 1340
5 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
1 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
3 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
5 KB
7 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
1 KB
6 mediawallahscript.com
partner.mediawallahscript.com
4 KB
6 pphtbms.com
pphtbms.com
5 KB
6 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 4422
mwzeom.zeotap.com — Cisco Umbrella Rank: 4630
2 KB
6 33across.com
pixel.33across.com — Cisco Umbrella Rank: 5115
dp1.33across.com — Cisco Umbrella Rank: 10612
dp2.33across.com — Cisco Umbrella Rank: 26342
cdn-tc.33across.com — Cisco Umbrella Rank: 36737
3 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
1 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
3 KB
4 smadex.com
cm.smadex.com
2 KB
4 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
12 KB
4 clickagy.com
aorta.clickagy.com
3 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
2 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 2160
ad.turn.com
2 KB
4 blogspot.com
4.bp.blogspot.com — Cisco Umbrella Rank: 16814
10 KB
4 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 3030
beacon.krxd.net — Cisco Umbrella Rank: 1173
989 B
3 dtssrv.com
a.dtssrv.com
956 B
3 rubiconproject.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
token.rubiconproject.com
2 KB
3 1rx.io
sync.1rx.io
2 KB
3 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 6313
wt.rqtrk.eu
773 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
dis.criteo.com — Cisco Umbrella Rank: 943
1 KB
3 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2633
thrtl.redinuid.imrworldwide.com
1008 B
3 ml314.com
ml314.com — Cisco Umbrella Rank: 3210
607 B
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 15583
2 KB
2 semasio.net
uipus.semasio.net
1 KB
2 sddan.com
map.sddan.com
2 KB
2 pro-market.net
fei.pro-market.net
777 B
2 aidata.io
x01.aidata.io
942 B
2 crsspxl.com
tag.crsspxl.com
701 B
2 admedo.com
pool.admedo.com
634 B
2 mgid.com
cm.mgid.com
735 B
2 mfadsrvr.com
rtb.mfadsrvr.com
804 B
2 krushmedia.com
cs.krushmedia.com
988 B
2 creativecdn.com
creativecdn.com
917 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
60 KB
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 3268
865 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2030
569 B
2 reson8.com
idsync.reson8.com — Cisco Umbrella Rank: 6000
612 B
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 3039
1 KB
2 githack.com
gistcdn.githack.com — Cisco Umbrella Rank: 593298
9 KB
2 bolamerahhk.com
bolamerahhk.com
2 dtsedge.com
dtsedge.com — Cisco Umbrella Rank: 34611
729 B
1 cookieless-data.com
map.cookieless-data.com
666 B
1 postrelease.com
jadserve.postrelease.com
537 B
1 shareaholic.com
pixel.shareaholic.com
514 B
1 taboola.com
trc.taboola.com
405 B
1 userreport.com
audex.userreport.com
433 B
1 outbrain.com
sync.outbrain.com
287 B
1 cintnetworks.com
c.cintnetworks.com
543 B
1 blismedia.com
tr.blismedia.com
173 B
1 resetdigital.co
sync2.resetdigital.co
455 B
1 2mdn.net
s0.2mdn.net
489 B
1 quantserve.com
cms.quantserve.com
511 B
1 opera.com
t.adx.opera.com
518 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
460 B
1 sharethrough.com
match.sharethrough.com
246 B
1 contextweb.com
bh.contextweb.com
831 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
589 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 9143
16 KB
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 3888
577 B
0 adswizz.com Failed
synchroscript.deliveryengine.adswizz.com Failed
0 btrll.com Failed
geo-um.btrll.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 ib-ibi.com Failed
global.ib-ibi.com Failed
0 truoptik.com Failed
dmp.truoptik.com Failed
0 smartadserver.com Failed
sync.smartadserver.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
1152 112
Domain Requested by
112 t.sharethis.com pd.sharethis.com
t.sharethis.com
medz.forumituct.com
master.aimistik.com
master.aijos.info
net.itupaito.com
data.bolamerah.net
pools.comunityhk.com
106 net.itupaito.com master.aimistik.com
net.itupaito.com
data.bolamerah.net
64 i.liadm.com 42 redirects master.aijos.info
master.aimistik.com
pools.comunityhk.com
bcp.crwdcntrl.net
48 get.s-onetag.com e.dtscout.com
get.s-onetag.com
47 pd.sharethis.com e.dtscout.com
medz.forumituct.com
t.sharethis.com
master.aimistik.com
master.aijos.info
net.itupaito.com
data.bolamerah.net
pools.comunityhk.com
41 medz.forumituct.com medz.forumituct.com
master.aijos.info
38 fonts.gstatic.com fonts.googleapis.com
pools.comunityhk.com
36 sniperbom.files.wordpress.com master.aimistik.com
master.aijos.info
net.itupaito.com
data.bolamerah.net
34 fonts.googleapis.com medz.forumituct.com
master.aimistik.com
client
net.itupaito.com
data.bolamerah.net
pools.comunityhk.com
32 ce.lijit.com medz.forumituct.com
master.aimistik.com
master.aijos.info
pools.comunityhk.com
ap.lijit.com
ce.lijit.com
us-u.openx.net
30 s10.histats.com medz.forumituct.com
s10.histats.com
master.aimistik.com
master.aijos.info
net.itupaito.com
data.bolamerah.net
pools.comunityhk.com
30 master.aimistik.com medz.forumituct.com
master.aimistik.com
master.aijos.info
28 data.bolamerah.net master.aimistik.com
data.bolamerah.net
28 s4.histats.com s10.histats.com
28 master.aijos.info 2 redirects medz.forumituct.com
master.aijos.info
27 thrtle.com 15 redirects master.aijos.info
master.aimistik.com
data-beacons.s-onetag.com
pools.comunityhk.com
bcp.crwdcntrl.net
26 pools.comunityhk.com master.aimistik.com
pools.comunityhk.com
cdnjs.cloudflare.com
26 ps.eyeota.net 13 redirects medz.forumituct.com
data-beacons.s-onetag.com
master.aimistik.com
bcp.crwdcntrl.net
25 sync.crwdcntrl.net 7 redirects medz.forumituct.com
bcp.crwdcntrl.net
24 blogger.googleusercontent.com medz.forumituct.com
master.aimistik.com
master.aijos.info
22 live.rezync.com 22 redirects
20 ap.lijit.com 4 redirects medz.forumituct.com
master.aimistik.com
get.s-onetag.com
data-beacons.s-onetag.com
20 t.dtscout.com e.dtscout.com
19 idsync.rlcdn.com 5 redirects medz.forumituct.com
bcp.crwdcntrl.net
19 px.ads.linkedin.com 1 redirects medz.forumituct.com
master.aimistik.com
master.aijos.info
net.itupaito.com
data.bolamerah.net
pools.comunityhk.com
18 match.adsrvr.org 17 redirects master.aimistik.com
bcp.crwdcntrl.net
18 cm.g.doubleclick.net 14 redirects ce.lijit.com
us-u.openx.net
bcp.crwdcntrl.net
18 t.dtscdn.com e.dtscout.com
18 e.dtscout.com s4.histats.com
16 blog.itupaito.com net.itupaito.com
16 livedraw.pro medz.forumituct.com
livedraw.pro
master.aimistik.com
master.aijos.info
pools.comunityhk.com
15 um.simpli.fi 15 redirects
15 api.intentiq.com data-beacons.s-onetag.com
15 track2.securedvisit.com data-beacons.s-onetag.com
15 data-beacons.s-onetag.com get.s-onetag.com
15 rc.rlcdn.com 15 redirects
14 bcp.crwdcntrl.net 3 redirects tags.crwdcntrl.net
medz.forumituct.com
bcp.crwdcntrl.net
13 pippio.com 2 redirects medz.forumituct.com
12 pixel-sync.sitescout.com 12 redirects
12 p.rfihub.com 12 redirects
12 onetag-geo.s-onetag.com get.s-onetag.com
11 pixel.onaudience.com 8 redirects e.dtscout.com
medz.forumituct.com
bcp.crwdcntrl.net
10 x.bidswitch.net 8 redirects master.aimistik.com
net.itupaito.com
10 tags.crwdcntrl.net e.dtscout.com
cdn-tc.33across.com
tags.crwdcntrl.net
9 secure.adnxs.com 8 redirects medz.forumituct.com
8 connect-metrics-collector.s-onetag.com get.s-onetag.com
8 ajax.googleapis.com net.itupaito.com
data.bolamerah.net
pphtbms.com
8 net.comunityhk.com 2 redirects pools.comunityhk.com
cdnjs.cloudflare.com
8 pixel.tapad.com 7 redirects master.aimistik.com
8 de.tynt.com cdn.tynt.com
8 tags.bluekai.com 3 redirects medz.forumituct.com
de.tynt.com
tags.bkrtx.com
bcp.crwdcntrl.net
7 match.prod.bidr.io 7 redirects
7 dpm.demdex.net 4 redirects medz.forumituct.com
master.aimistik.com
bcp.crwdcntrl.net
7 us-u.openx.net 1 redirects medz.forumituct.com
ce.lijit.com
us-u.openx.net
bcp.crwdcntrl.net
6 partner.mediawallahscript.com 5 redirects bcp.crwdcntrl.net
6 pphtbms.com pools.comunityhk.com
pphtbms.com
ajax.googleapis.com
6 ib.adnxs.com 6 redirects
6 aa.agkn.com 4 redirects medz.forumituct.com
bcp.crwdcntrl.net
5 s.amazon-adsystem.com 1 redirects medz.forumituct.com
ce.lijit.com
us-u.openx.net
bcp.crwdcntrl.net
5 sync-tm.everesttech.net 5 redirects
5 loadus.exelator.com 4 redirects bcp.crwdcntrl.net
5 ups.analytics.yahoo.com 5 redirects
5 cms.analytics.yahoo.com 5 redirects
4 cm.smadex.com 4 redirects
4 aorta.clickagy.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 4.bp.blogspot.com master.aijos.info
data.bolamerah.net
4 sync.sharethis.com medz.forumituct.com
bcp.crwdcntrl.net
3 a.dtssrv.com e.dtscout.com
3 sync.1rx.io 3 redirects
3 d.turn.com 3 redirects
3 mwzeom.zeotap.com master.aijos.info
master.aimistik.com
bcp.crwdcntrl.net
3 spl.zeotap.com 3 redirects
3 ml314.com 1 redirects medz.forumituct.com
bcp.crwdcntrl.net
3 map.go.affec.tv 2 redirects medz.forumituct.com
3 c1.adform.net 3 redirects
3 cdn.tynt.com e.dtscout.com
2 nlsn.thrtle.com
2 thrtl.redinuid.imrworldwide.com 2 redirects
2 uipus.semasio.net 2 redirects
2 map.sddan.com 1 redirects bcp.crwdcntrl.net
2 fei.pro-market.net 1 redirects bcp.crwdcntrl.net
2 x01.aidata.io 1 redirects bcp.crwdcntrl.net
2 tag.crsspxl.com 1 redirects bcp.crwdcntrl.net
2 pool.admedo.com 2 redirects
2 cm.mgid.com 1 redirects bcp.crwdcntrl.net
2 image6.pubmatic.com ads.pubmatic.com
bcp.crwdcntrl.net
2 ads.pubmatic.com ce.lijit.com
2 rtb.mfadsrvr.com 2 redirects
2 cs.krushmedia.com 1 redirects ce.lijit.com
2 creativecdn.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 cdnjs.cloudflare.com pools.comunityhk.com
2 mid.rkdms.com 2 redirects
2 pm.w55c.net 2 redirects
2 rtb.adentifi.com master.aimistik.com
medz.forumituct.com
2 dmp.adform.net 1 redirects bcp.crwdcntrl.net
2 ws.rqtrk.eu 2 redirects
2 gum.criteo.com 2 redirects
2 idsync.reson8.com 2 redirects
2 x.dlx.addthis.com 1 redirects master.aimistik.com
2 gistcdn.githack.com data.bolamerah.net
2 bolamerahhk.com data.bolamerah.net
2 bolamerah.net 2 redirects
2 i.simpli.fi medz.forumituct.com
2 d.agkn.com 1 redirects medz.forumituct.com
2 dp2.33across.com 2 redirects
2 beacon.krxd.net medz.forumituct.com
bcp.crwdcntrl.net
2 usermatch.krxd.net 2 redirects
2 load77.exelator.com medz.forumituct.com
2 pixel.33across.com 2 redirects
2 stags.bluekai.com 2 redirects
2 loada.exelator.com 2 redirects
2 dtsedge.com e.dtscout.com
1 map.cookieless-data.com 1 redirects
1 jadserve.postrelease.com 1 redirects
1 token.rubiconproject.com bcp.crwdcntrl.net
1 pixel.shareaholic.com 1 redirects
1 trc.taboola.com bcp.crwdcntrl.net
1 audex.userreport.com bcp.crwdcntrl.net
1 sync.outbrain.com bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 wt.rqtrk.eu bcp.crwdcntrl.net
1 tr.blismedia.com ce.lijit.com
1 sync2.resetdigital.co 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 s0.2mdn.net ce.lijit.com
1 cms.quantserve.com 1 redirects
1 t.adx.opera.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 data.adsrvr.org 1 redirects
1 match.sharethrough.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.mathtag.com data.bolamerah.net
1 i6.liadm.com master.aijos.info
1 dis.criteo.com master.aijos.info
1 secure-gl.imrworldwide.com medz.forumituct.com
1 loadm.exelator.com 1 redirects
1 net.forumituct.com 1 redirects master.aijos.info
1 tags.bkrtx.com pd.sharethis.com
1 idpix.media6degrees.com medz.forumituct.com
1 cdn-tc.33across.com de.tynt.com
1 dp1.33across.com 1 redirects
1 ic.tynt.com medz.forumituct.com
0 synchroscript.deliveryengine.adswizz.com Failed bcp.crwdcntrl.net
0 geo-um.btrll.com Failed bcp.crwdcntrl.net
0 sync.search.spotxchange.com Failed bcp.crwdcntrl.net
0 ad.mrtnsvr.com Failed bcp.crwdcntrl.net
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
0 dmp.truoptik.com Failed bcp.crwdcntrl.net
0 sync.smartadserver.com Failed bcp.crwdcntrl.net
0 sync.ipredictive.com Failed bcp.crwdcntrl.net
0 pr-bh.ybp.yahoo.com Failed us-u.openx.net
1152 155
Subject Issuer Validity Valid
forumituct.com
GTS CA 1P5
2023-12-03 -
2024-03-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-01 -
2024-02-28
a year crt.sh
livedraw.pro
GTS CA 1P5
2023-11-09 -
2024-02-07
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
aijos.info
GTS CA 1P5
2023-11-20 -
2024-02-18
3 months crt.sh
histats.com
R3
2023-11-23 -
2024-02-21
3 months crt.sh
dtscout.com
GTS CA 1P5
2023-11-20 -
2024-02-18
3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03
2023-11-04 -
2024-12-01
a year crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-22 -
2024-06-19
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
dtsedge.com
GTS CA 1P5
2023-11-25 -
2024-02-23
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
dtscdn.com
GTS CA 1P5
2023-11-15 -
2024-02-13
3 months crt.sh
cert1-prod.aut.a24365.net
R3
2023-12-29 -
2024-03-28
3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-11 -
2024-12-11
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-21 -
2024-05-21
a year crt.sh
*.bkrtx.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-06 -
2024-12-05
a year crt.sh
*.files.wordpress.com
Sectigo ECC Domain Validation Secure Server CA
2023-12-05 -
2025-01-04
a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
itupaito.com
E1
2023-11-14 -
2024-02-12
3 months crt.sh
comunityhk.com
GTS CA 1P5
2023-12-17 -
2024-03-16
3 months crt.sh
bolamerah.net
GTS CA 1P5
2023-12-04 -
2024-03-03
3 months crt.sh
securedvisit.com
Amazon RSA 2048 M03
2023-08-16 -
2024-09-13
a year crt.sh
*.onaudience.com
Go Daddy Secure Certificate Authority - G2
2023-03-28 -
2024-04-28
a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02
2023-04-11 -
2024-05-08
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
bolamerahhk.com
GTS CA 1P5
2023-12-31 -
2024-03-30
3 months crt.sh
githack.com
GTS CA 1P5
2023-11-04 -
2024-02-02
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-11-03 -
2024-05-03
6 months crt.sh
eyeota.net
GoGetSSL RSA DV CA
2023-03-08 -
2024-04-07
a year crt.sh
pphtbms.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-17 -
2024-12-16
a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2
2023-03-22 -
2024-04-22
a year crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-08-31 -
2024-09-28
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-12-02 -
2024-03-01
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
dtssrv.com
GTS CA 1P5
2023-11-25 -
2024-02-23
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-01 -
2024-12-21
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.rqtrk.eu
RapidSSL TLS RSA CA G1
2023-06-01 -
2024-05-31
a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2024-10-26
a year crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-12-26 -
2024-06-26
6 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
*.userreport.com
Amazon RSA 2048 M02
2023-11-20 -
2024-12-17
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
event-horizon.gcp.bomm.in
GTS CA 1D4
2024-01-01 -
2024-03-31
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh

This page contains 143 frames:

Primary Page: https://medz.forumituct.com/
Frame ID: 5F70DD7BDA398E25E632E12864785C0E
Requests: 134 HTTP requests in this frame

Frame: https://master.aimistik.com/
Frame ID: 16689F5A12B99B1D9C9D7BAFD45A7DA3
Requests: 78 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: BC7A1947A87D23F8FC109645D63D0E66
Requests: 2 HTTP requests in this frame

Frame: https://master.aijos.info/
Frame ID: 9E9FD41262E8E93E08B0619E9A0437D6
Requests: 56 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Frame ID: 7738CA7F1B6B2258ADB414F1B2C15190
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Frame ID: FD87D9D63784D403DF671DAEE618290F
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Frame ID: 6759A277DED3073CD184B9FCC3B1F908
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Frame ID: 8A1B173D14DA1EA0B5A65F2DA6BCE85E
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212308334999429&ret=html&random=1704175803
Frame ID: 396F8C0DACF2E88F58098838501B4AEF
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: CCA39FDB74309B9FD1832BF716D032DD
Requests: 3 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: E1AE1466B2506011D221BAFFCFA0F6F7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 1B258C7FF913EEE072F84461D94D87FB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 823603F6774F1393CDDF8763D82DEB0C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 756A9CCB564C5574F8945033B5E1BB20
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 86EF037EF1175B32A91E7B27C3558F10
Requests: 7 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 8A815CF5D8621444803B38B59C8EAF33
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 66FB5C5149090873F038365F9BE93EDA
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 2215EEA6C9FF98302ED375E16B719146
Requests: 2 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 27F0690C9D49B4E2231571283881A5A3
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMR2MDtrcKRWpz7VPvgk_gA&google_cver=1
Frame ID: 36D657EE7F7A63EE7F25FE4988319BCD
Requests: 1 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: 680DEDA7218D1082A818F674C75C4122
Requests: 2 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-hk/
Frame ID: 5DF2878C15690CFB955E982C4CA520ED
Requests: 50 HTTP requests in this frame

Frame: https://pools.comunityhk.com/
Frame ID: 1DB1812EE612D23162E8116A825AA2FC
Requests: 39 HTTP requests in this frame

Frame: https://data.bolamerah.net/
Frame ID: 4F696CEDB0775766AFA3BC38285CE2DE
Requests: 45 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: F2278FC9561AE18D4F1AD0CFFC9C40D8
Requests: 2 HTTP requests in this frame

Frame: https://medz.forumituct.com/
Frame ID: 720F0C90052606BF67534395C01333D8
Requests: 61 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 19523E71832DA9C1C431311DF434C772
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: DCCD9652E5D7D920C5ADEB0B6BB53F21
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 2B5292E4D989A0C0D0CA12FF7BA64ED1
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 0DBFFF2FB0778B58BFF4276A314889E3
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 6BAA21FD17A834242996D146557CB52B
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: D0ABD95B1AFBAB2A2A76670C4E1F8A23
Requests: 2 HTTP requests in this frame

Frame: https://master.aimistik.com/
Frame ID: 330B4FEC0C1C14CD2D6F9453309B842B
Requests: 56 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: BF1B02DF3AD80C98C08EC7A527BA1635
Requests: 2 HTTP requests in this frame

Frame: https://master.aijos.info/
Frame ID: C5B6A41A66A80C6F22ECB1745DCBE9CD
Requests: 47 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: FE519EF9CA956CBB2F36DC1FF2FBAE01
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: C3719871F572227EC1E36A1E3E829213
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: D65BE26F6CFAA30E03B023D9BFA0BF4C
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: FEA8D425FFB8ABF35A921D93B886D482
Requests: 2 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: 7B3B41BA8E116718A65712FFF9680B14
Requests: 2 HTTP requests in this frame

Frame: https://net.forumituct.com/
Frame ID: F827A541656E1A6FD686013AC2E6DD38
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=29500
Frame ID: 3BA99CA40EC40633FE47F3EAB5047CA1
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34904
Frame ID: 7DBFDB8A51D141EE7967A65A5E2929C2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: E2AF45985403D1DEEF4399BACE82226A
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 5EA06DBC2AF687DB1763C23C9ADAE42E
Requests: 2 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: 7A47F1D3B509F0CA75F39A7F18804162
Requests: 2 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-hk/
Frame ID: 33149D62A3C33B56E0180070669278CD
Requests: 47 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sydney/embed/
Frame ID: 37A0820D895E772ADCF127CC960DC635
Requests: 8 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sgp/embed/
Frame ID: 4AF5415B3B686DD99C1607AB5081EC1B
Requests: 7 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-warna-hk/embed/
Frame ID: 5C5B71601C19DAC8B7F39CEE328F1F3C
Requests: 7 HTTP requests in this frame

Frame: https://pools.comunityhk.com/
Frame ID: 48A7E762C1EFEC6AB1B6CBDFAB6277AC
Requests: 39 HTTP requests in this frame

Frame: https://data.bolamerah.net/
Frame ID: FC9607C48EA1E32CB1D1B50CE47EBA5C
Requests: 43 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: E2A5205736012A18FDDA435DC069730D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 2AA5B2E5D8322E56386C11D2A7B97F36
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=18388
Frame ID: B7691C6E1DEA56426377E6A0C8772D10
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 929A9CF1B35C412FF567EDAC30526185
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: BE1A4FF1708BB5057F476B976FBFC805
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 37260C29ACECE7BF2F5D63DC9BF74201
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 9D2F81E228E0859C09F4675A450DEB3A
Requests: 2 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-hk/
Frame ID: 9B47104EB89ABFFF28250449DA914B8B
Requests: 47 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-hk/
Frame ID: 416F51BB5527F95C6834E1AAA92770A8
Requests: 47 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3B8EF178DD89B3F125DDE096B777EE8B
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 151311ED3B02C64295E9B994F92CDF16
Requests: 2 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sydney/embed/
Frame ID: 232C3598A0FE9FDE90BA52960A12F3F8
Requests: 7 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sgp/embed/
Frame ID: 8CD4038595D6D87BAF08CD7574F9D27F
Requests: 6 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-warna-hk/embed/
Frame ID: F1165C42CAE5A0230825A85D2D2444CE
Requests: 6 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 226DC8D6B3703036E17D4B5AD0EF43A4
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 11074FDF4E37E7A35AFCBDC81E598F5D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: F73D0594BF055D5F06D3935C41A0583C
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: AD6E96811F679CDCCC1BC8603F7E215C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 6729F6A1E86D28D8717A3C4B88EF8983
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: F4EA336EC090696274CB0FFC87730CC7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: A037EA667041132F3485126307BC0342
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3B105B18C93C12969C89F6ACC876C63E
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 1E41C266FA80F255D38B268C4EC4F362
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 6040992550C569C08A6EA07BE392A803
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: CF699F373D9051D59809DB4FAD1B5D4B
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: B9C4DB7747534D9F3B9230C069657FCB
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: E8C4B99B05970796CF508E522593D26F
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 74ED8E36F3DE2DCE212A6A20EC0A130B
Requests: 2 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sydney/embed/
Frame ID: 69FDE805F0ED846219D13B7897160FD4
Requests: 8 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sgp/embed/
Frame ID: 16F5F356C9D0BC18289F9F1AC8FCF192
Requests: 7 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-warna-hk/embed/
Frame ID: ECABD541E2E9BB8832462288EE6A0437
Requests: 7 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 33823BC1AA18B4B0B12587B65A548D57
Requests: 2 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sydney/embed/
Frame ID: 0881306ADB2B896DAD8A7D5A6EA15EC7
Requests: 8 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-harian-sgp/embed/
Frame ID: 075CE8EF7A7EF0C8CEF4AD8CCEAB9B92
Requests: 7 HTTP requests in this frame

Frame: https://net.itupaito.com/paito-warna-hk/embed/
Frame ID: 6DD2386C404B44925761731B69949339
Requests: 7 HTTP requests in this frame

Frame: https://pools.comunityhk.com//master/index_hk.php
Frame ID: BC11CF4BD8C1477B01AFE737640C9693
Requests: 25 HTTP requests in this frame

Frame: https://pphtbms.com/hklive/hk-live1new.php
Frame ID: 7626B279E3DED5B069412F25A01E464F
Requests: 4 HTTP requests in this frame

Frame: https://pools.comunityhk.com//master/index_hk.php
Frame ID: 25B66A60BAECAFB9ED32A9097E7A2F02
Requests: 24 HTTP requests in this frame

Frame: https://pphtbms.com/hklive/hk-live1new.php
Frame ID: 77A97E39D5849864BE3EACFA9FD2FA3D
Requests: 4 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: 9A2A5C6DD40DB7342C440C686419A9D4
Requests: 2 HTTP requests in this frame

Frame: https://livedraw.pro/master/result2.php
Frame ID: 3C756E7DAB64EBFED8AE553041DDCAA8
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=99437
Frame ID: 1191A139CAE9E04DD5488DE3514AA20B
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=90239
Frame ID: D92F3333BAB101AC09F3DB4A5FD93382
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=63619
Frame ID: 46A3F780E22F61088026114F393334FB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 9CA521A15648853579837AA97FAD4AF6
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=28143
Frame ID: D0050EFD65481B7A94F02A06067A9BA7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 48DF0626CDD872DAE0BF6C6663D9DF79
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 829C2A189B96D7A843C7AF6A1313A6E2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 0950A2093999F87C0C863D9979AF7682
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 4AEF97B2683CF080CBE7DB59EDDBF28C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 5DEA3544722695850419A33449CE407C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 19F5EA2A299BCB04EC5DC87AA60D7072
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 743D9C44A335824C80373831B858E893
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 0BB892B40B2FE1A4EF62A8D47AF675D1
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 93D4A1FC9ADA356DA286206E6AE0DB5A
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 30FB2019E6CDC6C91E320A8D2693C5E9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 341FA9FF158BC6C7EACF3D17C5F8B03E
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=85017
Frame ID: 8D05E698E587634236A401E12CC45050
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 0F178D6D1629068DC2FAE0E6EC19C5E4
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=30652
Frame ID: 3A640C0326F9522AE0D6A57D779B80C5
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=53936
Frame ID: 383F41A3C33BDE41BD7F312906968A25
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F95769F01BB6D750CC942A3D36CCCC17
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 55DFE4D101BA36662CA33C23B641305B
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=67039
Frame ID: 664411C66D65B1DE0DE6A9B98A682F04
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=28161
Frame ID: E08F41D25E988B875D231DAE44472E92
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 818DFFDED0A1DE5FF2B056669213C590
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49517
Frame ID: BA41BEC0592D6B2F51C151848E2C5F43
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 08E0115056520850D74F06A081376862
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 91CA168579771BA59B764397BE809054
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 2B10BCFCF343BFDE0FC1A3E8B558DBB0
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 08D5AF06CB42E2240200D44A0323AC69
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F9403F77F9DC8B7901B7932EF1A2AB54
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: C41A86756430B2838F412D7D937A6D0F
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 28CA81897A997A7B35F956D635575B27
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: FE1BA51960A980D96813FC1831D8C5B2
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B2FC647D9B461EB85877334C893F8A37
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=74484
Frame ID: 0C03E9B651478A30E2A7839A99C0BDEA
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=24888
Frame ID: EF001872B52A6E3C32D604BEB925D9E4
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 92AD032FC48B0776E326A23807385C8F
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: DD98A313A5A2C7A9DFD4400EB03DA908
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 234235FAE91B130F352165087478C30E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 3F3455A4B7EBEA1940665357F6EC0C41
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 8E41EB53D8EBBCBF343DA578192A08DD
Requests: 8 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 4E869FA21FB6BD94777BB64E44E4C0D4
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 1480B9AA1C30866F1D428F326734F352
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 18FD171F5664AD65AE6CCCEAF3822DEA
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 144B28712BA094DEC7FEEB889EFAD0BF
Requests: 25 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 0A8EAD70362ABC21E4340B1E0F64AF54
Requests: 24 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: AA7956A703757E14B83453BF676860F2
Requests: 14 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 4838E6A036FAB30EF6A8A62540986940
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 0C7AD9D8B7D9E4B6189738617AAE4EA8
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

FORUM ITUCT - PREDIKSI MEDZ

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

1152
Requests

83 %
HTTPS

0 %
IPv6

112
Domains

155
Subdomains

91
IPs

6
Countries

120424 kB
Transfer

126676 kB
Size

196
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e6ae93f6c3a7065662be751e88ee9146&gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c468d473b42b84af/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5964995709526982727&gdpr=1 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=1&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=a34b731c6d785dac HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
  • https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI HTTP 302
  • https://tags.bluekai.com/site/19505?id=y-AHwVHp5E2pLEuSeaoZenIo36A7PtK_4._nU-~A
Request Chain 71
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803817.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803817.1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjBoNWNwZWdNR291VVIyV0FMNzlXMHVmNFoweVVaUE8teWl1MHMwZGFOakE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjBoNWNwZWdNR291VVIyV0FMNzlXMHVmNFoweVVaUE8teWl1MHMwZGFOakE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHG_KoJEBW0KodhU2mnXiSg&google_cver=1
Request Chain 72
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&_rand=1704175803817.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&_rand=1704175803817.2&expected_cookie=7de83740-adc6-40d6-8a85-c66d7a1608a4
Request Chain 73
  • https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=wu%21&us_privacy=&random=1704175803817.3 HTTP 302
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404769201202&random=1704175803 HTTP 302
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404769201202&random=1704175803&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif?UID=1bca9c63e3a71451020f027d9d028bb6
Request Chain 74
  • https://map.go.affec.tv/map/3a/?pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&ts=1704175803817.4 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6593a8bcbc6e41000198709a%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6593a8bcbc6e41000198709a%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/9119299034427209259?ch=6593a8bcbc6e41000198709a&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/7556e1f3-fd5a-480d-94c1-abab6b180500?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 75
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175803817.5 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.1532826&cb=1704175804.153325 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.1532826 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175804.1532826 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.1532826&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&previous_uuid=4ca3c4fc5eaf4f519417fc3dc277eaba HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.1532826&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 76
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&random=1704175803817.6&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&random=1704175803817.6&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7556e1f3-fd5a-480d-94c1-abab6b180500&ttd_puid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 77
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&random=1704175803817.7&pu=https%3A%2F%2Fmedz.forumituct.com%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212404484791541&seg_code=33x&random=1704175804 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212404484791541%26seg_code%3D33x%26random%3D1704175804
Request Chain 78
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1704175803819.2 HTTP 302
  • https://tags.bluekai.com/site/27519?id=212308334999429&ret=html&random=1704175803
Request Chain 80
  • https://dp2.33across.com/ps/?pid=1205&rand=1704175803819.1 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212404632899042
Request Chain 81
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1704175803819.3 HTTP 302
  • https://d.agkn.com/pixel/6644/?che=1704175804550&sk=212750604749002769588
Request Chain 82
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175803819.4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ae3bee7b08415e9e8254303054da62ac2ce9386cb16c8757b780d7b6a8f7f4f1791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ae3bee7b08415e9e8254303054da62ac2ce9386cb16c8757b780d7b6a8f7f4f1791426b5417dce21&rand=03461554
Request Chain 85
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803838.2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmhVQ0tjeUExZnpyWl9kM1NYdFUtalZiZ2RzNEhSc2JqTmtjWEphYnVBQzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MmhVQ0tjeUExZnpyWl9kM1NYdFUtalZiZ2RzNEhSc2JqTmtjWEphYnVBQzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHYjZwEy-Ll81sLeWVXEjvo&google_cver=1
Request Chain 86
  • https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=wu%21&us_privacy=&random=1704175803838.3 HTTP 302
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404484791541&random=1704175804 HTTP 302
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404484791541&random=1704175804&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif?UID=329fedbeb8b5a7adac2f0569ca6dd42b
Request Chain 87
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175803838.4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.7706594&cb=1704175804.7707021 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.7706594 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175804.7706594 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.7706594&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&previous_uuid=b307986b2a0d44a5bf30802323e4b7ae HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7706594&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 88
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1704175803838.5 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adadvisor&ttd_tpi=1 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=7556e1f3-fd5a-480d-94c1-abab6b180500
Request Chain 89
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175803838.6 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Request Chain 91
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803849.2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=79363d6d-3dc6-42db-a1a9-d035557bb78e&bid=1e2n4ou
Request Chain 92
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175803849.3 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.7768414&cb=1704175804.7768862 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.7768414 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175804.7768414 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.7768414&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&previous_uuid=3ec292fb334142c6bfccdca7eb8806ed HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7768414&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 93
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175803849.4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECwGSBRvnDn1GIlCnRKUS1U&google_cver=1
Request Chain 94
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803849.5 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-FVBH4ElE2pUlc77iUzRjvVtCfrSq.P7SXFE-~A
Request Chain 95
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175803849.6 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.8841374&cb=1704175804.8841827 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175804.8841374 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175804.8841374 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.8841374&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&previous_uuid=e89cebb644144580ba860ce7e9f57c84 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.8841374&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 109
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=7556e1f3-fd5a-480d-94c1-abab6b180500&gdpr=0&gdpr_consent=
Request Chain 110
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkh3QUNXV1RxTHNBQUFBS1RRMEZBdz09EAAaDQi80c6sBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d3c1d72c5f8adba899b3163135dd018bee4dee37312352625833db9cc7f2df1e791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d3c1d72c5f8adba899b3163135dd018bee4dee37312352625833db9cc7f2df1e791426b5417dce21&rand=05802919
Request Chain 111
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2r2oF4vSQmq_fAjITv96X46J11wgn1UnmCh0lOeYv_Yg&gdpr=0&gdpr_consent=
Request Chain 112
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3641061050048577552 HTTP 307
  • https://ml314.com/csync.ashx?fp=c9c648afd212243966d580dab4133c6fc691ddfe59642fada4724afbc5c7046ff4cb09cee1a4f8eb&person_id=3641061050048577552&eid=50082
Request Chain 113
  • https://tags.bluekai.com/site/59574?id=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 131
  • https://master.aijos.info/url('https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27 HTTP 301
  • https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
Request Chain 161
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHwACWWTqLsAAAAKTQ0FAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=69040910 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZEZVei9Pd005OTlqRzhCaw%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=ZEZVei9Pd005OTlqRzhCaw%3D%3D&google_tc= HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMR2MDtrcKRWpz7VPvgk_gA&google_cver=1
Request Chain 170
  • https://net.comunityhk.com/ HTTP 301
  • https://pools.comunityhk.com/
Request Chain 171
  • https://bolamerah.net/ HTTP 301
  • https://data.bolamerah.net/
Request Chain 179
  • https://net.forumituct.com/ HTTP 301
  • https://medz.forumituct.com/
Request Chain 196
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 213
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 214
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 296
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=c468d473b42b84af HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a97fe08c-7565-4824-7c8d-9e7504e9bd0f&reqId=c455c9da-d4a2-4ab2-6f79-e91fb71bc950&zcluid=c468d473b42b84af&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a97fe08c-7565-4824-7c8d-9e7504e9bd0f&reqId=c455c9da-d4a2-4ab2-6f79-e91fb71bc950&zcluid=c468d473b42b84af&zdid=1332
Request Chain 297
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=c468d473b42b84af HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=cd059693-1df7-469e-5920-74b76534b3ec&zcluid=c468d473b42b84af&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=cd059693-1df7-469e-5920-74b76534b3ec&zcluid=c468d473b42b84af&zdid=1332
Request Chain 316
  • https://master.aijos.info/url('https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27 HTTP 301
  • https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
Request Chain 362
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175807980.1 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9119299034427209259
Request Chain 363
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175807980.2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dgdomg51 HTTP 302
  • https://ps.eyeota.net/match?uid=9119299034427209259&bid=2cr76e1&referrer_pid=gdomg51
Request Chain 364
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175807980.3 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.126166&cb=1704175808.1262171 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.126166 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175808.126166 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.126166&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 365
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175807980.4 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Request Chain 366
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175807980.5 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dgdomg51 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dgdomg51&_test=ZZOowAALd3uKdQBH HTTP 302
  • https://ps.eyeota.net/match?uid=ZZOowAALd3uKdQBH&bid=0rijhbu&referrer_pid=gdomg51&_test=ZZOowAALd3uKdQBH
Request Chain 367
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175807980.6 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.1264255&cb=1704175808.1264682 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.1264255 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175808.1264255 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.1264255&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 401
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=1077 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.648442&cb=1704175808.6485014 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.648442 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175808.648442 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.648442&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 402
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=96388 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4315834540528319297 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4315834540528319297 HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&rd=Y
Request Chain 432
  • https://net.comunityhk.com/ HTTP 301
  • https://pools.comunityhk.com/
Request Chain 433
  • https://bolamerah.net/ HTTP 301
  • https://data.bolamerah.net/
Request Chain 436
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175808609.1 HTTP 307
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=1aec285293aa4b7250c434a6992b656f57448a7484e0a87d6639f3c9ed33fbebc0cb235b3774c97e&cb=09575420
Request Chain 437
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175808609.2 HTTP 302
  • https://tags.bluekai.com/site/29539?limit=1&id=2r2NrXWH_Fbj73xdaU1fFBCAOJqZvL3s-MzigvBrbwjc HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
Request Chain 438
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175808609.3 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.7557075&cb=1704175808.7557528 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.7557075 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175808.7557075 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7557075&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 439
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175808609.4 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=56d72184bf145c5fd097c7dff750b8d89b5fa2efb5cedbbb5973b3c5e0e54fe0b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=56d72184bf145c5fd097c7dff750b8d89b5fa2efb5cedbbb5973b3c5e0e54fe0b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://idsync.rlcdn.com/362248.gif?partner_uid=62221526355076880713237290817115184386
Request Chain 440
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175808609.5 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Request Chain 441
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175808609.6 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.7573092&cb=1704175808.757372 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175808.7573092 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175808.7573092 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7573092&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 469
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809273.1 HTTP 307
  • https://cms.analytics.yahoo.com/cms?partner_id=LVRMP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58768/cms?partner_id=LVRMP HTTP 302
  • https://idsync.rlcdn.com/380008.gif?partner_uid=y-88wzz_dE2pw8gPPYbwr0UZpZVp.J4soCDbQ-~A
Request Chain 470
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175809273.2 HTTP 302
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=1791377155475426268&bid=omt9pi0
Request Chain 471
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175809273.3 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175809.4930162&cb=1704175809.493075 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175809.4930162 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175809.4930162 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4930162&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 472
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809273.4 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
  • https://idsync.rlcdn.com/379718.gif?partner_uid=QAte4YZk
Request Chain 473
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175809273.5 HTTP 302
  • https://idsync.rlcdn.com/423476.gif?partner_uid=2zpOqvYys2fgUdeHA0k0AJqglzetJRFLCB0-N9-CdUXw HTTP 307
  • https://loadm.exelator.com/load/?p=204&g=450&rluid=1826d3e0db4f08456b624f066e4ce6b23a17342f3d51c1575652a1ac06fa59d4f2fc7f7248dfd545&j=0 HTTP 302
  • https://idsync.rlcdn.com/362708.gif?partner_uid=329fedbeb8b5a7adac2f0569ca6dd42b HTTP 307
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008NdjqRXYvgep_wEHheNPXZKbzke2yuT7pMLdsvnhS4DQ
Request Chain 474
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%2F&us_privacy=&cache_buster=1704175809273.6 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175809.4939568&cb=1704175809.4940033 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26pid%3D500040%26it%3D1%26iv%3Dd6e6d72d-237d-4cb0-86aa-eafd2c02a13e%253A1704175804.1508296%26_%3D1704175809.4939568 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=1704175809.4939568 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4939568&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Request Chain 476
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.1 HTTP 307
  • https://tags.bluekai.com/site/2035?phint=rluid=090c922f13b34de3663815fe4aa4878ecf3ad644f842802a24ddfa5c7ab0047d2971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24BK_UUID_25515 HTTP 302
  • https://idsync.rlcdn.com/401696.gif?partner_uid=XJlz%2FOtn999U08Bk
Request Chain 477
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.2 HTTP 307
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ HTTP 302
  • https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=914C098408F29A75EC340A0515FF3321
Request Chain 478
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.3 HTTP 307
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=z2YEKjZGRndSGql7Q5DAQFFl0gzz93yh
Request Chain 479
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.4 HTTP 307
  • https://sync.srv.stackadapt.com/sync?nid=liveramp HTTP 302
  • https://idsync.rlcdn.com/403896.gif?partner_uid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=&gdpr_consent=
Request Chain 480
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.5 HTTP 307
  • https://sync-tm.everesttech.net/upi/pid/w8wqx7f2?redir=https%3A%2F%2Fidsync.rlcdn.com%2F367148.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZZOowAALd3uKdQBH
Request Chain 481
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.6 HTTP 307
  • https://match.prod.bidr.io/cookie-sync/liveramp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/liveramp?_bee_ppp=1 HTTP 303
  • https://idsync.rlcdn.com/403466.gif?_bee_ppp=1&partner_uid=AAA6J07LJ1IAABM4PAw9Bw
Request Chain 502
  • https://um.simpli.fi/lj_match?r=45910 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 503
  • https://um.simpli.fi/lj_match?r=22157 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 507
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=74262 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 557
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=76687 HTTP 303
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Request Chain 559
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=18639 HTTP 303
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Request Chain 665
  • https://um.simpli.fi/lj_match?r=89511 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 701
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H7CyjSZHio99Iu_wQ8e-eYFF/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=79da43ccf13077612bbc33c1eda67811
Request Chain 722
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=39793 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=79363d6d-3dc6-42db-a1a9-d035557bb78e HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Request Chain 731
  • https://ws.rqtrk.eu/pushpull?pid=6b6d3924-92d3-4998-bf20-3f75688546c0&dmp=6b6d3924-92d3-4998-bf20-3f75688546c0&uid=265J83xpEOgHahGntIsii_Cx00YRyJUpEknu9wPSrbwM&cb=1704175811&src=www&type=100&return-unstable=true&g=1&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dm5ri0ru%26uid%3D%24BROWSER_ID HTTP 302
  • https://ps.eyeota.net/match?bid=m5ri0ru&uid=88deb437-0e30-4411-8bdc-455b8d1e91be
Request Chain 732
  • https://sync.srv.stackadapt.com/sync?nid=eyeota HTTP 302
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&gdpr=&gdpr_consent=
Request Chain 733
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=18cc8cb1ef6-9330000010a4f07&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=62221526355076880713237290817115184386&referrer_pid=51md42u
Request Chain 734
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2Yo_TSczAumwUUyZ_9Nnps-P6CwwwMjFXNHm1-8hIE6c HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9119299034427209259&pt=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2C%2C
Request Chain 735
  • https://dmp.adform.net/serving/cookie/match/?party=1009 HTTP 302
  • https://ps.eyeota.net/match?uid=5964995709526982727&bid=9gdtmu1
Request Chain 749
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://thrtle.com/sync?_reach=1&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF&vxii_pid=12&vxii_pid1=7002&vxii_rcid=30615073-c759-4760-a1bf-863ab2b5d817&vxii_rmax=1 HTTP 302
  • https://rtb.adentifi.com/CookieSyncThrotle
Request Chain 752
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://thrtle.com/sync?_reach=1&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF&vxii_pid=12&vxii_pid1=7002&vxii_rcid=8ce8c14c-ec60-4a3a-b455-815b2c9ed1b6&vxii_rmax=1 HTTP 302
  • https://rtb.adentifi.com/CookieSyncThrotle
Request Chain 853
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=51887 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dliveintent%26bsw_param%3Dda1570b0-c1cf-4bc6-9218-2052f4462aa2 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dliveintent%26bsw_param%3Dda1570b0-c1cf-4bc6-9218-2052f4462aa2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=WInt1Sei1RkxYG5&expires=30&ssp=liveintent&bsw_param=da1570b0-c1cf-4bc6-9218-2052f4462aa2 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=da1570b0-c1cf-4bc6-9218-2052f4462aa2
Request Chain 902
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=93092 HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=833e90b2d14045db80ee46b12733997b HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 903
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=80321 HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=48fa5402f3b940dcaf8988bcda20df86 HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 920
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=69401 HTTP 303
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=9119299034427209259&gdpr=0 HTTP 303
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=9119299034427209259&gdpr=0 HTTP 303
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=9119299034427209259&gdpr=0 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Request Chain 943
  • https://um.simpli.fi/lj_match?r=18276 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 952
  • https://um.simpli.fi/lj_match?r=15519 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 953
  • https://um.simpli.fi/lj_match?r=38626 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 955
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=79237 HTTP 303
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=da1570b0-c1cf-4bc6-9218-2052f4462aa2 HTTP 303
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2 HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=ZQGbn9t8Muf-Nkc2oDQC HTTP 303
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Request Chain 959
  • https://um.simpli.fi/lj_match?r=80883 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 962
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=10 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/liveintent HTTP 303
  • https://i.liadm.com/s/62491?bidder_uuid=AAA6J07LJ1IAABM4PAw9Bw&bidder_id=237139 HTTP 303
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Request Chain 964
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=15357 HTTP 303
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Request Chain 966
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=7136 HTTP 303
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Request Chain 972
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=31575 HTTP 303
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D HTTP 302
  • https://i.liadm.com/s/41715?bidder_id=127211
Request Chain 974
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=75562 HTTP 303
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D HTTP 302
  • https://i.liadm.com/s/41715?bidder_id=127211
Request Chain 978
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=throtle HTTP 302
  • https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&_t=1704175815
Request Chain 990
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://match.prod.bidr.io/cookie-sync/throtle HTTP 303
  • https://thrtle.com/sync?vxii_pdid=AAA6J07LJ1IAABM4PAw9Bw&vxii_pid=5037&_t=1704175816.23223
Request Chain 991
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://match.prod.bidr.io/cookie-sync/throtle HTTP 303
  • https://thrtle.com/sync?vxii_pdid=AAA6J07LJ1IAABM4PAw9Bw&vxii_pid=5037&_t=1704175816.2946644 HTTP 302
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=8ce8c14c-ec60-4a3a-b455-815b2c9ed1b6 HTTP 302
  • https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=914C098408F29A75EC340A0515FF3321
Request Chain 1000
  • https://um.simpli.fi/lj_match?r=54129 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1024
  • https://um.simpli.fi/lj_match?r=91544 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1030
  • https://um.simpli.fi/lj_match?r=51223 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1032
  • https://um.simpli.fi/lj_match?r=31350 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1035
  • https://um.simpli.fi/lj_match?r=1626 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1042
  • https://um.simpli.fi/lj_match?r=48380 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1049
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=8ce8c14c-ec60-4a3a-b455-815b2c9ed1b6 HTTP 302
  • https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Request Chain 1057
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=THROTLE HTTP 302
  • https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE HTTP 302
  • https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-iMzmmPpE2oS9ycbXMs65xLhWIpy1kGSKc4H2YQ--~A
Request Chain 1060
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D13%26_t%3D1704175818%26_reach%3D1 HTTP 302
  • https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
Request Chain 1061
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D13%26_t%3D1704175818%26_reach%3D1 HTTP 302
  • https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
Request Chain 1065
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D15%26_t%3D1704175818%26_reach%3D1 HTTP 302
  • https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=79da43ccf13077612bbc33c1eda67811&vxii_ts=15&_t=1704175818&_reach=1
Request Chain 1072
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 1073
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=LWHc5OTZZDfW&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1074
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=vdEaviZiPjqeQ9os8hJ0seztxHyoK8xT6w5BxLUZDGE&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 1075
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/universal/v1?supply_id=7yx5VOUe HTTP 302
  • https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=a7a0daf7-bdbf-4648-8ab3-f066fbde44ff
Request Chain 1076
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
Request Chain 1077
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDdDeWpTWkhpbzk5SXVfd1E4ZS1lWUZG&gdpr=0
Request Chain 1078
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=d34031d1-f367-4787-8f0c-fc240fba8816
Request Chain 1079
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?3pid=AAA6J07LJ1IAABM4PAw9Bw&pid=85&gdpr=0
Request Chain 1080
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=9119299034427209259&gdpr=0&gdpr_consent=
Request Chain 1081
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1704175819469 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6295638291 HTTP 302
  • https://sync.1rx.io/usersync/turn/4315834540528319297?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005
Request Chain 1082
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LQVYA6C2-P-979V&gdpr=0
Request Chain 1083
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&gdpr=0&gdpr_consent=
Request Chain 1084
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPUc580a43e08b64a23b53a91ac1b105b12&gdpr=0&gdpr_consent=&pid=103
Request Chain 1085
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=DYFZL1qMA34WjFQkD9FNJQPQUS0WjAMuWNA1HPqK
Request Chain 1086
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDdDeWpTWkhpbzk5SXVfd1E4ZS1lWUZG&gdpr=0 HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr=0
Request Chain 1087
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQVYA66D-1C-G459&gdpr=0
Request Chain 1088
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H7CyjSZHio99Iu_wQ8e-eYFF&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=ZZOozAu5GZ6pX6O__KUV8TID
Request Chain 1089
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync2.resetdigital.co/csync/bs?type=d&bidswitch_ssp_id=fmx&gdpr=0&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=0000012629C73700&expires=15&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1093
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 1097
  • https://um.simpli.fi/lj_match?r=60639 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1104
  • https://um.simpli.fi/lj_match?r=39997 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Request Chain 1106
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZOowAALd3uKdQBH
Request Chain 1109
  • https://match.adsrvr.org/track/cmf/openx?oxid=8ac84081-d341-3210-4915-e5f23982711f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=79363d6d-3dc6-42db-a1a9-d035557bb78e&ttd_puid=8ac84081-d341-3210-4915-e5f23982711f&gdpr=0&gdpr_consent=
Request Chain 1111
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmhlYU5dLAJ7RIjNK_jFSM&google_cver=1
Request Chain 1114
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=79da43ccf13077612bbc33c1eda67811 HTTP 307
  • https://cm.mgid.com/m?c=79da43ccf13077612bbc33c1eda67811&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Request Chain 1119
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=79363d6d-3dc6-42db-a1a9-d035557bb78e/gdpr=0/gdpr_consent=
Request Chain 1120
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=79da43ccf13077612bbc33c1eda67811&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=62221526355076880713237290817115184386&pt=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c
Request Chain 1126
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=79da43ccf13077612bbc33c1eda67811 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=ZZOozIi4_HFE0QtKWbP_J4M7&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1704175820436&ip=185.172.52.56&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D212750604749002769588 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=212750604749002769588 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=WlpPb3pJaTRfSEZFMFF0S1diUF9KNE03 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEHrGJ2T-_D2gh_UTvkNH4hE&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Request Chain 1128
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=0&gdpr_consent=
Request Chain 1129
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-c9sxI7FE2pz3eKe.Duvp9fo1abyFGznOPDU-~A&gdpr=0
Request Chain 1130
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553/gdpr=0
Request Chain 1135
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/79da43ccf13077612bbc33c1eda67811/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4315834540528319297/gdpr=0
Request Chain 1136
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=586257841 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=586257841
Request Chain 1144
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=79da43ccf13077612bbc33c1eda67811&custom=&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=79da43ccf13077612bbc33c1eda67811&custom=&tag_format=img&tag_action=sync&final=true&reqid=9bab7510-a935-11ee-bb57-e3b3425111f1&timestamp=2024-01-02T06%3A10%3A20.514Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=9119299034427209259&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=9bb89471-a935-11ee-9a14-09a46abdd79a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=79da43ccf13077612bbc33c1eda67811&tag_format=img&tag_action=sync&cb=345278124 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=79363d6d-3dc6-42db-a1a9-d035557bb78e&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=9bb89471-a935-11ee-9a14-09a46abdd79a&cb=1704175821058&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1704175821058 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=88deb437-0e30-4411-8bdc-455b8d1e91be&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704175821058
Request Chain 1145
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0 HTTP 302
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=T2Vjd1VCSGlUS0dFSTJNd0Z1MWtSQT09&sm_p=dc&sm_r=lotame,lotame,bds,smt,rbc,tl HTTP 302
  • https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,bds,smt,rbc,tl HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=39e73050-11e2-4ca1-8423-633016ed6444&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Cbds%2Csmt%2Crbc%2Ctl HTTP 302
  • https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,bds,smt,rbc,tl HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=39e73050-11e2-4ca1-8423-633016ed6444&expires=10 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 1148
  • https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5964995709526982727/gdpr=/gdpr_consent=
Request Chain 1149
  • https://spl.zeotap.com/?zdid=637&env=mWeb&eventType=pageview&gdpr=0 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=5e51f5c2-7804-4fee-69c8-d7929ef0ce15?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=e71c8d99-7cb6-483f-692b-0d5b47be429e&zdid=637 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=79da43ccf13077612bbc33c1eda67811&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=e71c8d99-7cb6-483f-692b-0d5b47be429e&zdid=637
Request Chain 1150
  • https://id5-sync.com/s/19/9.gif?puid=79da43ccf13077612bbc33c1eda67811&gdpr=0 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/2/8/2.gif?puid=9119299034427209259&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 1156
  • https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd5d2a6f-9cd2-4114-bfbd-f44d88022079&gdpr=0
Request Chain 1158
  • https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79 HTTP 302
  • https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=89cb7409-019b-4b73-8fa4-8aacae72094d
Request Chain 1160
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=212750604749002769588&gdpr=0&gdpr_consent=
Request Chain 1164
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZOowAALd3uKdQBH/gdpr=0
Request Chain 1166
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=67457836 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=67457836
Request Chain 1169
  • https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=0
Request Chain 1170
  • https://tag.crsspxl.com/c.gif?t=57603&gdpr=0 HTTP 302
  • https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Request Chain 1172
  • https://jadserve.postrelease.com/dmp/5?vk=79da43ccf13077612bbc33c1eda67811/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=8befcf8f-66f5-474e-aaea-bdfe95dabb45/gdpr=0
Request Chain 1175
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=79da43ccf13077612bbc33c1eda67811&gdpr=0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=79da43ccf13077612bbc33c1eda67811&gdpr=0&bounce=1
Request Chain 1176
  • https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0 HTTP 303
  • https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAA6J07LJ1IAABM4PAw9Bw&gdpr=0
Request Chain 1177
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=79da43ccf13077612bbc33c1eda67811 HTTP 302
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=79da43ccf13077612bbc33c1eda67811&sr
Request Chain 1178
  • https://map.cookieless-data.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent= HTTP 307
  • https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent= HTTP 307
  • https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=&bounce=1
Request Chain 1179
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=498594604 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=498594604
Request Chain 1180
  • https://bcp.crwdcntrl.net/map/c=12526?https%3A%2F%2Fuipus.semasio.net%2Flotame%2F1%2Fget%3FsType%3Dsync%26sExtCookieId%3D%24%7Bprofile_id%7D%26sInitiator%3Dexternal%26_url%3Dhttps%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D12526%2Ftp%3DSEMA%2Ftpid%3D%24%7BUIPID()%7D HTTP 302
  • https://uipus.semasio.net/lotame/1/get?sType=sync&sExtCookieId=79da43ccf13077612bbc33c1eda67811&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()} HTTP 302
  • https://uipus.semasio.net/lotame/1/get2?sType=sync&sExtCookieId=79da43ccf13077612bbc33c1eda67811&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()} HTTP 302
  • https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=F09CC1D9EA8FDF20
Request Chain 1182
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
  • https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
Request Chain 1183
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF HTTP 302
  • https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
  • https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3

1152 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
medz.forumituct.com/
57 KB
13 KB
Document
General
Full URL
https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cfbf48309fef9ae9fb4d65f299faddea25f08186b6cb7cce05e40c6b8cd52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d61fee1f6a1e-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:01 GMT
link
<https://medz.forumituct.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bOp%2FnFybpF2vRP0e9iUigdNQBut%2FpvDn4ZCNv7OA35%2B%2FQ0a9Sh31rBaHv3GCj15LckF88wtNCT27iqw6Ng1K5efOuIUxW1br7IkB3ArZRETmxM%2FCcujAlpjjqIUVLA%2FtsQgfgnh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
style.min.css
medz.forumituct.com/wp-includes/css/dist/block-library/
107 KB
15 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 04:17:29 GMT
server
cloudflare
etag
W/"654b0bd9-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFUCe%2FwleRQ1z75pzUnHzQETsvpSFbRL3qTrW%2BUJFqDKALSE%2BPJQePdbDTZaGg3w5nZXzVk8jF2%2BJAakdmt0h3q0GSwURUV7RU6dKKlF9nQAaB1hI5pdem21qOhurpAE%2BC4xfjaK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6284baa6a1e-MCI
css
fonts.googleapis.com/
9 KB
896 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:59:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:01 GMT
genericons.css
medz.forumituct.com/wp-content/themes/frontier/includes/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFqlaUWSPNjhLHh50xFlOHr94OwFai4puWNdzn2NIk416PJV9eon8aEBe%2F34FGmvH9sYuIBbzJUxR7GSZi%2FoPmEVSQcU5Y1Vd%2FEDklmDer2n%2FNIq%2FGjP4Ut%2B%2BV9tb7w%2FkXo6cWdW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6284bac6a1e-MCI
style.css
medz.forumituct.com/wp-content/themes/frontier/
26 KB
7 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eInGw%2BS3YPk2ZvE23HVvTQgZN51UdD%2BBy%2BfE%2B07H85MMS5qfLnDQ%2F3y8qTrsV6yg8hSDccKes%2Ff8lPLDTadkg%2BJJJgt%2BHuiVndXiJ2avnoHT1rS7TzechK89lzCXOl%2BuWuNq%2BXJK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6284bad6a1e-MCI
responsive.css
medz.forumituct.com/wp-content/themes/frontier/
3 KB
1 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqHGbNy5jBVeB5cxZoGU4iz8eUj7SEXzxh%2BgicWs4jujlk1PvzliycfHkVNb%2F9en5mhWQWFWiZLj6N0yx5GlJ6aYyC1pH%2F43QtVxtmM%2BtzAJ1vVDrj2rOEmYO29kkVXbvgZITWbu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6284bae6a1e-MCI
jquery.min.js
medz.forumituct.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://medz.forumituct.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 04:17:28 GMT
server
cloudflare
etag
W/"654b0bd8-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpdnDzMnGSvb088mRraotPtyt9kAHdXpiL8sluRWQbNci%2BqWI6eGV1HqU8XWlcHv1ELn2TEStLbuDydgg42PzijPE2KqqzlJC2vjo4CjSwPjyewx%2BDHsJAz5XWnsdzitBQtEZRo1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6284bb16a1e-MCI
jquery-migrate.min.js
medz.forumituct.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://medz.forumituct.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Aug 2023 04:16:46 GMT
server
cloudflare
etag
W/"64d3132e-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaE9AQOTjKDGbjMR5R15i78abbgoa5baAyf5E%2FJDNYtMrLYxwWarPKxBrPnZ1G8SSUkaoFIC24J2XdTqXsr%2B3QcSIVlfcamg2cC%2BddXUGdJzKBTlaq04tx3mxwoWOH5HvAMicF3T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6284bb36a1e-MCI
bootstrap.css
medz.forumituct.com/wp-content/plugins/masterpaito/css/
143 KB
22 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/plugins/masterpaito/css/bootstrap.css
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d23cde62ca806c8ad79f619f41e522a1f5f4b5b5f5f0f90602748b0e1dfe04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 07:17:24 GMT
server
cloudflare
etag
W/"63ce3484-23a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqmmimE%2B5dH%2BSqnJRny7q0vHztk4jF2CqfAtDduYwYF3W4lpQKRy42c3nOAGb3PEiz5HovvepH1widshFm1ki9rGFp6jD0XMNEXGUji4ZaIy4Ytt8DJY99JiW1jFokXehkuuGS8i"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6284bb26a1e-MCI
css2
fonts.googleapis.com/
2 KB
640 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:57:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:01 GMT
css2
fonts.googleapis.com/
421 B
729 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Carter+One&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
b00653f5ecbbaecc1a215636c3cc04936bb15e4fd74eb2eaae0a478473f5ce9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:17:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:01 GMT
css2
fonts.googleapis.com/
1 KB
556 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
138e7f355c55bbf2b7b3bbed2b52f37ed4b733dc7715eb10aa2c2bcda7d23a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:46:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:01 GMT
css2
fonts.googleapis.com/
2 KB
658 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:55:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:01 GMT
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ...
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:02 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv...
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:02 GMT
Hy55op1.gif
master.aimistik.com/wp-content/uploads/2023/08/
2 MB
2 MB
Image
General
Full URL
https://master.aimistik.com/wp-content/uploads/2023/08/Hy55op1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b9f802941f7b2b8ebf038a47cf739bda5a32cf0829d48408a25de7f4ebc5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 31 Aug 2023 04:27:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64f016a8-25d79f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PF9lHF0VlyLhKAbl3BXjZg7cLi6gLJrYgc75mABgDAROY7UVYrxYlUv%2BkhMjvZAgCev60xJ2CQsXKnR3q62bnV1%2Fnmn%2FmDYz5Z8qA6Jn%2F5aAP0rHXyF4OYNIDzGg75csk8V67GLk"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d62eef984dfd-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
POKER88_GIF-Banner_PREDIKSI-MP_728x90_Edited-1.gif
medz.forumituct.com/wp-content/uploads/2023/12/
337 KB
337 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/POKER88_GIF-Banner_PREDIKSI-MP_728x90_Edited-1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f69fdf64c28eb48dc46dd9bbc2ae7be055050137a752256fb3df9e49bf5e71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 02:51:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581053d-54257"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykdM2ZxkSt%2BEIP7YArNAXkr2z5W4h%2FeTkUtbhBCg2XiIB1eekpAaNImltiWUhJlGFJvcMYPDi3nfLbag6%2BA4mDF5QnLKeENEnI3iMcIZhmYr2XKKF4Cy%2B5FSs%2BepTkfRc9%2FPQ2uP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d62eced54de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
DEWAPOKER_GIF-Banner_PREDIKSI-MP_728x90_Edited.gif
medz.forumituct.com/wp-content/uploads/2023/12/
750 KB
751 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/DEWAPOKER_GIF-Banner_PREDIKSI-MP_728x90_Edited.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483b812d41d94b9639b344476909c7f5d884f24872d20e59ddf11794f9cb30f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 02:51:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65810542-bb8dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEi5n20MRJ4t9b6A7ySzWTnf69No1MR4GKDJIFlbvFpYu1OGXCi01G%2Bjot2am41vhoIrVOv7k62L1mzHecF28MLiwBqfMwnHUjngpTYkVqlziJYPBZETuWEqinTrstXKca3nf3Sq"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d630592d4de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
VEGAS88-728x90-5.gif
medz.forumituct.com/wp-content/uploads/2023/12/
83 KB
84 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/VEGAS88-728x90-5.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0194ee909858ac0b6352d882746272548157bf88b91771c08ddaf11642b513b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 02:51:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65810544-14d76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIJYcmdlIvgC8%2B3NnGrS2pfJL0WtbAjVz%2FqcM0bB6mMYsKBOr1kXeFrjqCFxX7%2BurZSugV5mOv0t4fD6qsYu3h8a3WcMOioDDuyBoUjwXb3nC0Y7AJvaPUCudnoE%2BRvsquWiqdqq"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d63059414de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
SKOR88_GIF-Banner_Prediksi_728x90-1.gif
medz.forumituct.com/wp-content/uploads/2023/12/
213 KB
213 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/SKOR88_GIF-Banner_Prediksi_728x90-1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd00f3d41a2866479e75a4a57e111e73d81d88525ed77e0b28ff94d58484c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 02:51:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65810539-352c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOCgDlyBAZxrmp9VGGJCACoCUVRl1jTtmwri8Pvz8n2s%2Fd%2FS6A%2FQr%2BANut7pmgbddbhlbBkW3t84jvocYgFP4UJVdFIEOExsOzc3I8ujmHHjRJvOO05JYC6YQULdFEGW7PwdMYQh"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d63059434de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
email-decode.min.js
medz.forumituct.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://medz.forumituct.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYdEXL3LyareYSU8CiyC9DOlEJKXoP9HlDpcSIogxti0SISfQBxYBFtaoUBmpvZquiNdnLbISoMYrCgZeQpXVUj3BvIURu%2BCKDbip8cms11QlLgUvyNqeTk7cDETlDmqPKOJSXU7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d630592f4de6-MCI
expires
Thu, 04 Jan 2024 06:10:02 GMT
jquery.modal.css
medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/
823 B
795 B
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j117x%2Bg9rN1O8JFfUY4ycdc8n25vezkqzCbmRABl4A1H2PYwVdHvQm7q53IFQ%2Fk0fYPKZT48lJgIO4cNw%2FHjAQxpy7p1FGGIfq5HknpETHClAYzmO9L%2B3sSznQOFL9wmhEGjvInf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d63059374de6-MCI
popups.css
medz.forumituct.com/wp-content/plugins/uji-popup/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gvdwcueixx4Oj0wr90%2FjGr7Xdj943TcIxFMk6s3dez35V6r5s9zoFaoRntPqf%2F2lO44w3kgc0RgUK%2BImt4SgW1PP4FIpsaEzNHg6IVsSiUIy8DcoSYfuRqswAPZRuDMlIcN6nO1o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d630593a4de6-MCI
jquery.modal.min.js
medz.forumituct.com/wp-content/plugins/uji-popup/modal/
4 KB
2 KB
Script
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgM1ckjWQt3VqI61Re4YYENM%2BxQBR7%2FKJIHiRYAMP%2FYueKVoNr3bI%2FuY8gnjrEepovnjRWSETo9mNjqECeowr55Y8VMy4ySkktuL6FWyZfbi7i7BBn6iNCoY9vMkm%2F7mh%2BCsbof1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d630593d4de6-MCI
popups.js
medz.forumituct.com/wp-content/plugins/uji-popup/js/
2 KB
1 KB
Script
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACkn59zoWDAEcSy7j94%2FoYIRcrCK0YWWSvKOhnsL5mtPNSTdlvDcs7BWGwP9Zv3fdHLhLc4em%2FbcUXEUGEm34x1Hlkfs%2Ff68HKAANP9ICPn2ysH54U0RPs9DrniS1HSDBVNLocnF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d630593f4de6-MCI
5cf349b9-2056-4c35-8a16-d24c6d083bf7
https://medz.forumituct.com/
1 KB
0
Other
General
Full URL
blob:https://medz.forumituct.com/5cf349b9-2056-4c35-8a16-d24c6d083bf7
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
/
master.aimistik.com/ Frame 1668
80 KB
20 KB
Document
General
Full URL
https://master.aimistik.com/
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e959f8e37d374f666e40d8fb752f240d66fd4ff6bf39f6fa786d5918ccb6c0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6305a184dfd-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:04 GMT
link
<https://master.aimistik.com/wp-json/>; rel="https://api.w.org/" <https://master.aimistik.com/wp-json/wp/v2/pages/153>; rel="alternate"; type="application/json" <https://master.aimistik.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POE3VE1jDPp5pXRcmEi7It4Q%2BXafrbT5sMYhitoBAD9m4sQhsZs8ziwNxpASVxdWuFBRpc1Q0owcls4jaFVYstMjE64Ix%2B3ZZ47XlNJcVIYV2%2FLQQ59KAXgdNlxGKNxrPCelpCBg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
result2.php
livedraw.pro/master/ Frame BC7A
2 KB
867 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6311f566a1c-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPv5OJGZ%2BupYsTNb5EllDtkZlTLF4Ri1Oee4HDIOpKIJDtYyJIi8RaCJ6faurzS7DnnhgbVomrOtWJNrMUa%2F%2BzBuJoqvn8apIln9ZH2xiS%2FBMxGa8U2LtAnJiEaYtrk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76522
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d630cbd56a22-STL
content-length
4547
honeycomb.png
medz.forumituct.com/wp-content/themes/frontier/images/
265 B
748 B
Image
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/images/honeycomb.png
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63cc0f50-109"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAG%2FfHlsVF771OHgFLXFjjtqG0ilReDFXdzZ57HKDM3XJCFiCqz%2FmdpkBQa10p%2BzteO04OG2vfzJnbL2rhQbnfo8%2Bvw5TCIWxR3J8b0Bi839GIhK6FnRmDOhOGDvSz4QlIJP9GMh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d63069474de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
fonts.gstatic.com/s/carterone/v17/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Carter+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 01:20:50 GMT
x-content-type-options
nosniff
age
535753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27984
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:07:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 01:20:50 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
afc8ec27017051865f6411f798ef57415d2de6d19e687052719a2c6f46059eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:02:36 GMT
x-content-type-options
nosniff
age
572847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15924
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:02:36 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:34:01 GMT
x-content-type-options
nosniff
age
570962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:34:01 GMT
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wi40.woff2
fonts.gstatic.com/s/quicksand/v31/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wi40.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
7cda70e9848b04b3f0336c837846a04f5c71678c34b13e4c6d2378e74aceb57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 20:25:24 GMT
x-content-type-options
nosniff
age
553479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15060
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:53:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 20:25:24 GMT
/
master.aijos.info/ Frame 9E9F
83 KB
21 KB
Document
General
Full URL
https://master.aijos.info/
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebdb9b0a3bc24cdd7dd1e20dcd35a6b9894e1e2681b2919b0d7b9da5c3f33e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6315c1c4de9-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:04 GMT
link
<https://master.aijos.info/wp-json/>; rel="https://api.w.org/" <https://master.aijos.info/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://master.aijos.info/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuaLe8F4YewxW5gN8w9%2F7UBmnTMLDDJY6QpuYajiZRGo6XGNZtvnFftCyOwmntrnsz%2BMcgL9Mz9BlN68E5ad9VsFxqRoC%2BtQrRrlA2Emelhl8F3mHUedzyYtHdRcGoNGfnWTiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ASIALIVE88-400x400-1.gif
medz.forumituct.com/wp-content/uploads/2023/12/
171 KB
171 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/ASIALIVE88-400x400-1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7148ff49f3150dd13414edad5cb6af017309cfe5e41aca15d5488c101d3b5429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 03:11:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658109ee-2ab3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Om8EgwG1PDxCIULLv3yeRk8EydNHucSvsLzDSk6ebZ0AciGGMI1TrPLMOcAolN829WCvh01OMBq6caRQA37D5rur0qRE0OpMosh7%2BoDc76qx196F4flW1fZn4PQDBz1efy7hCojT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d630c9db4de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
4502232.php
s4.histats.com/stats/
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h1&@i1&@j1704175803034&@k0&@l1&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1600&@b1:198607411&@b3:1704175803&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
4502232.php
s4.histats.com/stats/
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h1&@i1&@j1704175803034&@k0&@l1&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1600&@b1:134221500&@b3:1704175803&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
4502232.php
s4.histats.com/stats/
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g0&@h2&@i1&@j1704175803039&@k5&@l2&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1600&@b1:150503441&@b3:1704175803&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
4502232.php
s4.histats.com/stats/
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g0&@h2&@i1&@j1704175803039&@k5&@l2&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1600&@b1:25487710&@b3:1704175803&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
cc_604.js
s10.histats.com/counters/
13 KB
5 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_604.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
45820
etag
"1135266286"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6324c646a22-STL
content-length
4509
/
e.dtscout.com/e/
8 KB
4 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h1&@i1&@j1704175803034&@k0&@l1&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1600&@b1:198607411&@b3:1704175803&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
247659832ca7c683f871af98b615ae4a20dc7e870a3ecd269d34ccc1119016e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
x-t
0.34
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWs%2B7afukxMoVk4rywpxutb0nCKavuDsHiA6wyVFFWaIoG09G2KuITXVXmWnAZWylMzENqUmXs9Hn22BQ5nznTIMN1lYIlTWW%2FvFPvhBAMnC8pZ%2BQ9WX%2Bfb6myhmkz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d632cbce6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:02 GMT
/
t.dtscout.com/idg/ Frame 7738
1 KB
754 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034044087a544b54d334f392e09ea98f3612ca8e99ef74afb0998a83f09868ff

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83f0d6339cde6a1e-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:03 GMT
expires
Tue, 02 Jan 2024 06:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPjE2JfUejrQaRqNTYTE6eX%2FRsUlqw%2BBaC%2BXViTom33%2FhWYUqATzH6UIWvub%2BGbBYxqvXf3k2kN1qfXkDboY8KX3eFCb4TqkW7XKEMzocLyvFuSEIfBOB%2Bbs%2Fc2rtqE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63661
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
tALuvj0UYmX_PYouTdecCypaCJPYm5JwI_yDRIwvUC_G-dyU55Vkqw==
dtscout
pd.sharethis.com/pd/
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/
19 KB
6 KB
Script
General
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
age
150361
etag
W/"651ed188-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f0d6340aa223c1-STL
expires
Fri, 05 Jan 2024 06:10:03 GMT
/
t.dtscout.com/pv/
51 B
332 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=medz.forumituct.com&_ss=3vufpn6kpb&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=6s63&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241f9d845bddbf879723715f7652c2d58b61c763de58267df15a12cd6bd04433

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
x-t
0.149
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGcvZmt5CKk8hmHgl69ZMfAez3YlZcauICgHuTmf1MxRcthq2T7MDGvSjtOre%2FCNB04hbkXhb4lgQwp2%2BVf%2Bz3omNtlBCvyrVIOvSUrbls%2B%2F8lHjZ%2FhurC9N8I8reG0%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d6339cdf6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:02 GMT
/
dtsedge.com/ping/
0
435 B
Script
General
Full URL
https://dtsedge.com/ping/?t=300&d=medz.forumituct.com
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.14.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
x-t
0.62
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSg5GVfERa%2ByU9VU%2FaKAHeQzzsLO54Ah4whZLqVcrn%2FJGcSkTjWrN4d7ZZbgbCd4d7QEqtxNidUu2MJLRhq7ueyzjzrmLXJXJN3FHb9wXlFyfIVkkeOgx9KUHaqtKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
83f0d63439114de3-MCI
alt-svc
h3=":443"; ma=86400
/
t.dtscout.com/idg/ Frame FD87
1 KB
728 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8611e2797a0caf3c8b630735086b562db83b61278f5087cbd11cfb842b8f57

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83f0d633aced6a1e-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:03 GMT
expires
Tue, 02 Jan 2024 06:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1w2AC2dp13ItK98q%2FF0eC1kaecxW%2F13ufY2rBKEGTQlcy7cbngwo4fAGZf2FNHa863zqB7a%2FzVWw2PZ7myHcnDd2ZZf5AC5LRj5lCx%2Ft4N8CG%2BmzfD4E0pWkCKSyVc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/idg/ Frame 6759
1 KB
729 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3fdc90f6c337dbd1f59985c1ba07df9558feb81e3273fd0285f879234e8b0e

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83f0d633acf66a1e-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:03 GMT
expires
Tue, 02 Jan 2024 06:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svkSIqR6QmVL2a45kKZTbLD55wVhEGYBR3SrJ765w4c1Hz0MOcEdOeE%2FdCg%2FbP%2FL64lSpbLcCOUpSar4gYwLvKvGY6Frk%2F3VlrEw5vxnBsmFDG2Ldh42K%2F%2BFng3N91k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/idg/ Frame 8A1B
1 KB
723 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=104017041758038360C2DD43CC8E4CDF
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d2279604129dedca746d0bf78c79a34e4359175e0450787308bcdaf924c387

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83f0d633bcfa6a1e-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:03 GMT
expires
Tue, 02 Jan 2024 06:10:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSu3v84Gw%2BoTZGkBBdXEciotShomCv2RnvjlF3mAWnqcO54gZv3BqhN4SFfaZz5vS2sK5LuM9CwzdlWYdy7h4XuFKbpbi8JPDe6Il2tt24GRxchfZ8D7bqjXaC0IPM8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
58 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:20:34 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
17370
etag
W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
nfN1hDpwfd-4hOj1ilAViQa_ETaN6v0yc9SCGOi8Y0ya8gEoRlsL4A==
/
t.dtscdn.com/widget/
0
584 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmedz.forumituct.com%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-t
8.11
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDe9OnnjToPGr7t45HNh83NUd38tZCz3uX79Ram6%2B9E4pRrnl8jjriJuQGnJQMrUnBR1s%2FkEDTSEmSFKiIHHuC1JqjaGds3oatU%2F4aOEq3pniaSnihkav4ezticqfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
83f0d6351c844e03-MCI
expires
Tue, 02 Jan 2024 05:48:36 GMT
19505
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e6ae93f6c3a7065662be751e88ee9146&gdpr=1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c468d473b42b84af/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5964995709526982727&gdpr=1
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=1&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=a34b731c6d785dac
  • https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
  • https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI
  • https://tags.bluekai.com/site/19505?id=y-AHwVHp5E2pLEuSeaoZenIo36A7PtK_4._nU-~A
62 B
306 B
Image
General
Full URL
https://tags.bluekai.com/site/19505?id=y-AHwVHp5E2pLEuSeaoZenIo36A7PtK_4._nU-~A
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 06:10:10 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/19505?id=y-AHwVHp5E2pLEuSeaoZenIo36A7PtK_4._nU-~A
date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-geo.s-onetag.com/
50 B
454 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
via
1.1 e1fcfcab7d719cee2446e5bb755eb260.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
0b311116-f28b-4a89-adba-5e466b007791
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNZHhDCYcEi1g=
content-length
50
x-amz-cf-id
88-znVpwqhiHHbyyGXviivIWA4kdoswyrEEEleKIOH2HHuc6LEeBsg==
/
onetag-geo.s-onetag.com/
50 B
454 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
via
1.1 e1fcfcab7d719cee2446e5bb755eb260.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
0b311116-f28b-4a89-adba-5e466b007791
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNZHhDCYcEi1g=
content-length
50
x-amz-cf-id
MVnFM4iEibEZJwbBjkzSomUenUgnhsuw1LPLdf9X53WDeC8h3U8oKA==
/
onetag-geo.s-onetag.com/
50 B
454 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
via
1.1 e1fcfcab7d719cee2446e5bb755eb260.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
0b311116-f28b-4a89-adba-5e466b007791
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNZHhDCYcEi1g=
content-length
50
x-amz-cf-id
gMJDyM5Nss4L7mp9GZ27nemUlFwNkcjiHF76e5-F8Yt-hfOJAZvz0Q==
/
onetag-geo.s-onetag.com/
50 B
456 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
via
1.1 e1fcfcab7d719cee2446e5bb755eb260.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
0b311116-f28b-4a89-adba-5e466b007791
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNZHhDCYcEi1g=
content-length
50
x-amz-cf-id
PFtwmYnK8GHnkNwb6rOqqDtVC2nr_xkaKt6XsJXaBU_odGws0ax0BQ==
p
ic.tynt.com/b/
35 B
648 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1704175803646&dn=AFWU&iso=0&pu=https%3A%2F%2Fmedz.forumituct.com%2F&ct=FORUM%20ITUCT&t=FORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&chmob=0
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:03 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
t.dhj
t.sharethis.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7713631044036073&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:03 GMT
dtscout
pd.sharethis.com/pd/
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.7713631044036073&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9172761103401923&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:03 GMT
dtscout
pd.sharethis.com/pd/
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.9172761103401923&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7354266140290149&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:03 GMT
dtscout
pd.sharethis.com/pd/
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.7354266140290149&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.19663529319390616&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:03 GMT
dtscout
pd.sharethis.com/pd/
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.19663529319390616&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
v2
de.tynt.com/deb/
2 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
6211ea4e1bd6ada3e9fc7ef0f07e50cda377df99dc20f5d8c9b6de885777b71b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:03 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1551
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/
930 B
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
67f8c323cf8ce73b3139aab841ffb866c209800ef34769a361a58fd6357bb762

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:03 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
930
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=3&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1b91e4c9ac872cb9fca0f2b2b2a0b972ec7fd74b7357cdd8a2ac4b4f145ea3e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:03 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1219
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=4&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
b9989bc0de26c565d6d1a1f0428738c0a8d4f81e9414a488a5414bf8e9775027

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:03 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1304
expires
Sat, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803817.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803817.1
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjBoNWNwZWdNR291VVIyV0FMNzlXMHVmNFoweVVaUE8teWl1MHMwZGFOakE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjBoNWNwZWdNR291VVIyV0FMNzlXMHVmNFoweVVaUE8teWl1MHMwZGFOakE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHG_KoJEBW0KodhU2mnXiSg&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHG_KoJEBW0KodhU2mnXiSg&google_cver=1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:05 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHG_KoJEBW0KodhU2mnXiSg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&_rand=1704175803817.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&_rand=1704175803817.2&expected_cookie=7de83740-adc6-40d6-8a85-c66d7a1608a4
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&_rand=1704175803817.2&expected_cookie=7de83740-adc6-40d6-8a85-c66d7a1608a4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B6B9923B946948F584F292DA217CAE2E Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Flvra9bGZ4U34iQFA==

Redirect headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E2E1BC6CC99E47B9A445AC463CFFDE0A Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=15927&puuid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&_rand=1704175803817.2&expected_cookie=7de83740-adc6-40d6-8a85-c66d7a1608a4
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Flukq1xpB8PIHtZpw==
pixel.gif
load77.exelator.com/
Redirect Chain
  • https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=wu%21&us_privacy=&random=1704175803817.3
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404769201202&random=1704175803
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404769201202&random=1704175803&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif?UID=1bca9c63e3a71451020f027d9d028bb6
43 B
467 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif?UID=1bca9c63e3a71451020f027d9d028bb6
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
156.146.36.24 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
137173278.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Tue, 02 Jan 2024 06:10:04 GMT
x-age-lb
198932
x-amz-request-id
tx000004f2912c4667b5218-0065909fa7-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
A5ySJBY3Nzf/FAkDAJySO+I3Nzf/AAAAAM/T1GYr2akA
x-accel-expires
@1705013672
x-77-age
198932
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
1e192d0844547929bca89365adb1d62b
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 02 Jan 2024 06:10:04 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif?UID=1bca9c63e3a71451020f027d9d028bb6
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
7556e1f3-fd5a-480d-94c1-abab6b180500
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&ts=1704175803817.4
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D6593a8bcbc6e41000198709a%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D6593a8bcbc6e41000198709a%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/9119299034427209259?ch=6593a8bcbc6e41000198709a&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/7556e1f3-fd5a-480d-94c1-abab6b180500?ttd_puid=&gdpr=0&gdpr_consent=
0
562 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/7556e1f3-fd5a-480d-94c1-abab6b180500?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
54.88.205.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-205-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

location
https://map.go.affec.tv/map/ttd/7556e1f3-fd5a-480d-94c1-abab6b180500?ttd_puid=&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 06:10:05 GMT
server
Kestrel
content-length
229
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.1532826&iv=d6e6d72d-237d-4cb0-86aa-eafd2c0...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.1532826&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
182 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.1532826&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.1532826&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&random=1704175803817.6&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&random=1704175803817.6&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7556e1f3-fd5a-480d-94c1-abab6b180500&ttd_puid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
34.193.243.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-243-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n017-ash-prod.krxd.net
date
Tue, 02 Jan 2024 06:10:06 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1704175806
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Tue, 02 Jan 2024 06:10:05 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a021-ash-prod.krxd.net
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=&random=1704175803817.7&pu=https%3A%2F%2Fmedz.forumituct.com%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212404484791541&seg_code=33x&random=1704175804
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212404484791541%26seg_code%3D33x%26random%3D1704175804
43 B
839 B
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212404484791541%26seg_code%3D33x%26random%3D1704175804
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:04 GMT
an-x-request-uuid
09ecc8f0-b3a3-4ef6-a92f-3f1e9491341e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:04 GMT
an-x-request-uuid
6e5a7494-bc26-4a5f-8e72-3dd3327ad08f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212404484791541%26seg_code%3D33x%26random%3D1704175804
cache-control
no-store, no-cache, private
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
27519
tags.bluekai.com/site/ Frame 396F
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1704175803819.2
  • https://tags.bluekai.com/site/27519?id=212308334999429&ret=html&random=1704175803
71 B
247 B
Document
General
Full URL
https://tags.bluekai.com/site/27519?id=212308334999429&ret=html&random=1704175803
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

bk-server
9f0f
content-length
71
content-type
text/html
date
Tue, 02 Jan 2024 06:10:04 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n
S

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 02 Jan 2024 06:10:03 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=212308334999429&ret=html&random=1704175803
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP020
x-33x-status
400000000040080C
lotame-sync.html
cdn-tc.33across.com/ Frame CCA3
343 B
459 B
Document
General
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
100433
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
83f0d6370db51840-STL
content-encoding
gzip
content-type
text/html
date
Tue, 02 Jan 2024 06:10:04 GMT
etag
W/"651ed18d-157"
expires
Fri, 05 Jan 2024 06:10:04 GMT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
vary
Accept-Encoding
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1704175803819.1
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212404632899042
42 B
440 B
Image
General
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212404632899042
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:03 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212404632899042
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
d.agkn.com/pixel/6644/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1704175803819.3
  • https://d.agkn.com/pixel/6644/?che=1704175804550&sk=212750604749002769588
43 B
572 B
Image
General
Full URL
https://d.agkn.com/pixel/6644/?che=1704175804550&sk=212750604749002769588
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
13.225.63.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-20.ewr53.r.cloudfront.net
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
via
1.1 c9fc8eca0b2b3a083a77fd1cf662c1a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
lyDa2Wd7xuh967S-NX3PQDBqgorFWU32wpvox5NrDfXS2DuMOirzDw==
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:04 GMT
via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://d.agkn.com/pixel/6644/?che=1704175804550&sk=212750604749002769588
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
P7n0FgRs6yOodsugVVlWnBtuPO39cxgGPZuNjHIsKw37SgsZ0-S6pQ==
expires
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175803819.4
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ae3bee7b08415e9e8254303054da62ac2ce9386cb16c8757b780d7b6a8f7f4f1791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ae3bee7b08415e9e8254303054da62ac2ce9386cb16c8757b780d7b6a8f7f4f1791426b5417dce21&rand=03461554
0
144 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ae3bee7b08415e9e8254303054da62ac2ce9386cb16c8757b780d7b6a8f7f4f1791426b5417dce21&rand=03461554
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 45F52F7346B84FAA94503AEFD86C3C1F Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Fl3LvDbngBkDR6kHQ==

Redirect headers

date
Tue, 02 Jan 2024 06:10:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ae3bee7b08415e9e8254303054da62ac2ce9386cb16c8757b780d7b6a8f7f4f1791426b5417dce21&rand=03461554
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dpx
i.simpli.fi/
95 B
554 B
Image
General
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1704175803819.5&ref=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
125.47.171.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:04 GMT
server
openresty
content-type
image/png; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
95
x-request-id
F6Zy3YD-utAtyv6EWbhB
expires
Thu, 01 Jan 1970 00:00:00 GMT
hbpix
idpix.media6degrees.com/orbserv/
43 B
577 B
Image
General
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=46305&pcv=58&ptid=96&tpuv=01&tpu=CoIKR2WTqLsbi082J6a3Ag%3D%3D&us_privacy=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.36.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
83f0d64e982477bd-STL
content-length
43
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803838.2
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmhVQ0tjeUExZnpyWl9kM1NYdFUtalZiZ2RzNEhSc2JqTmtjWEphYnVBQzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MmhVQ0tjeUExZnpyWl9kM1NYdFUtalZiZ2RzNEhSc2JqTmtjWEphYnVBQzQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHYjZwEy-Ll81sLeWVXEjvo&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHYjZwEy-Ll81sLeWVXEjvo&google_cver=1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:05 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESEHYjZwEy-Ll81sLeWVXEjvo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
load77.exelator.com/
Redirect Chain
  • https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=wu%21&us_privacy=&random=1704175803838.3
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404484791541&random=1704175804
  • https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=212404484791541&random=1704175804&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif?UID=329fedbeb8b5a7adac2f0569ca6dd42b
43 B
466 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif?UID=329fedbeb8b5a7adac2f0569ca6dd42b
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
156.146.36.24 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
137173278.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Tue, 02 Jan 2024 06:10:04 GMT
x-age-lb
198932
x-amz-request-id
tx000004f2912c4667b5218-0065909fa7-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
A5ySJBY3Nzf/FAkDAJySO+I3Nzf/AAAAAM/T1GYr2akA
x-accel-expires
@1705013672
x-77-age
198932
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
1e192d0844547929bca893659e1e2233
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 02 Jan 2024 06:10:04 GMT
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif?UID=329fedbeb8b5a7adac2f0569ca6dd42b
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.7706594&iv=d6e6d72d-237d-4cb0-86aa-eafd2c0...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7706594&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
182 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7706594&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7706594&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
g.pixel
aa.agkn.com/adscores/
Redirect Chain
  • https://aa.agkn.com/adscores/rem.pixel?sid=9112301738&us_privacy=&33random=1704175803838.5
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adadvisor&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adadvisor&ttd_tpi=1
  • https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=7556e1f3-fd5a-480d-94c1-abab6b180500
43 B
682 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=7556e1f3-fd5a-480d-94c1-abab6b180500
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
fy-MRxRK_BYr31YqjBeSt1R906r9EvH4pGHY2KpEAy_DKUzmaEDoHQ==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.pixel?sid=9312270958&tdid=7556e1f3-fd5a-480d-94c1-abab6b180500
date
Tue, 02 Jan 2024 06:10:05 GMT
server
Kestrel
content-length
217
cm
us-u.openx.net/w/1.0/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175803838.6
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
43 B
295 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dpx
i.simpli.fi/
95 B
555 B
Image
General
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1704175803849.1&ref=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
125.47.171.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:04 GMT
server
openresty
content-type
image/png; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
95
x-request-id
F6Zy3YMLoUFXHUKk3wKD
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803849.2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=79363d6d-3dc6-42db-a1a9-d035557bb78e&bid=1e2n4ou
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=79363d6d-3dc6-42db-a1a9-d035557bb78e&bid=1e2n4ou
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:05 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=79363d6d-3dc6-42db-a1a9-d035557bb78e&bid=1e2n4ou
date
Tue, 02 Jan 2024 06:10:05 GMT
server
Kestrel
content-length
191
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.7768414&iv=d6e6d72d-237d-4cb0-86aa-eafd2c0...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7768414&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
193 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7768414&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.7768414&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175803849.4
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESECwGSBRvnDn1GIlCnRKUS1U&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECwGSBRvnDn1GIlCnRKUS1U&google_cver=1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECwGSBRvnDn1GIlCnRKUS1U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175803849.5
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-FVBH4ElE2pUlc77iUzRjvVtCfrSq.P7SXFE-~A
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-FVBH4ElE2pUlc77iUzRjvVtCfrSq.P7SXFE-~A
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:05 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-FVBH4ElE2pUlc77iUzRjvVtCfrSq.P7SXFE-~A
date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296&pid=500040&_li_chk=true&_=1704175804.8841374&iv=d6e6d72d-237d-4cb0-86aa-eafd2c0...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.8841374&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
182 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.8841374&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175804.8841374&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
t_.htm
t.sharethis.com/a/ Frame E1AE
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7713631044036073&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:03 GMT
Expires
Tue, 09 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 1B25
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9172761103401923&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:03 GMT
Expires
Tue, 09 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 8236
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7354266140290149&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:03 GMT
Expires
Tue, 09 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 756A
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.19663529319390616&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:03 GMT
Expires
Tue, 09 Jan 2024 06:10:03 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 86EF
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:04 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 8A81
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:04 GMT
logo.jpeg
livedraw.pro/master/assets/ Frame BC7A
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cra%2BVi6XRcrTBooHiFERCJ6RqPG2NVhKk3XDpdWVROZd2QeUq8tc%2FRTaJ5tibeq1y6c6BD4U3DR1SmzLYgV9FZETjFTb4%2B4Ay8biag1cdPTDgvKmDUcZFq0DGgTbpQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d63758df6a1c-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 66FB
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:04 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame CCA3
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:43:43 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:51:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
59182
x-amz-server-side-encryption
AES256
etag
W/"b054dbc49b30695b40107158fb25e846"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Tikjm9mgNLaZO8vL0VbRw_hdgpxqI9XXMZvVZZY0THFtJv3ldfSaPw==
wp-emoji-release.min.js
medz.forumituct.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://medz.forumituct.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 30 Mar 2023 04:13:56 GMT
server
cloudflare
etag
W/"64250c84-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS9kGtHH2WyEIAu2txdVhQdjQV2OxFXt6dBZt9L4O%2BGIc%2F2kK0avgEHebrNp19TvN8TtZJdePjUyyHK1MmrfFQlv9wyPNv4%2BDdawI76AUCTxWg6CEg68xOz8Wzmee56Ei4OmKP4n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6376c634de6-MCI
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 2215
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:04 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1272
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
O5CRAo7wVR4lWnECgYJZ-pL8fwtYOlbV9YwnVKTE_Zflt6CmoJAseA==
test_oracle
pd.sharethis.com/pd/ Frame 27F0
438 B
675 B
Script
General
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
64f9ae246e391e369535df89981e49fff12a6bfa8408d1e169541b063aed5989
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 86EF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=7556e1f3-fd5a-480d-94c1-abab6b180500&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/ttd?uid=7556e1f3-fd5a-480d-94c1-abab6b180500&gdpr=0&gdpr_consent=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwACWWTqLsAAAAKTQ0FAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/ttd?uid=7556e1f3-fd5a-480d-94c1-abab6b180500&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 06:10:05 GMT
server
Kestrel
content-length
215
db_sync
px.ads.linkedin.com/ Frame 86EF
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkh3QUNXV1RxTHNBQUFBS1RRMEZBdz09EAAaDQi80c6sBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d3c1d72c5f8adba899b3163135dd018bee4dee37312352625833db9cc7f2df1e791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d3c1d72c5f8adba899b3163135dd018bee4dee37312352625833db9cc7f2df1e791426b5417dce21&rand=05802919
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d3c1d72c5f8adba899b3163135dd018bee4dee37312352625833db9cc7f2df1e791426b5417dce21&rand=05802919
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F3F7FB3C9C284391A5506F4EA81EBE72 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Fl3MHJwhlx0tRuCMg==

Redirect headers

date
Tue, 02 Jan 2024 06:10:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d3c1d72c5f8adba899b3163135dd018bee4dee37312352625833db9cc7f2df1e791426b5417dce21&rand=05802919
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
eyeota
sync.sharethis.com/ Frame 86EF
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2r2oF4vSQmq_fAjITv96X46J11wgn1UnmCh0lOeYv_Yg&gdpr=0&gdpr_consent=
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/eyeota?uid=2r2oF4vSQmq_fAjITv96X46J11wgn1UnmCh0lOeYv_Yg&gdpr=0&gdpr_consent=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwACWWTqLsAAAAKTQ0FAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2r2oF4vSQmq_fAjITv96X46J11wgn1UnmCh0lOeYv_Yg&gdpr=0&gdpr_consent=
Date
Tue, 02 Jan 2024 06:10:04 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
csync.ashx
ml314.com/ Frame 86EF
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3641061050048577552
  • https://ml314.com/csync.ashx?fp=c9c648afd212243966d580dab4133c6fc691ddfe59642fada4724afbc5c7046ff4cb09cee1a4f8eb&person_id=3641061050048577552&eid=50082
43 B
115 B
Image
General
Full URL
https://ml314.com/csync.ashx?fp=c9c648afd212243966d580dab4133c6fc691ddfe59642fada4724afbc5c7046ff4cb09cee1a4f8eb&person_id=3641061050048577552&eid=50082
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 03 Jan 2024 06:10:05 GMT
date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google, 1.1 google
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif

Redirect headers

date
Tue, 02 Jan 2024 06:10:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=c9c648afd212243966d580dab4133c6fc691ddfe59642fada4724afbc5c7046ff4cb09cee1a4f8eb&person_id=3641061050048577552&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 86EF
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwACWWTqLsAAAAKTQ0FAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Tue, 02 Jan 2024 06:10:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
a.gif
t.sharethis.com/d/ Frame 8A81
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175803888&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&rdn=medz.forumituct.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=f7xyIzYAOOYDJdfvhbJf&urls=&rnd=1704175804129&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=118
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:04 GMT
a.gif
t.sharethis.com/d/ Frame 66FB
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175803890&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&rdn=medz.forumituct.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=a8xyIzYAC-2ESEMUO9nr&urls=&rnd=1704175804188&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=148
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:04 GMT
map
bcp.crwdcntrl.net/6/ Frame CCA3
156 B
614 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2c74a002af7345dd47e894013261ef8393751ae80f16a08170fe4ea8a89aa47a

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.10.7
access-control-allow-credentials
true
content-length
156
expires
0
style.min.css
master.aimistik.com/wp-includes/css/dist/block-library/ Frame 1668
107 KB
15 KB
Stylesheet
General
Full URL
https://master.aimistik.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:01:17 GMT
server
cloudflare
etag
W/"654aa59d-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umEIKBD%2Bu2lTZcqNN7cd5%2Bm%2B53xKmn53dnamBeJFl%2F1HZbpevIu7C6ibh2r4RJNTkkcCrltuQ8rgUphaWa8B7Indn5QFIf0VrOmYc%2FKR94fHktZHfxaed5qNj%2FLCkII56SqvhwqD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6387ec04dfd-MCI
style.css
master.aimistik.com/wp-content/themes/asteroid/ Frame 1668
28 KB
9 KB
Stylesheet
General
Full URL
https://master.aimistik.com/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 27 May 2023 09:01:12 GMT
server
cloudflare
etag
W/"6471c6d8-6f7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stck1zvPZIUbBjSRy1WOI6WXSvSeOXtc1c7ReCSkLxQRAn8rLlvGr%2FGUI%2B8irZ1azUXqy8UckcELubO6CxcBftIWs5Ddu4IYgcHaxz%2F0RjTF%2FAMMlah6rRVmCaSlNnTRnIW9iqwk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6387ec14dfd-MCI
jquery.min.js
master.aimistik.com/wp-includes/js/jquery/ Frame 1668
86 KB
31 KB
Script
General
Full URL
https://master.aimistik.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:01:17 GMT
server
cloudflare
etag
W/"654aa59d-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a63xx4jBGu%2BR6QNCN0seu0w4sw%2BE4tFExMnohlIr%2F07nnE3IcPP48RZHPIVlg3bWZgCyNVkq8ndkZmYtYV2PAiZUJaQiB50CQRTE5T4wLvqOETazuxadm%2BwgRQOeqcbgKXVBXoPB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6387ec24dfd-MCI
jquery-migrate.min.js
master.aimistik.com/wp-includes/js/jquery/ Frame 1668
13 KB
5 KB
Script
General
Full URL
https://master.aimistik.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 21:01:41 GMT
server
cloudflare
etag
W/"64d2ad35-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5aDISkBffAkr5mgjFTumrbmpD2S%2FNxxjwZ7oFlkt976yI6du%2FSORMQ2YgyHqT%2Fif5vpwUxLyCjILP%2FmO%2BYOhZ%2BXUE2S%2FQ0vmCUvPdQHJtjxej1bhk5329lXSpwXoEZCUu6PjbiS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6387ec44dfd-MCI
css2
fonts.googleapis.com/ Frame 1668
3 KB
691 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
fbc30fd5841951aa57b44c605c577c1d73d3d37c8fdc733ac76bae922c8f257f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:04 GMT
css2
fonts.googleapis.com/ Frame 1668
57 KB
13 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Gothic+A1:wght@500&display=swap
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
976e961524a9ca9d6a85aec8f727412829024095c2653c89ae7596e7dbdefda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:04 GMT
css2
fonts.googleapis.com/ Frame 1668
3 KB
724 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 04:36:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:04 GMT
a.gif
t.sharethis.com/d/ Frame 2215
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175803929&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&rdn=medz.forumituct.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=88xyIzYArqY9cLDG7kSD&urls=&rnd=1704175804223&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=138&bcnLcy=70
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:04 GMT
bk-coretag.js
tags.bkrtx.com/js/ Frame 27F0
51 KB
16 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.7.64.229 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-64-229.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 02 Jan 2024 06:10:04 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Tue, 09 Jan 2024 06:10:04 GMT
103de319-baf7-4dcb-bfa3-eb3266e128bc
https://master.aimistik.com/ Frame 1668
1 KB
0
Other
General
Full URL
blob:https://master.aimistik.com/103de319-baf7-4dcb-bfa3-eb3266e128bc
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
style.min.css
master.aijos.info/wp-includes/css/dist/block-library/ Frame 9E9F
107 KB
15 KB
Stylesheet
General
Full URL
https://master.aijos.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 13:22:15 GMT
server
cloudflare
etag
W/"654b8b87-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQ79qH2CtnEIdc4qsiN4%2Fy5MFFWZGTDvCA3EsPJb5C1SWYs3v6JwdrZ0YU8GeNveuZMsqmYQFe0BVctjFEpd9BDmOYN%2F8Q7XEcbbBycjJ4ymsTPLCa2BBgwMtwSg9ephyMNekw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d638ee244de9-MCI
style.css
master.aijos.info/wp-content/themes/asteroid/ Frame 9E9F
28 KB
9 KB
Stylesheet
General
Full URL
https://master.aijos.info/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 05 Dec 2022 06:11:26 GMT
server
cloudflare
etag
W/"638d8b8e-6f7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEHmBfgXgI5Sy1Xqq2NesUaQqZpmhbi7DbtB1vh1xGVf8tZQRei6ZPqmzEyA6SCmj7TQvlqKkupBlZzxCijjWoOqexF5vl7Re4vty%2B6vssd%2FJB5pUaIyTLBkp2ea8z3rxGMTXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d638ee294de9-MCI
jquery.min.js
master.aijos.info/wp-includes/js/jquery/ Frame 9E9F
86 KB
31 KB
Script
General
Full URL
https://master.aijos.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 13:22:15 GMT
server
cloudflare
etag
W/"654b8b87-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2lTD4PHMsK90qFkBMd14OaKu6sHYM0a4m1UV4e1S4PviR6Zkf0bmHjaPWeS32YfRqQ0N5CHbwyX9Lxz9i3UxBPHTbyM0lu4oxO4Um2xAhe%2BP9x%2F1O3Y%2FoVep3D2VqpN7VRGjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d638ee2b4de9-MCI
jquery-migrate.min.js
master.aijos.info/wp-includes/js/jquery/ Frame 9E9F
13 KB
5 KB
Script
General
Full URL
https://master.aijos.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Aug 2023 03:12:50 GMT
server
cloudflare
etag
W/"64d30432-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2ihb9TXsiG0htRHcAtpVfLUtycbW%2FNGL%2FUvSx4nUebBFnwC5Ug%2FKOcKNDooJUs7ehWhoNTR%2FehPuyI8Pc43NY%2FS2H0fyKQZewTNAAGQJf854LrIGlqox%2FenMoOM7Yi5La6l%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d638ee304de9-MCI
css2
master.aijos.info/url(https:/fonts.googleapis.com/ Frame 9E9F
Redirect Chain
  • https://master.aijos.info/url('https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
  • https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
0
0
Stylesheet
General
Full URL
https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZdZEnpXnoxdpX%2BRua1Jl9cGu%2BA8iFkyKTzoNcK3NEpUkRik9tWV7LLsYC5dW4u2cXywu6gpXA2cCGXvAAVb3wvrphbo7az4Mx2ui8RgNDYHRayFofjRpzCehpXQDOwU54vJ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
83f0d63feab44e02-MCI
link
<https://master.aijos.info/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgyoGESzsYH%2F1VGdlo2VXXJH1xH4AUEmBIBxo7FcW9beGk3ja3%2FLJqzSSXto8OG8ZLQvTGAn0pfYdMojwuym%2B6pP8Ki3fc6KYNehgqtA44gKp2kd3kqszu%2BDf8Z4X7%2B1DzNz%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
83f0d638ee2d4de9-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
close.png
medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/
4 KB
5 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658104a0-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VONKERuQUCKthrZe98NpAqqDFwh4a%2Fj7nsqNOOzYwiAl0bOYzQNly3d1Pk4au7XZEuXOZ6JdTOZuuQo53Is90oi44nO47Dx4Rvhd78zkUvIMqWpZnHLOVfAGYrd%2Flok9pqc%2FohRL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d639eff04de6-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame 1668
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:04 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame 1668
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:04 GMT
dominobet_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 1668
1 MB
1 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/dominobet_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8392dc30ec53d2430d32e019ff90e7d333969029db96f3d35ac30f62dbce051e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 05:30:30 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1091018
expires
Sat, 20 Jan 2024 00:19:46 GMT
nagapoker_banner-gif_ads-prediksi_728x90-2.gif
sniperbom.files.wordpress.com/2023/10/ Frame 1668
112 KB
113 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/10/nagapoker_banner-gif_ads-prediksi_728x90-2.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9c80887521a6a1366158ce77c2a3d88b9e2ddfa38ea667541d4660cab8249dfe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Oct 2023 06:09:30 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
115171
expires
Wed, 03 Jan 2024 13:57:11 GMT
QvSKvI.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8d... Frame 1668
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8dUM2RHw0QidgGaFMVZlgpX6QiHZliJ9yM6-Scw8WK/s1600/QvSKvI.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
ae7b0ccd124e3bca4c5508df205d3adfe27bf369af79e75e7b065873f2a26afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="QvSKvI.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2164274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
email-decode.min.js
master.aimistik.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 1668
1 KB
1 KB
Script
General
Full URL
https://master.aimistik.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pLj%2Feqcr7Kjs1Pwj6hbgXYegY02vtdAeV9Rwe4wBCQC9HWo0hTc10xYLaX6dyNpdDrMSg5hQg6JYBDKhSveMnYtcwjR0UoalIs1iPHPkXholjJLu1xqyyyGFT6K29tkyX3Mc5Vu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d63c6ab94df1-MCI
expires
Thu, 04 Jan 2024 06:10:04 GMT
poker88_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 1668
337 KB
337 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/poker88_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0f69fdf64c28eb48dc46dd9bbc2ae7be055050137a752256fb3df9e49bf5e71c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 05:31:11 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
344663
expires
Sun, 07 Jan 2024 10:21:46 GMT
close.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2... Frame 1668
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2XEz0tfyT0TsTxveDOfPORI_L7WpbUqtJ63GBpZ7v/s100/close.png
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
f54446d7bcb59ffd58248331f57266965d83171c98f39467e7efaa010d7ab20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"va1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="close.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
togel88_banner-ads-prediksi-toto_728x90-4.gif
sniperbom.files.wordpress.com/2023/11/ Frame 1668
104 KB
104 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/togel88_banner-ads-prediksi-toto_728x90-4.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
77178130cd8b95c698e128d522d3458c97241da87fe0498a3b440ae3eb68c7bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Nov 2023 03:59:04 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
106048
expires
Tue, 16 Jan 2024 08:53:30 GMT
jquery.modal.css
master.aimistik.com/wp-content/plugins/uji-popup/modal/css/ Frame 1668
823 B
794 B
Stylesheet
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19vegp2kXDqt8jdj4X2Bg50TJfSQ5GzaBnV7UBEProF%2BgfNZXTQJRYtPg116LE1wgYzK%2BMTDGF3myXSB2o3lnOMXJOWUUCFwMkB1frqUOLJ9TktgBralCuJRW1knj81Ao9lk9B71"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d63ccb7d4df1-MCI
popups.css
master.aimistik.com/wp-content/plugins/uji-popup/css/ Frame 1668
2 KB
1 KB
Stylesheet
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2cEAn7M7LwTrUh50Uwo5e2i5hozUyEtF8YoGqgetFZ1%2BojZovI9QbgviCYeHNZInwBmYw75CF74FHhRNYxCCFq0cOTox4JkNaHfwmCF8NocRbbaRLzkcXZYPgET37i6YCy9Uq%2BI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d63dfe034df1-MCI
jquery.modal.min.js
master.aimistik.com/wp-content/plugins/uji-popup/modal/ Frame 1668
4 KB
2 KB
Script
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmb7PiumXDAEjNTwExx4pnQG8KfCAkPK7UvQtyPvS00E%2Fhtmcxj68%2ByymCXHb8WkcJI09YabfupE5LByBQhr3zMcJuCeAme24FQBbaQm0LFb4p8qnyUoRBvJLycDW9Kb6z1nud5Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6409a1d4df1-MCI
popups.js
master.aimistik.com/wp-content/plugins/uji-popup/js/ Frame 1668
2 KB
1 KB
Script
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pFfTp%2FITX8xjJFxcFAc%2FsMRpV9AJjkf02gFvjY1dBJNTH9nh8JzadnhCkiudRYHWdFMrAplaNRGnmPg58oV9jsFSf4I9jK%2F5WigJlbARywPxrJko4XTJaBlKEt3LXA7%2BSvsYOA7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6409a1f4df1-MCI
3d11de4a-9cc3-4de3-88f3-c0d038500621
https://master.aijos.info/ Frame 9E9F
1 KB
0
Other
General
Full URL
blob:https://master.aijos.info/3d11de4a-9cc3-4de3-88f3-c0d038500621
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame 9E9F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:04 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame 9E9F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
Hy55op1.gif
master.aimistik.com/wp-content/uploads/2023/08/ Frame 9E9F
2 MB
2 MB
Image
General
Full URL
https://master.aimistik.com/wp-content/uploads/2023/08/Hy55op1.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b9f802941f7b2b8ebf038a47cf739bda5a32cf0829d48408a25de7f4ebc5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 31 Aug 2023 04:27:20 GMT
server
cloudflare
etag
W/"64f016a8-25d79f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2sopuDsznkPsk020oMNul20VRZxx0gLgPON7BdkxuE8U1XHtKcZpBjYT5BESPx2RHlVRodDqcUcf0AhNdKahbSSIlDOLywNE0CfvSxuqVRfxjSu6iApX5H28wk6C%2F95lXHOsup1"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d63f48544df1-MCI
betcoin_gif_728x90-14.gif
sniperbom.files.wordpress.com/2023/11/ Frame 9E9F
92 KB
93 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/betcoin_gif_728x90-14.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9399bf7570eb0eafa3574c3b8f9a54e9e25dafae4354f1add9375f8e78dc778
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 06:17:27 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
94584
expires
Fri, 05 Jan 2024 11:44:49 GMT
maniaslot_gif_728x90-9.gif
sniperbom.files.wordpress.com/2023/11/ Frame 9E9F
376 KB
377 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/maniaslot_gif_728x90-9.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d956aa50ec0bd6f35d0b33b97793d5dd25e5c3a554517caec2d60ce0ae44055b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 03:17:33 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
385373
expires
Fri, 26 Jan 2024 22:34:24 GMT
close.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2... Frame 9E9F
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2XEz0tfyT0TsTxveDOfPORI_L7WpbUqtJ63GBpZ7v/s100/close.png
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
f54446d7bcb59ffd58248331f57266965d83171c98f39467e7efaa010d7ab20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
x-content-type-options
nosniff
server
fife
etag
"va1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="close.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:06 GMT
close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame 9E9F
2 KB
3 KB
Image
General
Full URL
https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f1.1e100.net
Software
fife /
Resource Hash
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:18:37 GMT
x-content-type-options
nosniff
age
10288
content-disposition
inline;filename="close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
server
fife
etag
"v744"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 03 Jan 2024 03:18:37 GMT
idncash_gif_728x90-8.gif
sniperbom.files.wordpress.com/2023/11/ Frame 9E9F
621 KB
622 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/idncash_gif_728x90-8.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c5a63f739a50d01fd97bbde57f263cdfbec0421551f7d08e893cca85d537f398
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 03:17:19 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
635553
expires
Mon, 15 Jan 2024 16:41:49 GMT
QvSKvI.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8d... Frame 9E9F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8dUM2RHw0QidgGaFMVZlgpX6QiHZliJ9yM6-Scw8WK/s1600/QvSKvI.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
ae7b0ccd124e3bca4c5508df205d3adfe27bf369af79e75e7b065873f2a26afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="QvSKvI.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2164274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:06 GMT
email-decode.min.js
master.aijos.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 9E9F
1 KB
1 KB
Script
General
Full URL
https://master.aijos.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sth2gsyDpdx5mRQdT%2BKr0lUM4n0uUORSzGz8tSyxCF6Avfk6%2FS6JuWQ1imjjwyTsH0KKNpDiRrMTn%2B0EDoVCppW2a2B%2FiqIqY5UxhIz7G%2FG5i8rh%2FDxOuv5cZOFJq6wBNMDWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d640dc1a4e02-MCI
expires
Thu, 04 Jan 2024 06:10:05 GMT
jquery.modal.css
master.aijos.info/wp-content/plugins/uji-popup/modal/css/ Frame 9E9F
823 B
800 B
Stylesheet
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqRFRT9XJa%2Bdbul8LonXBfyMs6nJyW%2FIHSVwNndudR9tX7yFxxKaGjiP4jYIrraNHwXYMBXfZ9OVSSt97smgDl5TqnKai%2BJJ9trlunw9Ni%2BceiIyUKBSMjuWU8UVeIYOnqFArw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6412c7b4e02-MCI
popups.css
master.aijos.info/wp-content/plugins/uji-popup/css/ Frame 9E9F
2 KB
1 KB
Stylesheet
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTy7%2FDuTRobVq4zjHp0lJHG0M3WG4GdZvEq2X73cDK%2Fir8wNZfJcOjoMprq0FS758DykO1oIR%2BySLBkNBqLHeb%2Fi6tIj7LMOwL5brmmbyXgD6yvlW5m53457GBnR8nfwXFma6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6412c7f4e02-MCI
jquery.modal.min.js
master.aijos.info/wp-content/plugins/uji-popup/modal/ Frame 9E9F
4 KB
2 KB
Script
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJv3Lpqqo92nYRjXTvmU82jaJnI9ZPC1W80wJh5d92HCWZgNbzNI4Up3i90XgwCHTLllpXM3mzbHRW7gHGd3a79xW3ulP%2FOsvW53nHenUQ%2FUhj3L02%2FreGQhLQQ%2Bezc06QSrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6412c834e02-MCI
popups.js
master.aijos.info/wp-content/plugins/uji-popup/js/ Frame 9E9F
2 KB
1 KB
Script
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8A8MQQm1kvbXZFn2fnwf0B6bSNyhGhMuGckgRnUXhK1KJX2slTfUKnW%2FR3FSBaAiVaTzd9udyt6xVg6S%2F8ebDfl5oR0CaQuopTnXFI7DDGlsAzqUjUkd0m8rrxCIe9MmfQBHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6412c874e02-MCI
2981
tags.bluekai.com/site/ Frame 36D6
Redirect Chain
  • https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHwACWWTqLsAAAAKTQ0FAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26...
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZEZVei9Pd005OTlqRzhCaw%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=ZEZVei9Pd005OTlqRzhCaw%3D%3D&google_tc=
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMR2MDtrcKRWpz7VPvgk_gA&google_cver=1
62 B
306 B
Document
General
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMR2MDtrcKRWpz7VPvgk_gA&google_cver=1
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Tue, 02 Jan 2024 06:10:05 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
296
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 06:10:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEMR2MDtrcKRWpz7VPvgk_gA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
result2.php
livedraw.pro/master/ Frame 680D
2 KB
832 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d64099df4df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ux808AfD9sWa8E7HFdOTsCrAO86FpD1PYZz6uqiPG%2FzYGiSK4fYOLx744VpB%2B%2FKZFh5p5Pv5B%2BbcmjpvMfcRyREEfq58w4AV9CcoOhV4eFeSkmSGeGVaKahd0FAGOds%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-harian-hk/ Frame 5DF2
95 KB
18 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-hk/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8f7957caf90c874f7ea8f31a719daebd3bd1ea56f4ee0e5a3e5620a96fda1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6413bd94ded-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:06 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=18>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpRlvzUIODc%2BF14NeaZESh3oIkR%2FDRczfB45ggWZHHuYTHI3yI3HF%2BTZIFOyqhwsLKv%2Fc1izyyqUlQekznk3nQNMtCHgZXLu%2BY5cAvSsB4i1kuMi7AWs432%2F5sWHZGE7ELk5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame 1668
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame 1668
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
bg-grey.png
master.aimistik.com/wp-content/themes/asteroid/images/ Frame 1668
4 KB
4 KB
Image
General
Full URL
https://master.aimistik.com/wp-content/themes/asteroid/images/bg-grey.png
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b962771e91582a7dc95cbf9c6caa71c0ec9aa7ff0570c7924846947659dbdc4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 27 May 2023 09:01:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6471c6d8-f1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTElTAPXv%2FAT01gQBTbZkMfc20CcLhW%2FVw%2FUH%2FI%2FcGH19ocPp7dMf8yCeYJqdlt7yQK%2FORgKEgFcFb0ngwFtBojErujJURE8SfXsRFiOV5g%2BQNF06tg6c9kVjsjPcDafZqwAUGl0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d640aa2b4df1-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1668
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
38c94145b4069f06159391d6043446b680da7c5c24497c0ba7129804ec4f87ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aimistik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:50:28 GMT
x-content-type-options
nosniff
age
577177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22340
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:45:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:50:28 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 1668
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aimistik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:59:48 GMT
x-content-type-options
nosniff
age
580217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 12:59:48 GMT
js15_as.js
s10.histats.com/ Frame 1668
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76524
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d640d9516a22-STL
content-length
4547
/
pools.comunityhk.com/ Frame 1DB1
Redirect Chain
  • https://net.comunityhk.com/
  • https://pools.comunityhk.com/
47 KB
12 KB
Document
General
Full URL
https://pools.comunityhk.com/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf7bcd84ded85142aa345266ee639e682d779af3796661f6cd582e28064e0397

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d654efb34de9-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:10 GMT
link
<https://pools.comunityhk.com/wp-json/>; rel="https://api.w.org/" <https://pools.comunityhk.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://pools.comunityhk.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nA7vQbOX9ntSKoU5zAJLf%2BQ8HoR3CXi9PEHl0zSLpV5uTfMeO4NCK5bbqfCN6tBGZpLAF85Xc2WqZ5xp%2FobgsZDmgtuSs4bR5p3KHjy4blM%2Bl7UcC5z2YFJONHFs%2Bs%2FtQGs1MOSl%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
83f0d6547f3d4de9-MCI
date
Tue, 02 Jan 2024 06:10:08 GMT
expires
Tue, 02 Jan 2024 07:10:08 GMT
location
https://pools.comunityhk.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lzk1ppaAma%2FkV5jGM5gWKKaA0CP7MWZbcmjjU01LZbIX1980ui%2B9RJMwCIpsn%2FvkVXGl9Jv7K%2Fab0lkQuqEKeH%2B6UGuJDHqzUjhrMNnSwGW%2B1zTIaZV%2FkSdhYx7%2B788CMLOmNM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
data.bolamerah.net/ Frame 4F69
Redirect Chain
  • https://bolamerah.net/
  • https://data.bolamerah.net/
70 KB
15 KB
Document
General
Full URL
https://data.bolamerah.net/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9729ec8eca7b720fa6280807817ed3cc0dd55ab05c90233bf8d4acfee9aa6bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6481e894e0a-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:08 GMT
link
<https://data.bolamerah.net/wp-json/>; rel="https://api.w.org/" <https://data.bolamerah.net/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json" <https://data.bolamerah.net/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1BlB061QudsXS%2B6PL%2BuCKxjsrIw2IeZqzN797VJKUxXkR6L5cE5SlzxxQHTgJKIEgHgBQDhYA%2FBPayyhKhAOT6DjjbhxeRcfxdt9G%2BtTyg8pVDJLE4ZGjrPLYAdLVu3WvIZUEw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
83f0d647bda44e0a-MCI
date
Tue, 02 Jan 2024 06:10:06 GMT
expires
Tue, 02 Jan 2024 07:10:06 GMT
location
https://data.bolamerah.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TBQiSsgu9RiOeOahab5kHTQ3Z7cSJGoG0sWR%2B0hjfuTFy2hMEAEkJIW2LRRKboFjy8FthFFeODml%2BA7N%2BrrIew3%2FMzLkP4WNK9xXsfc4E9qgt6ZJcm9u5FunXoIsuDe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMB0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 1668
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMB0ciZb.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
ebc4a28d28ca4aeda6c0091aa3f29289d7db2def86b2eeca06672c73719dec42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aimistik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:12:11 GMT
x-content-type-options
nosniff
age
21474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10072
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:58:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 00:12:11 GMT
css2
fonts.googleapis.com/ Frame 9E9F
3 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
fbc30fd5841951aa57b44c605c577c1d73d3d37c8fdc733ac76bae922c8f257f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:05 GMT
css2
fonts.googleapis.com/ Frame 9E9F
57 KB
13 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Gothic+A1:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
976e961524a9ca9d6a85aec8f727412829024095c2653c89ae7596e7dbdefda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:05 GMT
css2
fonts.googleapis.com/ Frame 9E9F
3 KB
628 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 04:24:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:05 GMT
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame 9E9F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame 9E9F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:05 GMT
result2.php
livedraw.pro/master/ Frame F227
2 KB
800 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6412a914df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ecu%2BqgDy7v0U5fV2DgfBTEq2Wg8x5JKUDDqvyXY4Fsn3WVV%2BViv4NI71eHtNggvzOmWeHwgbMkhSGSiWUNId%2BkMYMf5YCI8Hs2yG%2Bg8l%2FCJ2dT55PTrEUa%2BBhVA5czs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
medz.forumituct.com/ Frame 720F
Redirect Chain
  • https://net.forumituct.com/
  • https://medz.forumituct.com/
57 KB
13 KB
Document
General
Full URL
https://medz.forumituct.com/
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44771277bf2cef6b0321f4192961868dadd627f659698da5fdc8f3d5924a9af4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6418b8b4de6-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:06 GMT
link
<https://medz.forumituct.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubmkUxTFayScipj%2FkIaVc5CIyOZoxF2vrk%2BE3%2B2gJjb2fdHla%2Bgal7jhUbH5I6A6xbo50hlZ4uSoNNDZCRje4H31b%2B9HJQYIItvHLh2YTbVYxCVcb4uuTb%2FCfteyCGYf24mMphsS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
83f0d64139526a1e-MCI
date
Tue, 02 Jan 2024 06:10:05 GMT
expires
Tue, 02 Jan 2024 07:10:05 GMT
location
https://medz.forumituct.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX%2B8m7GMIRFr4XLzFqOh8K3hyaxXO4Q3HJszM9LND6ctLyMkAki66wtTUNVwUCIdBiQOzNDs5lTnYoYP8Q2wQW5cFBK9NP8yfREaybM%2BquNd%2BSm1ShkADObsIZP6i1KViyGcDYU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
4563875.php
s4.histats.com/stats/ Frame 1668
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:39104943&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:05 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
4563875.php
s4.histats.com/stats/ Frame 1668
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:7954733&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:05 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
4563875.php
s4.histats.com/stats/ Frame 1668
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:-30256986&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
4563875.php
s4.histats.com/stats/ Frame 1668
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:183948603&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 9E9F
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
38c94145b4069f06159391d6043446b680da7c5c24497c0ba7129804ec4f87ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aijos.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:50:28 GMT
x-content-type-options
nosniff
age
577177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22340
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:45:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:50:28 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 9E9F
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aijos.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:59:48 GMT
x-content-type-options
nosniff
age
580217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 12:59:48 GMT
js15_as.js
s10.histats.com/ Frame 9E9F
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76524
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d64219c66a22-STL
content-length
4547
4542820.php
s4.histats.com/stats/ Frame 9E9F
437 B
572 B
Script
General
Full URL
https://s4.histats.com/stats/4542820.php?4542820&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mAIJOS%20-%20MASTER%20AI%20TOP%20SDY%20SGP%20HK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s3023&@ten-US&@u1600&@b1:-199374045&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aijos.info%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
8b99b55b444d1835b4222ab6335c7b8e863bd3c88650c667860939bfd14f22f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Connection
close
Content-Length
437
Content-Type
text/html;charset=UTF-8
cc_331.js
s10.histats.com/counters/ Frame 1668
19 KB
8 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_331.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e7227e04393bb6223ffc5ea952a7ae9f332cdb78207b178048a53f84e8918f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
49165
etag
"-959646999"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6430a126a22-STL
content-length
8459
/
e.dtscout.com/e/ Frame 1668
7 KB
4 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:39104943&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514b74e42d0167f0bbb35d799b14dea829ff58dbd628b6dc7f8c68a9f8fa4319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
x-t
0.301
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTY3wEy99aza2TtPCkGEV%2BBguGUHOMFh3Od5N5%2BF2U6UP8dIfJt5yi6bkX66DFeFyaJGby1mvI2re8tNnWL5%2B%2FZHl7vfFQPBGiILne%2BokDqY7BLFkEUmz8qq%2BgiQj0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6430bf16a1e-MCI
expires
Tue, 02 Jan 2024 06:10:04 GMT
truncated
/ Frame 1668
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65ff71b69e1b131836cba65761d020f91e023fda6d2c2ce79cdc800c5c66e3d5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame 1668
58 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:20:34 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
17373
etag
W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
8khmeQ5ySrfArMwbg46Lluvu4HY48NbqgmR9FkOpdKUGiDZdqz0wpw==
/
t.dtscdn.com/widget/ Frame 1668
0
445 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmaster.aimistik.com%2F&r=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
x-t
50.61
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYdMLlwb6KzHIp4JyHZo7PUq7b4EgSofkH%2BbKibkXYsvpj4kCTMWISFI0EmmiKx%2FeY58uwQREAQLsq9yo7sW7UqG%2BdetvXhtsqI3H1Hq8d5n6p8SFv042Zzmi%2Buh0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web2.ny1.dtscdn.com
cf-ray
83f0d6442b6c4e03-MCI
expires
Tue, 02 Jan 2024 06:13:27 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1668
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63664
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
3MgTgIoiZWEf7XAovKZC-u1Ws-YttB4RSUKgxz4lMYMm6db94zv4YA==
dtscout
pd.sharethis.com/pd/ Frame 1668
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 1668
51 B
374 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=master.aimistik.com&_ss=3qc1tkzenv&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4usr&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a123aa32f894c542eff1092ab2d6b533873240a2bffeb2cfba8940f5d0c32c14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
x-t
0.18
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FonZuMxjeedZWVBq575o4EwwlK3NYNNXJTXaA6%2FyEMVwgDqDReYt5f0Z9hXRwyGm7bdwaEJH69OxfjAu8GZToWlJh1GX4NjIBxXoYyPGyJGk6jQFARAf%2F9Ggfdxbtw%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d6442d7b6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:05 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1668
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
t.dhj
t.sharethis.com/1/d/ Frame 1668
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.030917362454453423&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:06 GMT
dtscout
pd.sharethis.com/pd/ Frame 1668
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.030917362454453423&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 1668
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7041257720028504&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:06 GMT
dtscout
pd.sharethis.com/pd/ Frame 1668
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.7041257720028504&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
onetag-geo.s-onetag.com/ Frame 1668
50 B
457 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
7657d141-865f-4922-bb93-71cfb68c3655
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNxF0FCYcEDIw=
content-length
50
x-amz-cf-id
sx5_XmTVmaXraku0lafhQPqVH3mR2wSBfjegkk0V7IkSv-pAKFiuGw==
/
onetag-geo.s-onetag.com/ Frame 1668
50 B
456 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
7657d141-865f-4922-bb93-71cfb68c3655
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNxF0FCYcEDIw=
content-length
50
x-amz-cf-id
T1D3KKHmnwgQ469DGdozflnEjy98hnQSGUikrFitEhwu2qB81H3mQQ==
/
onetag-geo.s-onetag.com/ Frame 1668
50 B
455 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
7657d141-865f-4922-bb93-71cfb68c3655
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dNxF0FCYcEDIw=
content-length
50
x-amz-cf-id
KcDLvhRprCB7jvADdniQ-s8MmicaWmY1b7k68D6j3sUscP_K6SwTxA==
t.dhj
t.sharethis.com/1/d/ Frame 1668
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.30845436542311133&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:06 GMT
dtscout
pd.sharethis.com/pd/ Frame 1668
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.30845436542311133&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t_.htm
t.sharethis.com/a/ Frame 1952
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.030917362454453423&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:06 GMT
Expires
Tue, 09 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame DCCD
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7041257720028504&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:06 GMT
Expires
Tue, 09 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 2B52
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.30845436542311133&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:06 GMT
Expires
Tue, 09 Jan 2024 06:10:06 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 1668
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1272
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
00y-lkSTijnYEWX3CBmI1EVkpc-ZyvJGjxkxdwGhLGCOtWH21iRfsA==
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 0DBF
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:06 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 6BAA
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:06 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame D0AB
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:06 GMT
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
467 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ee1cd4858d434df63f0e26765fd551e0efbc2d40f3fab35f965c9b0b08794235

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://medz.forumituct.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://medz.forumituct.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
v2
ap.lijit.com/readerinfo/ Frame 1668
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
467 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ee1cd4858d434df63f0e26765fd551e0efbc2d40f3fab35f965c9b0b08794235

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://master.aimistik.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Tue, 02 Jan 2024 06:10:06 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://master.aimistik.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
wp-emoji-release.min.js
master.aimistik.com/wp-includes/js/ Frame 1668
18 KB
5 KB
Script
General
Full URL
https://master.aimistik.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 27 May 2023 09:01:08 GMT
server
cloudflare
etag
W/"6471c6d4-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb%2BqWAY8kZoq60D5%2BbFCGIMNSFVs96EnnHFNmC1LntLfxt5FMR13Njgo7cE9kgZrUfpZW27KYihJzHlOcRcCmXuvrZWz8GXuPeRGWOHoDwJWOGqi7LWE2tBOJHvYLG5Mw%2B2nA1G%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6471bc64df1-MCI
logo.jpeg
livedraw.pro/master/assets/ Frame 680D
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvuVCgSuFsbXz7uvetqfT4lhpyujsgJyXeqjc1d7pwypAB2f8MNPQ6Je9VRopH7nIm5u8JYxRM1nR75xOjJZH5FdTgAhvETJlT2ao%2F9h%2FpLID69gJ09%2BlndgHA6%2BIu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d6474a1c4df0-MCI
logo.jpeg
livedraw.pro/master/assets/ Frame F227
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iF%2BjF8cWkitI0FKsEhdkcNRqDT3KUGVo%2BOhbvT113gWKDKDIIRL4NNYyZNAqNxLMpz98v98o3eyufpUI3gW%2FZVjExfE71I5pwo9Os%2F4WNkLDORjlI6UBjdsIDQ8GVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d6482b3b4df0-MCI
a.gif
t.sharethis.com/d/ Frame 0DBF
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175806238&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=kkyyIzYAVIRQPtO9hHhn&urls=&rnd=1704175806759&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=249&bcnLcy=110
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:06 GMT
a.gif
t.sharethis.com/d/ Frame 6BAA
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175806242&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=tkyyIzYA8X4jhqCY8DeQ&urls=&rnd=1704175806768&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=241&bcnLcy=110
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:06 GMT
a.gif
t.sharethis.com/d/ Frame D0AB
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175806264&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=3kyyIzYAIi8Y01MY5Y9J&urls=&rnd=1704175806777&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=238&bcnLcy=110
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:06 GMT
wp-emoji-release.min.js
master.aijos.info/wp-includes/js/ Frame 9E9F
18 KB
5 KB
Script
General
Full URL
https://master.aijos.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 30 Mar 2023 03:12:48 GMT
server
cloudflare
etag
W/"6424fe30-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jA9j5kh0CNJH3eR16RyC9gGDDZ1xAtyTYSWMnk%2FBergebG13%2B7Km0oSjHw7SfR1J742%2FlxCpbID4TRZDiVz2rhVwXUvzQTrDPaO3d9DQ8bultOTG1OrbgV%2BSQrSI7shBQxrQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6489a3e4e02-MCI
close.png
master.aimistik.com/wp-content/plugins/uji-popup/modal/css/ Frame 1668
4 KB
5 KB
Image
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64b6188a-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zYpHSOJG6R3%2FNYn2v3gvPA00MZJFtU7VpO14rdHNIwL%2BFCd6FPamGu0ITUmeLqE2RB7CiJELxWq%2B40oxMM5M4Lqg89VaYat4KJRZYQmeMleD%2BWTt9%2BPT2Obx0EyvXqfdv6ffwvz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d648fe154df1-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
style.min.css
net.itupaito.com/wp-includes/css/dist/block-library/ Frame 5DF2
107 KB
15 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGl7cJMzJFOvhUsrzfnnCfjm8AAOz61Jw%2FkxmQ6JRdCnfBVqvZ866wAUp8vhOAusZ9O6xLP9wp%2Fw82EbL2RMN44HifnATsDBVKNqkuRtAxJyM37oP6%2BHagHTwTTaZ%2Fd%2FRq1z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6491f154ded-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
css
fonts.googleapis.com/ Frame 5DF2
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:06 GMT
genericons.css
net.itupaito.com/wp-content/themes/frontier/includes/genericons/ Frame 5DF2
28 KB
16 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qsrc4jY3bZChvHt50eafBJ2zycQraGRB3eD0Sf1InX88ET%2FW%2FZmWm0EMcp8uAf%2FcqNyhxN6OCjjVfsHl0LqHuuD8mnKJavlfUZ0WXxYF4t1%2FM0T6oyddnZ58Qe9kt1ZyJ85v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6492f194ded-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
style.css
net.itupaito.com/wp-content/themes/frontier/ Frame 5DF2
26 KB
7 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXRIipeOH2Eag%2Bl1sdW11dPJqCorIqtLcobmAz02uHgWi3dgVOixu%2BFNyXEfjQjDR6LYr%2FwsSkzUoPh6sAvq6Vrh0s9iUKJuo6AqlIcvVpZUEX9GufaieeNiShQF4uJjc%2F3M"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6492f1a4ded-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
responsive.css
net.itupaito.com/wp-content/themes/frontier/ Frame 5DF2
3 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhv9ZLQWwS5tIuS2BzXx2fCGXrgJnC2sHJPbNv%2FLZMJRvQA8keKxzaG42g0TbEHKzAs6b%2FlL6QgYdw4cgNepF6o7MQNSWHG3nn3yIfqwkdgOZZlXHzVm8Erg0h3cT4bsWTyT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6492f1c4ded-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 5DF2
86 KB
31 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr3C0NLqQSrMaBCDlq0JQyR%2BuZWkWBog%2Fs1O62tTsnNPQuS%2BcisYH5Ygeo%2FDg0yNUzzq5e6Uu%2BANsRE0WKJ9GBvz5KTPcIxZVlrjUY7x8YEzj5y0hmCF44RgQvMMBcnWlk7n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6492f1d4ded-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery-migrate.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 5DF2
13 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9qaQ%2FD7Bm1UM8xuQUll%2B6vqz0S%2BzcXbBHGDelH1VLMJ%2BtapZt05j1ARf8X3kTYbVjdQnTqJ%2B6Nl3%2F0af1PCWtYr19ZbBDpKaJUIw0D62u%2BsVMW%2F%2F1NZ3OxFNigb93yXQWlE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6492f1f4ded-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
itupaito.jpg
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 5DF2
41 KB
41 KB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/itupaito.jpg
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2148e4d782585cf051fc1e4260e1aac881e9b3d7016a5a88f709ac8667124f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 11 Dec 2023 02:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6576780d-a23a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiiE1kiHli789%2Fd%2FrC%2FZUDt2XkB0tdSkWbpoVRfrxXfODtWliVoWXNU137i3vk761ULiNpLlilvKY2JtBJO%2BL%2BhSx9v7jJa74bHvRouX6585wItYOfG9kwte%2FwY%2FPL%2FOaI01nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d6493f3b4ded-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
ezgif-2-57185206c3.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 5DF2
3 MB
3 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/ezgif-2-57185206c3.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f603e8ca70ab2fe4e27345b6ed4777e0d4229e10158318d2d56188737e3c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 28 Dec 2023 05:22:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658d0607-37536c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYbh%2FBUJGBPMNlwio2QLmhXlygQo0PMnAGWf8EFborVmP2cnKFpdQZ5tTH3RYQCJ1M911sIlTAllXD6NtvZlyOVsStxjq8%2BZrQbSx64z7lcF5Qd26vDSiDCk8YyAjViCFjE%2BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d6493f394ded-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
dewahk.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 5DF2
1 MB
1 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dewahk.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29eec787b47f80e9c88f284711a9960b7234312cdee191b60b8a791110402b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 28 Dec 2023 05:10:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658d0332-12ab6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjH%2FqsUwknPaJQIwDbSz0URI4Fy1yHOtAmStEvsBzV%2FEDNbSoNpNYk1XhbD75eXp9Nv4ZXLVK3zQYPOIi50QKK10eqG53q%2BeryCZd5rHfw%2BQ7bKK3svyFycPwke6v8rCQahDYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d6510b9f4e01-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
dwjt.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 5DF2
2 MB
2 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dwjt.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc490ec6a9b3acd4ab42676d2be07d89f943b43c5fcfa814ff1a2240d8adafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 28 Dec 2023 04:59:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"658d0097-1e9f81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoDDAQcJB8Jh%2B7bK6v0N%2BpULrhu7dlfCxqbQhRdEah65wM48OlfzQoxiQwBhhsWiDvDyvaZorQF6pKoN6N%2Fvj%2FopMBBGF6uleCXB85x%2BhvIwzHaeXmgkfCrcnm7uuzuwpSV%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d6514bf54e01-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 5DF2
1 MB
1 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
79fd518534c7a5da85d4c1e31b84ef8492a73bfc195a59983579ebcdf97004f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:20 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1488081
expires
Tue, 16 Jan 2024 04:57:56 GMT
domino88_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 5DF2
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/domino88_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
be94d0e3dc5a19a564e445be20558efee2eeb851b453faaaedf82f9e0db68f6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:08:41 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1998053
expires
Sun, 21 Jan 2024 12:45:52 GMT
dewacash_gif-banner_prediksi_728x90.gif
sniperbom.files.wordpress.com/2023/10/ Frame 5DF2
98 KB
99 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/10/dewacash_gif-banner_prediksi_728x90.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ebd6573326882892ed88414467a25bb6c0f05266418e67816dbd8779c22b6be1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2023 04:02:28 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
100715
expires
Thu, 11 Jan 2024 04:06:20 GMT
lapak303_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 5DF2
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/lapak303_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
61c8a7e7fb9f931484a0f4f1ad9fffd134f92497ebd2fb11671bca96e5cd2553
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:03 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2071280
expires
Fri, 12 Jan 2024 18:31:40 GMT
itupaito.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 5DF2
37 KB
37 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/itupaito.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c549eca6d723d2d78691f886ce702f3df04cb59ed4848d778d2d4d68451eab4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 16:34:14 GMT
server
cloudflare
etag
W/"654a6706-935c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=520twAu7WRr1pMEYZfQSsaLE%2F%2BF%2Fk42erDkjPOBbyplZ1s7pvYfGTrXr%2B9z47q%2FJJwzZ%2BnNjsbz9g%2F%2FPm9bH8W2CIkciHVeaPLwQM%2BEiRlo5LJIJkNjLC0nDJz9En4OQOUt2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d6514c0b4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 5DF2
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 20:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 20:20:13 GMT
style.min.css
medz.forumituct.com/wp-includes/css/dist/block-library/ Frame 720F
107 KB
15 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 04:17:29 GMT
server
cloudflare
etag
W/"654b0bd9-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwyUt0lYlKVgyo4uelLlNku9i7IFUiu0mOU8n1k1ArYhLmV%2BoavUfhJwETQ7YnBXc1FV4bfhPVvdeTeyfPlptiIslfRErbwJ%2FhalM3CQ%2F8sYzpDygvRPNXr94EwpRl4m6dtuxkyp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6493e024de6-MCI
css
fonts.googleapis.com/ Frame 720F
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:56:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:06 GMT
genericons.css
medz.forumituct.com/wp-content/themes/frontier/includes/genericons/ Frame 720F
28 KB
16 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r12WRGM%2B9Uy1s9EqadteLF95lFfiPYJDv%2Fuh0EpU9zNAV3coaVHeGGtx9uQwxNNR3pMYlwDJpK9%2F%2Fhmam3ZfWn4fqnNhsaP4ueZAyHSFdoCTe61pReABu%2FM%2F%2BSrzw1w6%2BrwW1JvA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6493e114de6-MCI
style.css
medz.forumituct.com/wp-content/themes/frontier/ Frame 720F
26 KB
7 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9nsyrVqsfZ64TmfR%2FC7hBM6ZptWndha3xfs%2FbJZTGUpYG7MXBEqfFFFrZmgBRNs7LV%2BIluZu1l2KhCrBHZD4kOy2wq2gCBfS%2FfJXobjjnb%2B%2FbSCZ6GKKSKxhK5HDKZ3AktxYX%2FU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6493e154de6-MCI
responsive.css
medz.forumituct.com/wp-content/themes/frontier/ Frame 720F
3 KB
1 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA3XSH9kQbPcQmYkQC2CogFfQLib2ZQw9XnhHwAyAVcWK1PCMwylY2%2FT2rO6rUw6%2F%2FzgEYK76qLJFVd1fcLDQ2EA8dj%2FNBrIZLnqrxQvBmilhaqInjsyAcWXVqxJcnlTRB0YAziB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6493e174de6-MCI
jquery.min.js
medz.forumituct.com/wp-includes/js/jquery/ Frame 720F
86 KB
31 KB
Script
General
Full URL
https://medz.forumituct.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 04:17:28 GMT
server
cloudflare
etag
W/"654b0bd8-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVXWNiJL5bOYkz0k%2F5wWPvmPZt4Dub4cNcFvIP2i4xe75Kd12USUlRnKs8gu8UtmDhFE1avoMi3b6KQjZeptW8D1%2FRpl9svRw54bgslla4V52COZz%2FpigNpcUxJuqicmHIXRAlV7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6493e184de6-MCI
jquery-migrate.min.js
medz.forumituct.com/wp-includes/js/jquery/ Frame 720F
13 KB
5 KB
Script
General
Full URL
https://medz.forumituct.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Aug 2023 04:16:46 GMT
server
cloudflare
etag
W/"64d3132e-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yo5th0OeKjUPurLpHEWRPY1tG%2Fli7exa0tl08AsIWq2YvTK1ygj2SCFITxNoT0bvGWs6i5Lw6iQKu2OvS3cCieZu5JGWm5OXQVf%2FsOt8I0WuuUxvqVLpJNNFn9SHYjqOnJZbq2qi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6493e194de6-MCI
bootstrap.css
medz.forumituct.com/wp-content/plugins/masterpaito/css/ Frame 720F
143 KB
22 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/plugins/masterpaito/css/bootstrap.css
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d23cde62ca806c8ad79f619f41e522a1f5f4b5b5f5f0f90602748b0e1dfe04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 07:17:24 GMT
server
cloudflare
etag
W/"63ce3484-23a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fi0vcJh%2BIL0ZCzzno6CuoKJCNOwp9s3EDZpJsngCcmpsJK66Oi8IrJFR3LapNVW6k%2B2j3pbIELCkdL5FkMWVyhWTQV2HsI32IxHNRmTyDZw3rUGipmgvOMjeySqfuITW6qG0RW8N"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6493e1b4de6-MCI
css2
fonts.googleapis.com/ Frame 720F
2 KB
567 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:12:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:06 GMT
css2
fonts.googleapis.com/ Frame 720F
421 B
320 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Carter+One&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
b00653f5ecbbaecc1a215636c3cc04936bb15e4fd74eb2eaae0a478473f5ce9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 04:40:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:06 GMT
css2
fonts.googleapis.com/ Frame 720F
1 KB
483 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
138e7f355c55bbf2b7b3bbed2b52f37ed4b733dc7715eb10aa2c2bcda7d23a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:06 GMT
css2
fonts.googleapis.com/ Frame 720F
2 KB
585 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:21:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:06 GMT
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame 720F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:07 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame 720F
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:07 GMT
Hy55op1.gif
master.aimistik.com/wp-content/uploads/2023/08/ Frame 720F
2 MB
2 MB
Image
General
Full URL
https://master.aimistik.com/wp-content/uploads/2023/08/Hy55op1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b9f802941f7b2b8ebf038a47cf739bda5a32cf0829d48408a25de7f4ebc5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 31 Aug 2023 04:27:20 GMT
server
cloudflare
etag
W/"64f016a8-25d79f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH7yPUcP1AvACbLoXVl7rycCEJYyi4C2ikwRi6oQ%2Fi2crOtVxeo2R0aMUVQBW6D4HfY9huJOJTc50K1LEczGaWqRPNavwGZ37jam1FIokuvMMVCqgXT1ukRqInI3tAcyqHyploHS"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d64a1f794df1-MCI
POKER88_GIF-Banner_PREDIKSI-MP_728x90_Edited-1.gif
medz.forumituct.com/wp-content/uploads/2023/12/ Frame 720F
337 KB
337 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/POKER88_GIF-Banner_PREDIKSI-MP_728x90_Edited-1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f69fdf64c28eb48dc46dd9bbc2ae7be055050137a752256fb3df9e49bf5e71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:51:41 GMT
server
cloudflare
etag
W/"6581053d-54257"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uc6NqNKaCwHkW8FZPUm%2BdPV7fIHiG5tVtEUQM6J7OSSgbe6KUuaGEaE4BTsSNkGdAGd9jZilxXozAF%2BoQCrhB%2BhhazfIkAtp3xc67rt5xMWzGOP11W%2BU9dkfXHr7HUKfZEKafncK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d64a1f3a4de6-MCI
DEWAPOKER_GIF-Banner_PREDIKSI-MP_728x90_Edited.gif
medz.forumituct.com/wp-content/uploads/2023/12/ Frame 720F
750 KB
751 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/DEWAPOKER_GIF-Banner_PREDIKSI-MP_728x90_Edited.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483b812d41d94b9639b344476909c7f5d884f24872d20e59ddf11794f9cb30f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:51:46 GMT
server
cloudflare
etag
W/"65810542-bb8dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29ljOVO1E%2BSIpdpQuE%2FLYsoDifZvwdINZ5NOwpkg8g42jU9LgS8mJWw5ubU59UYVM9y%2BSbfkZsSn9H7emjcxIXMKRbHugjHum8PdxyaxDs2IIRJUbyVE0gIB3qpoOS0L7jFMEuxp"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d64a1f3d4de6-MCI
VEGAS88-728x90-5.gif
medz.forumituct.com/wp-content/uploads/2023/12/ Frame 720F
83 KB
84 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/VEGAS88-728x90-5.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0194ee909858ac0b6352d882746272548157bf88b91771c08ddaf11642b513b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:51:48 GMT
server
cloudflare
etag
W/"65810544-14d76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEMU%2BopUx1ftJG9gvMh3JhWnRR3sTrufkV4eI6QZ2o%2FF6OduXqF6aE42FODAAHEV%2BSRLHLtmWxTA9M%2FVMP70f5a73D%2F5Azgc2PGhWSnf0j7%2FxtALRlg9hpNq5cH%2F33Zu6EGrQKvg"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d64a1f484de6-MCI
SKOR88_GIF-Banner_Prediksi_728x90-1.gif
medz.forumituct.com/wp-content/uploads/2023/12/ Frame 720F
213 KB
213 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/uploads/2023/12/SKOR88_GIF-Banner_Prediksi_728x90-1.gif
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd00f3d41a2866479e75a4a57e111e73d81d88525ed77e0b28ff94d58484c08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:51:37 GMT
server
cloudflare
etag
W/"65810539-352c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtWybU%2BdjAd3CsuRffBoCOLkLAklwykRsXRhLLo3IvzFum2kfruCQtQaFf4Pu%2B6xb2s0olx6vFCuAuP5BQ%2BeZcI9R9rohCpsZqk5fRY4WibeJo71JCq2P7riDLKFIyI%2Biqg54nTc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d64a1f494de6-MCI
email-decode.min.js
medz.forumituct.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 720F
1 KB
1 KB
Script
General
Full URL
https://medz.forumituct.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSAb00S3oTlKhDIEASHMPrf6YmfAKkEFv2x%2Be%2Fpgsl4p7aSkbnsdGnqhsktyTLD3JRlRZm4nqtfNgwBhkRkYyTt6hNg0T%2BJxvDpmkuBqmaJmmHnk8alkRWFxUF9uWjsjUVwAMh9d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d64a1f3e4de6-MCI
expires
Thu, 04 Jan 2024 06:10:07 GMT
jquery.modal.css
medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/ Frame 720F
823 B
800 B
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uipVBaoztSYXDpV6%2B9h0%2FM0f1kWYYYmX2EsqneICkJA%2FF13x4GJi%2B2g%2Fn%2FlrPmgjeQ2rn3qjgXPRj8o7CZ9%2BtGaA96NqCzi0mSCQtQ9FjBTjaXNvU6f88Tp81VH4JZihUw5DnOct"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d64a1f424de6-MCI
popups.css
medz.forumituct.com/wp-content/plugins/uji-popup/css/ Frame 720F
2 KB
1 KB
Stylesheet
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udk2Ii6vGCN8PkpVsMZ9yAhVlP221uhyJAuDhvMRmjVVxekueSR5i7qEURvOF5HOUhAWb1jHld8t6hj9UFCTFO305aIBAGWVXv%2B2RexcolF6Xb2AXojM7lPWAvP72tMPZwOlO2lE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d64a1f434de6-MCI
jquery.modal.min.js
medz.forumituct.com/wp-content/plugins/uji-popup/modal/ Frame 720F
4 KB
2 KB
Script
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faL%2FDrhLvhAky8QEELlsp0oOP6F0cvvh7dW6upbu1OavWMwZQ3zvp%2BvbfznTd3zjiVpxoBhF51k8o0%2F3AKib%2Bxa%2Fu7UbjlujtajMcwesgYYSmqS9H9cT79l1d6aKrq8dGu5FyZ3p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64a1f454de6-MCI
popups.js
medz.forumituct.com/wp-content/plugins/uji-popup/js/ Frame 720F
2 KB
1 KB
Script
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=450T1sl3j1bRYQsvQG%2Fol79lAwlwh81EZghpeS7NLMb0f1WloubYJVrXccOL1XoNlSImHoinBrNAZHjbDovQNe6Hqbs%2F1Jvwv5%2BCwhLwvSUYSnKI4FZlbXkqreEosG%2BVNLxU5Bpk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64a1f474de6-MCI
email-decode.min.js
net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 5DF2
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5YrCtcVpCljYtBYsbfo41BVdYbSkWckmUAgYFWenNjGfC2%2Fv%2Flm64duymBoBbMmLZTSwHJXErmgnOG1027RbZTTDT9a%2BSlRmtl8%2BfpoMV%2FgUMJJbOnlBADFddEoSCQl6M3L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d6514bf94e01-MCI
expires
Thu, 04 Jan 2024 06:10:08 GMT
jquery.modal.css
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 5DF2
823 B
823 B
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2Z38uWD0Akq7P582A5Wv4C6WrwsKFXzH2rPWx%2BoE%2B3sPtH6oSkBlNBqpT66HNcDe5Elb%2BEPBwH75y4i%2FM2MSkb55T4tqAwCeW5Qa%2FnWit0nd0EODH44J9ZrWJ6Fq2dyquHG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6514bfc4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.css
net.itupaito.com/wp-content/plugins/uji-popup/css/ Frame 5DF2
2 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2zIIJ%2Bh79P9woYgifJSi9V3HVg5%2F%2FjdBGQgBaxOaun%2BLHS1w3iE7qA%2BBAFIB1%2FilTZgDCXSo2FFBCOG1lcGFJfl4lfoz0ob7gl4khRu4XqGX5m37GWSqIFy%2FpKNiHHHbXYx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6514c024e01-MCI
expires
Wed, 01 Jan 2025 06:10:08 GMT
wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 5DF2
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkQnbKNba5o%2F9MylV1xuUER3YCdqH9TSyur5mhlUNm4aYMRlKL5jK4Br1dfU%2BL%2BLxp4Xgat5mjVDR%2BUGIrMMOAwol2U8WAAtKnfZPzbCuWTdkXxS0YbQaj1Uul1qNmI%2Ffb0Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6514c104e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.modal.min.js
net.itupaito.com/wp-content/plugins/uji-popup/modal/ Frame 5DF2
4 KB
2 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQXq1CpPspnJAZLn0Q1LCItAt%2FjcJL0wgxdr9UpuBZ8ALQHfN6Q2rFRQTbD3x0o0u8ikw6OLXGSSz6iD65m%2ByYw9SWjG5TqpVDbmOn%2BjGR17lPZ4OEPGHp6M9Zlt1d7Lg7%2B3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6514c074e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.js
net.itupaito.com/wp-content/plugins/uji-popup/js/ Frame 5DF2
2 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnKYUl1iPDC9N4MuPAdXNQh%2B%2BuFuftIEq8pQf2pOeO9DF8IYCJmu9iJYtzPb34%2FJSoZtCiJEeGAqZ%2BFzziPI1uYHjtWsG%2B37GuWxiU67rBd3BHfhvbZ1LnDvPO1UxHuimdEE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6514c094e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
3f17e812-4241-4005-a5ba-b0d9820365fd
https://net.itupaito.com/ Frame 5DF2
1 KB
0
Other
General
Full URL
blob:https://net.itupaito.com/3f17e812-4241-4005-a5ba-b0d9820365fd
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
00399531-d77e-48f8-90a2-443b1d179c3c
https://medz.forumituct.com/ Frame 720F
1 KB
0
Other
General
Full URL
blob:https://medz.forumituct.com/00399531-d77e-48f8-90a2-443b1d179c3c
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
cc_3023.js
s10.histats.com/counters/ Frame 9E9F
18 KB
7 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_3023.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
etag
"73940338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d649ec1a6a22-STL
content-length
7567
/
e.dtscout.com/e/ Frame 9E9F
7 KB
4 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4542820.php?4542820&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mAIJOS%20-%20MASTER%20AI%20TOP%20SDY%20SGP%20HK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s3023&@ten-US&@u1600&@b1:-199374045&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aijos.info%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076c04e6c66c61eb8da2aa5495c3596cd9aa45dfbb40d517c21793cba0fd6a9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
0.291
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8Bt%2ByoHi0fLUl3dNHU4bxTOrsn%2ByObpBW%2Fsod6lBmzMzscCUkeYkfdgl6pe3WH201uEE7kHYfaZIBUX%2FjNVivWuc6RuBH4exLkfv9B5NuBxEcUmeY7pNybKoh2uC3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d649ed646a1e-MCI
expires
Tue, 02 Jan 2024 06:10:06 GMT
/
e.dtscout.com/e/ Frame 1668
7 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:183948603&@b3:1704175806&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a04f03a828f90b362b543933da7443803c7effd1d245e1171678558f8500458

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
0.264
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27mTIpwGV6Qy9lqqnOxZ6ixEVb38lYuDyRJDzP%2BTzEop8qIIvu%2BV7qK%2BQG7wyVi4rzvBToyMKJQOw4%2BFzkUeEfTwS5k7tKfaLnISCFX4Ml%2BgYUr8PcjFAAVob3w5nms%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d649ed666a1e-MCI
expires
Tue, 02 Jan 2024 06:10:06 GMT
/
master.aimistik.com/ Frame 330B
80 KB
20 KB
Document
General
Full URL
https://master.aimistik.com/
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683d7de5939523b97d66ef8945811e7c816b5ce3510a4db59ecdc56ca6458ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d64a1f844df1-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:08 GMT
link
<https://master.aimistik.com/wp-json/>; rel="https://api.w.org/" <https://master.aimistik.com/wp-json/wp/v2/pages/153>; rel="alternate"; type="application/json" <https://master.aimistik.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODtVNtMu%2B%2F1Yn6XJcBwx9L%2F2uffZDnQwRvU6dqUIy%2FXUojcFc7%2FUFhLOFJT6cuoCyvNU0vGr4HzWHotzjGPNpin35%2Fgrh1GHhNY4U5Cqlz1yjosYfVSwg3cR3PQqJwM38oNM69Ih"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
result2.php
livedraw.pro/master/ Frame BF1B
2 KB
801 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d64a2dad4df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJLlVG83MDSrNM%2BoCwFukJO0VrLUb%2B2%2FWt8NT0dXxlcGrGKmTNztAuwxObrxaPiULOItU7LxgxkVv3Stbnl4wtSl6npC%2BGtwUSO6cglS%2FiVA%2FixcaAl4n4%2BosZVSuQY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
honeycomb.png
medz.forumituct.com/wp-content/themes/frontier/images/ Frame 720F
265 B
745 B
Image
General
Full URL
https://medz.forumituct.com/wp-content/themes/frontier/images/honeycomb.png
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 21 Jan 2023 16:14:08 GMT
server
cloudflare
etag
W/"63cc0f50-109"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hakjGQxDdIG8sW0lE7s1axl2GPCVX8KSoFwlewen4tETkXfA2VA0HLud1K664Lr8PGespuudxgGg7JyP8AwW9s%2FPlndPsM7KJ8i%2BV52Zek1FIJEeFvgykfhQ9mTx2JgipXLYLgtC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d64a2f554de6-MCI
q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
fonts.gstatic.com/s/carterone/v17/ Frame 720F
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Carter+One&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 01:20:50 GMT
x-content-type-options
nosniff
age
535757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27984
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:07:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 01:20:50 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ Frame 720F
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
afc8ec27017051865f6411f798ef57415d2de6d19e687052719a2c6f46059eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:02:36 GMT
x-content-type-options
nosniff
age
572851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15924
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:02:36 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 720F
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:34:01 GMT
x-content-type-options
nosniff
age
570966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:34:01 GMT
truncated
/ Frame 720F
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wi40.woff2
fonts.gstatic.com/s/quicksand/v31/ Frame 720F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wi40.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
7cda70e9848b04b3f0336c837846a04f5c71678c34b13e4c6d2378e74aceb57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medz.forumituct.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 20:25:24 GMT
x-content-type-options
nosniff
age
553483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15060
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:53:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 20:25:24 GMT
js15_as.js
s10.histats.com/ Frame 720F
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76526
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d64a4c3f6a22-STL
content-length
4547
/
master.aijos.info/ Frame C5B6
83 KB
21 KB
Document
General
Full URL
https://master.aijos.info/
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebdb9b0a3bc24cdd7dd1e20dcd35a6b9894e1e2681b2919b0d7b9da5c3f33e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d64a4d574e02-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:07 GMT
link
<https://master.aijos.info/wp-json/>; rel="https://api.w.org/" <https://master.aijos.info/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://master.aijos.info/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKF9A%2FcY702IOfRtBhIgiWZMiOd%2FxPxTz8O90sAbsrCtfjFO4dTVah4lJjxFpRH4woSUidu7KwT75PgjwQZoXcmjFeWV4hWFOXB1IUi3NIQICs%2FgG5qpyU7X0I4ue%2FgnInL99A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
close.png
master.aijos.info/wp-content/plugins/uji-popup/modal/css/ Frame 9E9F
4 KB
5 KB
Image
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"656d5395-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhRk%2FA%2FrYvIjYYvL0TAYCcrchGArEJfZeZsP%2FKAHG9W5KdlnmAOh6iRQSvYEQSrUHvMcT4LsfDQ0P3%2F2tSDP9aiVIWxGMjgnqyarFMT0qZ17qIBXR6hUYxvaDUdkSvCPx%2BCpHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d64a5d5b4e02-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
a.gif
t.sharethis.com/d/ Frame 86EF
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175803886&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&rdn=medz.forumituct.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=-6xyIzYAaRdEMINhSmqm&urls=!1!2512!b-13j,!0!535!b-13l,!1!2454!b-14s,!1!0!b-14t,!1!1715!b-150,!1!2433!b-16f&rnd=1704175807257&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=105&bcnLcy=91
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:07 GMT
4502232.php
s4.histats.com/stats/ Frame 720F
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@ohttps%3A%2F%2Fmaster.aijos.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:102190946&@b3:1704175807&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
4502232.php
s4.histats.com/stats/ Frame 720F
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@ohttps%3A%2F%2Fmaster.aijos.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-185598325&@b3:1704175807&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
4502232.php
s4.histats.com/stats/ Frame 720F
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@ohttps%3A%2F%2Fmaster.aijos.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-142027858&@b3:1704175807&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
5d2e1e9dbe00654990b0267935736cc647258544813e4478e9075f9d97943b1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
4502232.php
s4.histats.com/stats/ Frame 720F
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@ohttps%3A%2F%2Fmaster.aijos.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:13163932&@b3:1704175807&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
5d2e1e9dbe00654990b0267935736cc647258544813e4478e9075f9d97943b1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame 9E9F
58 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:20:34 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
17374
etag
W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
GE3ZsBcRZoEpGVIAPkrpbbcPPB1t4l_exuOJMJr0qIHlq0CFHEjqUA==
/
t.dtscdn.com/widget/ Frame 9E9F
0
444 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmaster.aijos.info%2F&r=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-t
21.25
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEHq6n2Az6XchCVZAb3U7Sy271I9azlVMUL7uNDl5p6HYGhlRGAEW0qv4%2B6TqBng935Vf8rFuSHV6HA%2BopyeVMKkO9l7uaas%2FxA0UPdNtjd366JhXPNcbzwEHkt34Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web16.ny1.dtscdn.com
cf-ray
83f0d64bc84b4e03-MCI
expires
Tue, 02 Jan 2024 06:08:16 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9E9F
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63665
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
PHWiZdlC_w-Ikq3YbDAizCCnnitcpdPYEXEf87p89HeEXWle_hc6qg==
dtscout
pd.sharethis.com/pd/ Frame 9E9F
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 9E9F
51 B
331 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=master.aijos.info&_ss=51sj67tz7f&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=ls5d&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d588a6e2995fd37bb8f00e20b3da3dbdfb0426e4f11943762c6573ca1f5fe801

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
0.197
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrzffIwig4qYeFZ2IaErCy6ULQihmuhiEy261kCUMht%2FK3uh2D2Dg256S%2FjIeURCiy9UyRqH3ehblSUOjsZDApnKJlC0%2B%2FZ9HJOFR%2F0CzwzlDuRAbUHV0gAaSMGCj2A%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d64bc8366a1e-MCI
expires
Tue, 02 Jan 2024 06:10:06 GMT
mw
mwzeom.zeotap.com/ Frame 9E9F
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF
  • https://spl.zeotap.com/?zdid=1332&zcluid=c468d473b42b84af
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a97fe08c-7565-4824-7c8d-9e7504e9bd0f&reqId=c455c9da-d4a2-4ab2-6f79-e91fb71bc950&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a97fe08c-7565-4824-7c8d-9e7504e9bd0f&reqId=c455c9da-d4a2-4ab2-6f79-e91...
95 B
165 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a97fe08c-7565-4824-7c8d-9e7504e9bd0f&reqId=c455c9da-d4a2-4ab2-6f79-e91fb71bc950&zcluid=c468d473b42b84af&zdid=1332
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Server
172.67.40.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://master.aijos.info
access-control-allow-credentials
true
cf-ray
83f0d64ec8271463-STL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a97fe08c-7565-4824-7c8d-9e7504e9bd0f&reqId=c455c9da-d4a2-4ab2-6f79-e91fb71bc950&zcluid=c468d473b42b84af&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1668
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF
  • https://spl.zeotap.com/?zdid=1332&zcluid=c468d473b42b84af
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=cd059693-1df7-469e-5920-74b76534b3ec&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=cd059693-1df7-469e-5920-74b...
95 B
178 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=cd059693-1df7-469e-5920-74b76534b3ec&zcluid=c468d473b42b84af&zdid=1332
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
172.67.40.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://master.aimistik.com
access-control-allow-credentials
true
cf-ray
83f0d64f88631463-STL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEB4-2MwT3Ey--MfPzBtDqeQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=cd059693-1df7-469e-5920-74b76534b3ec&zcluid=c468d473b42b84af&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscdn.com/widget/ Frame 1668
0
442 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmaster.aimistik.com%2F&r=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
10.3
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUgEu8AwFZ5Mj1gpoIw5jQDTo4JC%2Fk1cjqgFBFOi9CnscM23LQU1aejT5ldNgEVekbP2Z%2FMLdmTq%2F0DKUXtrF5P4t4sUzsCctkZo3tyKowUojeAmfIGd4g0uGaS3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
83f0d64bc8504e03-MCI
expires
Tue, 02 Jan 2024 05:16:41 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1668
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63665
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
iDWXJz0A3pSs2__FthlilIAWHktKDp9cfDBpnObHnIZ5z6Ote_Clpg==
dtscout
pd.sharethis.com/pd/ Frame 1668
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
truncated
/ Frame 9E9F
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
1540_03681
track2.securedvisit.com/sync/
43 B
178 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
1540_03681
track2.securedvisit.com/sync/ Frame 1668
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 9E9F
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6946003914908576&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:07 GMT
dtscout
pd.sharethis.com/pd/ Frame 9E9F
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.6946003914908576&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 1668
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4966569479643621&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:07 GMT
dtscout
pd.sharethis.com/pd/ Frame 1668
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.4966569479643621&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
onetag-geo.s-onetag.com/ Frame 9E9F
50 B
458 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
via
1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
fb654515-9ccc-406b-92b7-f56f66706b4b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dN9ESFCYcEOpw=
content-length
50
x-amz-cf-id
EPzIwx_Zx_ux8bERrX9S0NSYU3RjlSeXPm4Bd7NpzzLsb2dkcA-p7A==
wp-emoji-release.min.js
medz.forumituct.com/wp-includes/js/ Frame 720F
18 KB
5 KB
Script
General
Full URL
https://medz.forumituct.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 30 Mar 2023 04:13:56 GMT
server
cloudflare
etag
W/"64250c84-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ihFMCYsDfDDd%2FDAPhRnOEplL9AYKhj8nfCcHxwLNOE%2FWpiscBVTWGG07lTViFr8hzDT03DMAjQI6MyOlLGmiyjk9cDerahZ3GZTyzqV0zJz98RB6PzZ3Q1wTNGApbcsgsDEMsNV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64cdaa64de6-MCI
t_.htm
t.sharethis.com/a/ Frame FE51
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6946003914908576&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:07 GMT
Expires
Tue, 09 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame C371
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4966569479643621&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:07 GMT
Expires
Tue, 09 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
style.min.css
master.aijos.info/wp-includes/css/dist/block-library/ Frame C5B6
107 KB
15 KB
Stylesheet
General
Full URL
https://master.aijos.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 13:22:15 GMT
server
cloudflare
etag
W/"654b8b87-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AFe4tQsqR7Hxw6YdyDumkDcESo5XeA%2FY7A01kREHinzCJfsA1gSbnNDMM0BzuVlagyBzkyu9LdIcsFoJos%2Bi16jMp4qgWrZwAKIyhT50ImstGYodtY3Bvu1bhTJUaHfa9RfCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d64d29e24e02-MCI
style.css
master.aijos.info/wp-content/themes/asteroid/ Frame C5B6
28 KB
9 KB
Stylesheet
General
Full URL
https://master.aijos.info/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 05 Dec 2022 06:11:26 GMT
server
cloudflare
etag
W/"638d8b8e-6f7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHDnBM%2FceumiAhmZvOqwUlVXbG3q6mRyKYtUpKvI%2B3S8tj2PHnl4S1KHVBn8APj7RBVh4Yyr0UkodhROlayZvvQQYM9kB4W5mWLn%2BbyUj19X4OgRxADmh7k2iJMIAje5KTmRtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d64d29e84e02-MCI
jquery.min.js
master.aijos.info/wp-includes/js/jquery/ Frame C5B6
86 KB
31 KB
Script
General
Full URL
https://master.aijos.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 13:22:15 GMT
server
cloudflare
etag
W/"654b8b87-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUmZ5ikw9TawTJqlsY%2F1VdozHb9o5rPPzuFwML6JqvKGZKgxJ9FiFViIQ%2Fs%2BYLAENZMFZAxHwuudTzC7sG%2FwduFo6nEO80T8uwWba1jxlm0L2prJ2qdhzpUNVDyvcKnRRwHgUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64d29eb4e02-MCI
jquery-migrate.min.js
master.aijos.info/wp-includes/js/jquery/ Frame C5B6
13 KB
5 KB
Script
General
Full URL
https://master.aijos.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 09 Aug 2023 03:12:50 GMT
server
cloudflare
etag
W/"64d30432-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQsJc0EzicNwrat2R51fZvoDmrF4b8925AmmqovGZpK%2BFNyu%2BkPvSuc32E4OLdhenHzzRUNTJKswAqvy2dzxW%2Fu2gxBfniCKGrxH1CeNG5Zht4nbXnMJWEbLuh%2FnP0BPbFYYnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64d29ed4e02-MCI
css2
master.aijos.info/url(https:/fonts.googleapis.com/ Frame C5B6
Redirect Chain
  • https://master.aijos.info/url('https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
  • https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
0
0
Stylesheet
General
Full URL
https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWBQ2sYSNocxMoC2GdjO4%2FecgzFeEl1A0%2BVAqBtZbkMtQm1ef6rTs%2BJ%2Bosvpzpl9okggWTjRyQEduB8R6gWIZxM3UDRuhJBb3aj8MlQQjcau3P3jyhorWw1OqgjPdAdIN%2BovDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
83f0d64f8ced4e02-MCI
link
<https://master.aijos.info/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRlRdCf7EyuSZ%2BgZ%2BonYm%2BA%2BM8bovrQszebTDwdkAAi8yRQLRqneKZD%2BnTNMKP63XNkMdkjFnznedcYn5nyRXy35ckb0SsLSWiWBrE0iGxGJF0WLBvoiU5krDGsDwGsZAfn8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
83f0d64d29ee4e02-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
cc_604.js
s10.histats.com/counters/ Frame 720F
13 KB
4 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_604.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
45824
etag
"1135266286"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d64d4d3d6a22-STL
content-length
4509
/
e.dtscout.com/e/ Frame 720F
7 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@ohttps%3A%2F%2Fmaster.aijos.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:102190946&@b3:1704175807&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0208d5d07f003699897a82865d87e3fa4c01c52eb9a29bc39568ff8c2998b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
0.281
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNROND%2B97JNz8vs7V7KwpEHYcJVna%2FcuDRoc1eZdoXGbIhkg8IUrsZqXCmJUrsPTiC%2BtKWdh7%2FiippGW1eH0H58xxz%2Fka69P6TxGXVyIlQe2iTbwX7L5VmbJl5jwWkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d64d4a926a1e-MCI
expires
Tue, 02 Jan 2024 06:10:06 GMT
logo.jpeg
livedraw.pro/master/assets/ Frame BF1B
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rST0dhQQfxginxKz5JVOmdOMjDHTqiSadIX0Xi%2Bc47eXeyVkEWyCPDfhy%2FYuCStidyYiStueXzkXXohmbqN20uYCBIwULlGugkZfjncXwXLHHN7%2BlNpifVOd48dTWfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d64d8a364df0-MCI
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame D65B
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:07 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 9E9F
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1273
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
0R51z0697QcU7QrnFAcFksg6LzQrLgR5xZH-HP7_ECbvr7qZJICjzQ==
close.png
medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/ Frame 720F
4 KB
5 KB
Image
General
Full URL
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.49.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 19 Dec 2023 02:49:04 GMT
server
cloudflare
etag
W/"658104a0-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2B5U8Jvq11nOtoCZo76i4DKf%2B%2FzN983BMqixIKTz1iSXq2cgyD2yVErCOtP%2Bu3PIOcPBSIaXMFpHjVgI7ZOwo713YW6JaAzwoQa2gDxfu7f8fkKXEo5giauZVxqsC%2B2U0S4cK4Z9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d64edd5f4de6-MCI
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame FEA8
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:07 GMT
css2
fonts.googleapis.com/ Frame C5B6
3 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
fbc30fd5841951aa57b44c605c577c1d73d3d37c8fdc733ac76bae922c8f257f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:07 GMT
css2
fonts.googleapis.com/ Frame C5B6
57 KB
13 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Gothic+A1:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
976e961524a9ca9d6a85aec8f727412829024095c2653c89ae7596e7dbdefda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:07 GMT
css2
fonts.googleapis.com/ Frame C5B6
3 KB
628 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 04:25:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:07 GMT
result2.php
livedraw.pro/master/ Frame 7B3B
2 KB
794 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d64f0c8a4df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBYTn9sTwtk4wMSVZOnGHzsvSadTMFr452CwnzbTq9q8fs4P7vCls%2FgJhiqSFe5A%2B1SR6PbM8Yx9ASs61HMc3o1X0dUx2VJMiEwCnuuVHnC%2F5esGXs50nCgj8ITtarU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
net.forumituct.com/ Frame F827
0
0

Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame C5B6
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame C5B6
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
Hy55op1.gif
master.aimistik.com/wp-content/uploads/2023/08/ Frame C5B6
2 MB
2 MB
Image
General
Full URL
https://master.aimistik.com/wp-content/uploads/2023/08/Hy55op1.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b9f802941f7b2b8ebf038a47cf739bda5a32cf0829d48408a25de7f4ebc5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 31 Aug 2023 04:27:20 GMT
server
cloudflare
etag
W/"64f016a8-25d79f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAAaPSUmrhhIJXUUIFAJZ%2FW5dHlBYi0CoSOsOTlLgDShGmu1g6bjopzxToWEkkOsl3jO8KxlRynN8ILzFQJJr2Mp2srj8sKRjgvs%2FlJpHVv208xbBFK%2FfHiZtuR735DnHZlYkb4X"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d64f0f0a4df1-MCI
betcoin_gif_728x90-14.gif
sniperbom.files.wordpress.com/2023/11/ Frame C5B6
92 KB
93 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/betcoin_gif_728x90-14.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9399bf7570eb0eafa3574c3b8f9a54e9e25dafae4354f1add9375f8e78dc778
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 06:17:27 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
94584
expires
Fri, 05 Jan 2024 11:44:49 GMT
maniaslot_gif_728x90-9.gif
sniperbom.files.wordpress.com/2023/11/ Frame C5B6
376 KB
377 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/maniaslot_gif_728x90-9.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d956aa50ec0bd6f35d0b33b97793d5dd25e5c3a554517caec2d60ce0ae44055b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 03:17:33 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
385373
expires
Fri, 26 Jan 2024 22:34:24 GMT
close.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2... Frame C5B6
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2XEz0tfyT0TsTxveDOfPORI_L7WpbUqtJ63GBpZ7v/s100/close.png
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
f54446d7bcb59ffd58248331f57266965d83171c98f39467e7efaa010d7ab20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"va1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="close.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame C5B6
2 KB
3 KB
Image
General
Full URL
https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f1.1e100.net
Software
fife /
Resource Hash
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:18:37 GMT
x-content-type-options
nosniff
age
10290
content-disposition
inline;filename="close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
server
fife
etag
"v744"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 03 Jan 2024 03:18:37 GMT
idncash_gif_728x90-8.gif
sniperbom.files.wordpress.com/2023/11/ Frame C5B6
621 KB
621 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/idncash_gif_728x90-8.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c5a63f739a50d01fd97bbde57f263cdfbec0421551f7d08e893cca85d537f398
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 03:17:19 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
635553
expires
Mon, 15 Jan 2024 16:41:49 GMT
QvSKvI.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8d... Frame C5B6
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8dUM2RHw0QidgGaFMVZlgpX6QiHZliJ9yM6-Scw8WK/s1600/QvSKvI.gif
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
ae7b0ccd124e3bca4c5508df205d3adfe27bf369af79e75e7b065873f2a26afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="QvSKvI.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2164274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
email-decode.min.js
master.aijos.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame C5B6
1 KB
1 KB
Script
General
Full URL
https://master.aijos.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etLS%2FOSc4ziGqpVR2ZQHLKSiZdKqZD6G%2F0FvSlJVruiwCRj4NjI1%2FD1DblDuXULQEJUvsjCT6Yo6JE4bZO7n0MuBFte9pOlNsfFNJrPT1fGClWPTTWdISpxlQ6tcpA9zbk5sXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d64f0c324e02-MCI
expires
Thu, 04 Jan 2024 06:10:07 GMT
jquery.modal.css
master.aijos.info/wp-content/plugins/uji-popup/modal/css/ Frame C5B6
823 B
801 B
Stylesheet
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmj1j1f2x%2BAix6Gm8mp3J9XW8LO3p8rd%2FVLoTfcIGi%2FkAyod1giB66Vx2QyOlGmR9xb3Wi3KIZcv8T3LoRRsdWjJ5UgVobqD4eICbFuQVLwj0Cr4L8ouiy7nXQVcOjE%2BINa%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d64f0c334e02-MCI
popups.css
master.aijos.info/wp-content/plugins/uji-popup/css/ Frame C5B6
2 KB
1 KB
Stylesheet
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tIsvvtrEpvY7q4eCK2bBXncG55qqHvSnVpV4ISuL3hh7qAIhOznfPjIUgh5s9K6oIgKBCD2XZ0PmIkhx2ID5DuL6%2F1b8AWlLd3u1ZeH97x%2FrrNUNFqick1W%2Fy94aUuOeQ55bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d64f0c354e02-MCI
jquery.modal.min.js
master.aijos.info/wp-content/plugins/uji-popup/modal/ Frame C5B6
4 KB
2 KB
Script
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCEKoUI4iiFt%2FBdWUf1AY7iL3bRnTMKf%2BeDLy%2FbtMlK%2FNstMvx%2FbngIYZX%2F%2BvoZjVlUSd1hL56IC%2BEg2bNWNmQMI8BuI%2B1ygKgB4on8Z1cwlTnB%2BVPEyU6e25U9ekRWhFXoqJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64f0c374e02-MCI
popups.js
master.aijos.info/wp-content/plugins/uji-popup/js/ Frame C5B6
2 KB
1 KB
Script
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXKndsZ3TUagT09FOlQBcCLsDuTn%2B1QZFWH8TzzCr%2FIiFbO6giMHmVUTjYCry8sU%2F8z2CMy466g7tQ%2BtqM2bdq5Fv%2BWkH3VbPBQQReC8Jdh5kHBSP3YGnLWc%2F1ITfgBaWfKm8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d64f0c394e02-MCI
/
pixel.onaudience.com/ Frame 720F
35 B
247 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.94.170.64 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-eu-7.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-length
35
content-type
image/gif
/
t.dtscdn.com/widget/ Frame 720F
0
275 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmedz.forumituct.com%2F&r=https%3A%2F%2Fmaster.aijos.info%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
11.83
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiSWwIfMp4N4qyJPTzHT9iySkNuq6FE4WTMlHz9dZfT7%2F6pB5j8oCUAgibtxp9IKFkY%2FSQWX41E3ziN6BJiiEVqlxlVEjxDGgI9Ja8pBs%2BVt6a2qXtUVoH1cj4wdXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
83f0d64f2dd94e03-MCI
expires
Tue, 02 Jan 2024 05:16:41 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 720F
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63665
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
WlZkWTJJjK2JWcrq5uZQca0BVYdpc8FhGHkN-zjZZW6o3tz9qhRs4w==
dtscout
pd.sharethis.com/pd/ Frame 720F
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/
19 KB
6 KB
Script
General
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
age
150365
etag
W/"651ed188-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f0d64f295923c1-STL
expires
Fri, 05 Jan 2024 06:10:07 GMT
/
t.dtscout.com/pv/ Frame 720F
51 B
325 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=medz.forumituct.com&_ss=5911khk5lo&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3d7b&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2f40ba4590255297cc23447e062fbeecec35999ee078d26139ab076c2b1d4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:07 GMT
x-t
0.145
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H84SVOBBF6FkwlSWUJoKezkKQqCHE3IUyel5e%2FQ3InqDq14yI6%2FK4S11anQ0NeusjjnLcTi6Sxw%2BXAGTkPzwgtXwqLymLvufE8soQ%2Ftdr1g4QvxX7OzhUztk3AWMzVw%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d64f2dfd6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:06 GMT
tpid=104017041758038360C2DD43CC8E4CDF
bcp.crwdcntrl.net/5/c=3825/tp=DTSC/ Frame 720F
49 B
367 B
Image
General
Full URL
https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=104017041758038360C2DD43CC8E4CDF
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.49.184
content-length
49
expires
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3BA9
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=29500
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:08 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-id
dzemzuL6kdYc4W5CNJFiSeV5A6ProdKJCGUkhuhGJPEjiiysdR2DyQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 7DBF
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34904
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:08 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-id
S1gGykVZlO1b2RsONq8llLb9txPmQGNyMRPnilIhdM_0df-BB8Xicg==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
v2
ap.lijit.com/readerinfo/ Frame 9E9F
41 B
465 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ee1cd4858d434df63f0e26765fd551e0efbc2d40f3fab35f965c9b0b08794235

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://master.aijos.info
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61
a.gif
t.sharethis.com/d/ Frame D65B
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175807508&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=f2yyIzYAauAKpUw6lbRz&urls=&rnd=1704175807905&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=125&bcnLcy=84
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:07 GMT
a.gif
t.sharethis.com/d/ Frame FEA8
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175807511&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=82yyIzYA9gu95uXPlEIH&urls=&rnd=1704175807934&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=126&bcnLcy=84
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:07 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:07 GMT
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame C5B6
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
38c94145b4069f06159391d6043446b680da7c5c24497c0ba7129804ec4f87ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aijos.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:50:28 GMT
x-content-type-options
nosniff
age
577179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22340
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:45:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:50:28 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame C5B6
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aijos.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:59:48 GMT
x-content-type-options
nosniff
age
580219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 12:59:48 GMT
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=5&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
dc0ca217e0af034252bb6fdb87097b34c4b87f6d7b5c81b4b699a0341d48460a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:07 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1289
expires
Sat, 26 Jul 1997 05:00:00 GMT
js15_as.js
s10.histats.com/ Frame C5B6
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76527
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d64ffe156a22-STL
content-length
4547
t.dhj
t.sharethis.com/1/d/ Frame 720F
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.20883237846854485&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:08 GMT
dtscout
pd.sharethis.com/pd/ Frame 720F
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aijos.info%2F&event_source=dtscout&rnd=0.20883237846854485&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
wp-emoji-release.min.js
master.aijos.info/wp-includes/js/ Frame C5B6
18 KB
5 KB
Script
General
Full URL
https://master.aijos.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 30 Mar 2023 03:12:48 GMT
server
cloudflare
etag
W/"6424fe30-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNM5UxHYhX06kAxu3Cg89t3mTZx3thfxBD36A1QdWsRepbTy%2FA2KL%2Fu0bLDPhnbcuiuZJWK9FZ%2BigbFjN1zm%2FQE0%2BAMKyel2EqIjckaH1Ij8%2BiVZvqYcHWZT0Hdpr%2Fk%2BZFeeYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6501d9d4e02-MCI
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175807980.1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9119299034427209259
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9119299034427209259
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:08 GMT
an-x-request-uuid
bb35e294-b19d-4d73-a6d0-91307d614b20
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9119299034427209259
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175807980.2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dgdomg51
  • https://ps.eyeota.net/match?uid=9119299034427209259&bid=2cr76e1&referrer_pid=gdomg51
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=9119299034427209259&bid=2cr76e1&referrer_pid=gdomg51
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:08 GMT
an-x-request-uuid
67a95989-b518-4b6a-8912-1bee849c9b79
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=9119299034427209259&bid=2cr76e1&referrer_pid=gdomg51
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.126166&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.126166&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.126166&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
362588.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175807980.4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=79363d6d-3dc6-42db-a1a9-d035557bb78e
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=79363d6d-3dc6-42db-a1a9-d035557bb78e
date
Tue, 02 Jan 2024 06:10:08 GMT
server
Kestrel
content-length
199
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175807980.5
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dgdomg51
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dgdomg51&_test=ZZOowAALd3uKdQBH
  • https://ps.eyeota.net/match?uid=ZZOowAALd3uKdQBH&bid=0rijhbu&referrer_pid=gdomg51&_test=ZZOowAALd3uKdQBH
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=ZZOowAALd3uKdQBH&bid=0rijhbu&referrer_pid=gdomg51&_test=ZZOowAALd3uKdQBH
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by
cache-stl760065-STL
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704175808.324932,VS0,VE0
x-cache
HIT
location
https://ps.eyeota.net/match?uid=ZZOowAALd3uKdQBH&bid=0rijhbu&referrer_pid=gdomg51&_test=ZZOowAALd3uKdQBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.1264255&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.1264255&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.1264255&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
8
4542820.php
s4.histats.com/stats/ Frame C5B6
437 B
572 B
Script
General
Full URL
https://s4.histats.com/stats/4542820.php?4542820&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mAIJOS%20-%20MASTER%20AI%20TOP%20SDY%20SGP%20HK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s3023&@ten-US&@u1600&@b1:42034284&@b3:1704175808&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aijos.info%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
8b99b55b444d1835b4222ab6335c7b8e863bd3c88650c667860939bfd14f22f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
437
Content-Type
text/html;charset=UTF-8
t_.htm
t.sharethis.com/a/ Frame E2AF
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.20883237846854485&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:08 GMT
Expires
Tue, 09 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 5DF2
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 5DF2
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
style.min.css
master.aimistik.com/wp-includes/css/dist/block-library/ Frame 330B
107 KB
15 KB
Stylesheet
General
Full URL
https://master.aimistik.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:01:17 GMT
server
cloudflare
etag
W/"654aa59d-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoO%2Bo6yEDvRAAQWjYilbsr1a1aF16UlYy0SvnNLY4aTmOAMNfzL6NejTVS1V9WdotxQui0UG1yhWuTjYCfwk45AZ2kpoYWCDp%2FTQWgH8roTTi6yDGFRZbeA%2FQXJMM16fngMAtoig"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d651bbb94df1-MCI
style.css
master.aimistik.com/wp-content/themes/asteroid/ Frame 330B
28 KB
9 KB
Stylesheet
General
Full URL
https://master.aimistik.com/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 27 May 2023 09:01:12 GMT
server
cloudflare
etag
W/"6471c6d8-6f7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqk8YSTj38JPCWc9K6AzK%2BhCFw5HmomrXjTDtYgJdgZDDflnjAOXAVu0r6Qj05fBn5M07wiJfAg%2FamyLvEexjInR3DdizoWH2MGGFOItueInDJl6AT57B%2BYHnzezlpRx%2BwrG9zcK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d651bbba4df1-MCI
jquery.min.js
master.aimistik.com/wp-includes/js/jquery/ Frame 330B
86 KB
31 KB
Script
General
Full URL
https://master.aimistik.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:01:17 GMT
server
cloudflare
etag
W/"654aa59d-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Hv1kzFsuSy33gLXxLAHwGnTJGjxXdQ%2BRsB%2Bjgpi4p6QwiLQeQ5LhaTbtBuos3CVxFsSzdVy9%2BJ2B%2FWKjsIzjdxQkQOi34K%2FGK6m3wd6XX7lVgNaTng%2FcMUS0CUZGxITKoNpO1Rb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d651bbbc4df1-MCI
jquery-migrate.min.js
master.aimistik.com/wp-includes/js/jquery/ Frame 330B
13 KB
5 KB
Script
General
Full URL
https://master.aimistik.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 21:01:41 GMT
server
cloudflare
etag
W/"64d2ad35-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fagNypiqNnZOjmk2qYa4f%2FsGZpqF0BcblD9TaDTsKRl08R3CMwsYGPm%2BPrlZZIx4NODSTY3rgehLfiT6UXzvLwBN4sPmX%2FuxCj10Yru7ybzkwNxgkqs3LnJQjMd8vOo00lEBWUdc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d651bbbd4df1-MCI
css2
fonts.googleapis.com/ Frame 330B
3 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
fbc30fd5841951aa57b44c605c577c1d73d3d37c8fdc733ac76bae922c8f257f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:08 GMT
css2
fonts.googleapis.com/ Frame 330B
57 KB
13 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Gothic+A1:wght@500&display=swap
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
976e961524a9ca9d6a85aec8f727412829024095c2653c89ae7596e7dbdefda7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:08 GMT
css2
fonts.googleapis.com/ Frame 330B
3 KB
628 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:09:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:08 GMT
close.png
master.aijos.info/wp-content/plugins/uji-popup/modal/css/ Frame C5B6
4 KB
5 KB
Image
General
Full URL
https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.83.228 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 04 Dec 2023 04:20:37 GMT
server
cloudflare
etag
W/"656d5395-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wof8rFGa9Pb2slaOTC%2BeYtXaG%2FqjPJejT1ANy3E45GAeLuffRsT3mHJsia9IRreCYP7WqnPcDW04i3Q45YP7xLS1Ee%2B%2BdEGyJiiTvvN%2BSCvWdd%2FJP7fUCMH2zHJsfOC25Hj2DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d65228724e02-MCI
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 5EA0
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:08 GMT
logo.jpeg
livedraw.pro/master/assets/ Frame 7B3B
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjPUFwHwVp0QfvfhwXPHZglyTAkEIytO%2FEGqKHkWtQVyPhEMqJvWS%2FNv%2Ff%2FRXjdTwbGPovUUOIr83lhD3JbB6o9uHSyol7qkVEFPA%2BgKJFIrEYPOkzW0lO2THDEO8v4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d65339cc4df0-MCI
style.min.css
data.bolamerah.net/wp-includes/css/dist/block-library/ Frame 4F69
107 KB
15 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:42:24 GMT
server
cloudflare
etag
W/"654aaf40-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlA95bscckzw1ea9yauWLzmSny2jlKsJdmyP5xB1TyeTc3QcCAH2k9BGoPz1dM8fj%2FCLWaDG9BO00zDEq%2F4YkoMF41a38WcXcxQ6LI%2FKM0B9AvbaOqO%2FQx%2BnIuEwthusgqtbIIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d65339354e0a-MCI
css
fonts.googleapis.com/ Frame 4F69
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:08 GMT
genericons.css
data.bolamerah.net/wp-content/themes/frontier/includes/genericons/ Frame 4F69
28 KB
16 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Jan 2023 16:22:12 GMT
server
cloudflare
etag
W/"63cabfb4-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ime2EkmpBMoYWw2Rdqe%2B5JDYSL1pN5GwOheqkTpty1HGx%2BIESBpi4I4jjcSTGl6SApGrrHu9hTouxwxqUTocIKmr9d6HUArepDAuao381xT0bUjL3KImrEfanyg5%2Feu86O%2BTAJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d65339374e0a-MCI
style.css
data.bolamerah.net/wp-content/themes/frontier/ Frame 4F69
26 KB
7 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Jan 2023 16:22:12 GMT
server
cloudflare
etag
W/"63cabfb4-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJXscDmKndnoVZsCahxa7TuaN82CNmW7Zy9IcERdJFWXsZzT1seDrEAKYGZl%2BNP1Dz91R3Hw44gzHxHxQwuTudTXC1YkCTu9q3Dg4zg1EyRPU2yi%2B4fMbYgO3M619QuXHejajRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d65339384e0a-MCI
responsive.css
data.bolamerah.net/wp-content/themes/frontier/ Frame 4F69
3 KB
1 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Jan 2023 16:22:12 GMT
server
cloudflare
etag
W/"63cabfb4-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7IDuIDbQqNVhruG1X4opyJUfK2xjKSKm1%2BFKUcwgYr%2FihlGvrkdxpg7BsgpgkXlx%2F1f2M2yRQM8NA56FjeMj%2BexHDZQ1F2P%2FzGCYW3KaNW7hafGRO3zAjb6SR%2BYLYKkIDh1PZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d65339394e0a-MCI
jquery.min.js
data.bolamerah.net/wp-includes/js/jquery/ Frame 4F69
86 KB
31 KB
Script
General
Full URL
https://data.bolamerah.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:42:24 GMT
server
cloudflare
etag
W/"654aaf40-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrr67rU2OxggpnJRV9HHWJZsymikdRTsbe7x36npaGFUIBjv%2BxMjskMLW%2B81Psm2Szm5xFQ0LqTe8sZUrfh4EVeSIEZyP8Pz89qVGVdiFXXR9EM9UgQBtL8XI%2Br73Qp66ZnhR9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d653393a4e0a-MCI
jquery-migrate.min.js
data.bolamerah.net/wp-includes/js/jquery/ Frame 4F69
13 KB
5 KB
Script
General
Full URL
https://data.bolamerah.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 21:55:46 GMT
server
cloudflare
etag
W/"64d2b9e2-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poRhjgxW4YdTptLwiLG2U0%2FpVYUcSzuW2oyVvUKDzC1LrLuVK%2F8uYlqaVJU32FVON2XFMNEDRMhG9HQnBgSJrQaJYIPRFHocXtxY7sDku60Fu9vCW7ljzpcoFMNg%2FBW4%2F8LXylQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d653393b4e0a-MCI
idncash_gif_728x90-8.gif
sniperbom.files.wordpress.com/2023/11/ Frame 4F69
621 KB
621 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/idncash_gif_728x90-8.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c5a63f739a50d01fd97bbde57f263cdfbec0421551f7d08e893cca85d537f398
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 03:17:19 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
635553
expires
Mon, 15 Jan 2024 16:41:49 GMT
betcoin_gif_728x90-14.gif
sniperbom.files.wordpress.com/2023/11/ Frame 4F69
92 KB
93 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/betcoin_gif_728x90-14.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9399bf7570eb0eafa3574c3b8f9a54e9e25dafae4354f1add9375f8e78dc778
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 06:17:27 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
94584
expires
Fri, 05 Jan 2024 11:44:49 GMT
cropped-pngwing.com_.png
bolamerahhk.com/wp-content/uploads/2023/01/ Frame 4F69
0
0
Image
General
Full URL
https://bolamerahhk.com/wp-content/uploads/2023/01/cropped-pngwing.com_.png
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 4F69
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 07:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 07:24:05 GMT
colorpicker.js
gistcdn.githack.com/totowebdesain/b03e8bc00f707a56eb21da0f6af67d95/raw/34b95b25502ee6fc026bf6d9359a7a9ba9fd426f/ Frame 4F69
17 KB
5 KB
Script
General
Full URL
https://gistcdn.githack.com/totowebdesain/b03e8bc00f707a56eb21da0f6af67d95/raw/34b95b25502ee6fc026bf6d9359a7a9ba9fd426f/colorpicker.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be767e656e1835ac64fe3653974acd312d2d4ea0ac0f66136cd123bb7ec79a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id
76392f170f9d100289beefa27e3d8ee5866c198a
date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215399
content-encoding
br
x-cache
MISS
x-cache-hits
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-hel1410024-HEL
server
cloudflare
x-github-request-id
FB9C:B216:3DA555:413A05:6565B6FF
x-timer
S1701164813.729711,VS0,VE177
etag
W/"c721ae985b30bf1da0500b87d31b790c1e55bef5865db5c5620e16526fb274be"
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNSoC%2Fq%2FaNZw3I09tqbTpWMC8q0GrFE6EFxYb9r22KUdpEwp%2BQU8ULoeOQPWLno3QuLgCOLYqBgV8l5U%2F6v2bCnsHxpvQfkBM%2Fw9bI%2BtefKNbog%2BLHiRlU7BTt1%2BvfBBJ5PybqVw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public, immutable
x-robots-tag
none
cf-ray
83f0d65618232c9c-DFW
expires
Wed, 27 Nov 2024 09:46:52 GMT
close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame 4F69
2 KB
2 KB
Image
General
Full URL
https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f1.1e100.net
Software
fife /
Resource Hash
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:18:37 GMT
x-content-type-options
nosniff
age
10292
content-disposition
inline;filename="close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
server
fife
etag
"v744"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 03 Jan 2024 03:18:37 GMT
pphoki_728x90.gif
sniperbom.files.wordpress.com/2024/01/ Frame 4F69
150 KB
150 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2024/01/pphoki_728x90.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d2f8ddf56e742d7775fa43b3bb72580d7a2a4bc689ebf2cf3b82b40822e4e43e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
MISS mdw 19 np
date
Tue, 02 Jan 2024 06:10:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Jan 2024 05:34:06 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
153795
expires
Sun, 04 Feb 2024 09:49:02 GMT
email-decode.min.js
data.bolamerah.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 4F69
1 KB
1 KB
Script
General
Full URL
https://data.bolamerah.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRhrHR0tgYUPfLO1QAa7iDMDSYHsTLXNqcCj9ZLZpgUX1NYPT4xYdKAdSdCQ43ORGid79Sj9OJWOh6iGNYTYnS144o37NggEXIGYgo2WsPzUEeDQoudjM6jPJnxIrRBvLf0m8NU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d657cd574df4-MCI
expires
Thu, 04 Jan 2024 06:10:09 GMT
jquery.modal.css
data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/ Frame 4F69
823 B
797 B
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDlHjhcUf5ee%2BsNqn3aUAxvdotgqNJT2xukJR4NqjBOKJjX6hX0ZgKFRbWH3SD%2FsdpV5Nbkh3AnGxUs4GaZIET5AF%2F0e95zLT%2FU7Z9tlv32rf8TLWPylrYDaMfQmuvYLTdqBsk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6585e064df4-MCI
popups.css
data.bolamerah.net/wp-content/plugins/uji-popup/css/ Frame 4F69
2 KB
1 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVx86Q0P5Eig3a%2Be996eyV9ceZvI17QP821AA6N3QlIF58C%2FCVGIPcDZLwHFfTznw%2FmkTE8Rpy5RCrnJZbSW%2FrfNB5Zbo04priZDu9LJ7kgnRmzMLRr%2FLIKB%2FI3ZhhXAtcScxrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d658eee34df4-MCI
jquery.modal.min.js
data.bolamerah.net/wp-content/plugins/uji-popup/modal/ Frame 4F69
4 KB
2 KB
Script
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGqWpaozr%2Br%2FTCpRIwf9gP%2FkbYtjtpwwNYJT75reZhJduExlsHo2J6uqZhYkZ9WnfIBSE9KuGMwHzSLFoj39flEFLuDXqt7DvO7yqW4moBz7UtY6E5CKPc%2F9aL7SsqWoTJN6fXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d65beb834df4-MCI
popups.js
data.bolamerah.net/wp-content/plugins/uji-popup/js/ Frame 4F69
2 KB
1 KB
Script
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVqyRO7eFjqcZLujiGPphKqpU0tIXr%2B2NkR36cVwO3KKX1nGkk92kM958ztraMaY6RGqUQYfH%2BQxJLMSgB0TTU4AoVVbUkPpSwKhA6X0iUQe0pPhOkxJaI3zdRTHuJ%2BDtv9yQ2o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d65beb854df4-MCI
sync
pippio.com/api/
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=1077
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.648442&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.648442&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.648442&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
live_intent_sync
x.dlx.addthis.com/e/ Frame 1668
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=96388
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4315834540528319297
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4315834540528319297
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&rd=Y
43 B
594 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&rd=Y
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 06:10:09 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&rd=Y
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 02 Jan 2024 06:10:09 GMT
Qv81dN.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZ... Frame 330B
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiD8Zy1c68HhdE0HK7ZvQUA6EE2smvJYUwzJmG2sEBarIejrDnazfxAh2P0ig6QTND0fyDtrTJLf6f8WU01YT8a-l4HYbFQCslV4O1mSXvTz7qLtXz1fTQijAbxHJc4w8wWSQ4TNJVNP1LsHeiZC8KVqfyFU7Dbj1fI5B6QchAvuy8viyUy476-AfDF/s1600/Qv81dN.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv81dN.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313904
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
Qv8E7I.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysiv... Frame 330B
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPTXOAM60e2I4FQa_b-BE33f8vvVQfzRtDiPEOsvFEiiz18MjiXxJnsoS1vIbInBvr_4Wj9iTNk1a250U4eIUWqfn0XUhIQiDt_fwLP9gRX7iram34OJqacjc1wJC1o_x-hEFDgepTppXysivV840VDjXdEXGqQVoMSjGf3dhIQx3uOBblz9P3fAR/s1600/Qv8E7I.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v5e"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Qv8E7I.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367830
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
QvSKvI.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8d... Frame 330B
2 MB
2 MB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjl_tQ2dYGZOXbk-pw_nA2Ec7riloo9UJgqVa52tTOBquWZGMjCpSvJbmBHv2i-rWylARJptu4NUM17bJh93Whyr6hdUeoyZiVYfPCny3IJGdEXp_7wSW_fOTLH9E8VTnf6KmTpl9aUj6FZxu8dUM2RHw0QidgGaFMVZlgpX6QiHZliJ9yM6-Scw8WK/s1600/QvSKvI.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
ae7b0ccd124e3bca4c5508df205d3adfe27bf369af79e75e7b065873f2a26afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"v61"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="QvSKvI.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2164274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
result2.php
livedraw.pro/master/ Frame 7A47
2 KB
807 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6536a104df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG8%2Bz6O8Jbz9%2BVaYZRG4Uw%2BdFQEDv0jbdMu%2B5HGrIzSLrfoQFn%2F2kYkHrQdJ9%2BKwtCEYKxyJWLm9D%2BDOlBKfY3ZYV3oX5hLXxour4uxN1wfYLOC%2B3a9gpF%2FTu7w50%2Bc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-harian-hk/ Frame 3314
95 KB
18 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-hk/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9137cb0faccfda645b458e6ecfbd55fcc4bdbfdbf211c3dd974681398c86165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6537f564e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:09 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=18>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZsomN6g3cI979ISZ175u4c2qBnBVqxw0N2J%2FmignvY%2FWIN1hHclEo6XOJ4SJEkyjgeEi7lT506aqDTDfINAPVn7pcki2HD7QK80AYacZtKSQ027yP5p%2FLPS9CLrDjoDZmhx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dominobet_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 330B
1 MB
1 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/dominobet_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8392dc30ec53d2430d32e019ff90e7d333969029db96f3d35ac30f62dbce051e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 05:30:30 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1091018
expires
Sat, 20 Jan 2024 00:19:46 GMT
nagapoker_banner-gif_ads-prediksi_728x90-2.gif
sniperbom.files.wordpress.com/2023/10/ Frame 330B
112 KB
113 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/10/nagapoker_banner-gif_ads-prediksi_728x90-2.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9c80887521a6a1366158ce77c2a3d88b9e2ddfa38ea667541d4660cab8249dfe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Oct 2023 06:09:30 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
115171
expires
Wed, 03 Jan 2024 13:57:11 GMT
email-decode.min.js
master.aimistik.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 330B
1 KB
1 KB
Script
General
Full URL
https://master.aimistik.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACQJVJ8FHOblSJutGP8d%2B7u7loTOtzczD8lwxG8GO9R1BwbVVD%2FbQF0owMsJnU5fTanMaaF%2FsCd6tO5dLk6MYuAVgWHtZo4Zp5XAyoH5jXXQTyfuTlg4vmFq0gKvLEWGy%2BcEEhE1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d6537ef44df1-MCI
expires
Thu, 04 Jan 2024 06:10:08 GMT
poker88_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 330B
337 KB
337 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/poker88_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0f69fdf64c28eb48dc46dd9bbc2ae7be055050137a752256fb3df9e49bf5e71c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 05:31:11 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
344663
expires
Sun, 07 Jan 2024 10:21:46 GMT
close.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2... Frame 330B
2 KB
2 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidkD9hyuV-jK5V4D5R9J24h3jUYJ4jhJfRtRMml_72TOqULgbgvHcxaF8HolNw05R9tK8nqJRdso22aptlSGgnKfro_gzO3YSxquIVDUZCV3875PHJBR_M2aKgWE66Xo9zLQJwZLNdHrjrjgf2XEz0tfyT0TsTxveDOfPORI_L7WpbUqtJ63GBpZ7v/s100/close.png
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.97 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f1.1e100.net
Software
fife /
Resource Hash
f54446d7bcb59ffd58248331f57266965d83171c98f39467e7efaa010d7ab20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
server
fife
etag
"va1"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="close.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2274
x-xss-protection
0
expires
Wed, 03 Jan 2024 06:10:08 GMT
togel88_banner-ads-prediksi-toto_728x90-4.gif
sniperbom.files.wordpress.com/2023/11/ Frame 330B
104 KB
104 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/togel88_banner-ads-prediksi-toto_728x90-4.gif
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
77178130cd8b95c698e128d522d3458c97241da87fe0498a3b440ae3eb68c7bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Nov 2023 03:59:04 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
106048
expires
Tue, 16 Jan 2024 08:53:30 GMT
jquery.modal.css
master.aimistik.com/wp-content/plugins/uji-popup/modal/css/ Frame 330B
823 B
806 B
Stylesheet
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKqNKNw%2BZ%2BbXuyUZxjg%2FVFo5t%2F4BDWMhhNSMbCrUqyCbtIhUfrn%2F%2F5YZ%2FPL6S7azVGAuB4DCZZDqMM6BKM2WUbK7tqTxLMeE4x%2BWyQTas0kI1KdsUEibSALDQ3QV1HuXfmEuFyy9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6537ef94df1-MCI
popups.css
master.aimistik.com/wp-content/plugins/uji-popup/css/ Frame 330B
2 KB
1 KB
Stylesheet
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Brrq5jyy%2B9wZ5u%2FRjYMAdM6Ma8RP6puAsEh4ck2fby6MiYLiasBfZYTdKcCvNjRCSZSKW0yqCO6MnZttV0NUIoEOPiTDfDiyKx39VEWymBXNiVN22fYw49WSl8S82dlOmgIXbUF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6537efb4df1-MCI
jquery.modal.min.js
master.aimistik.com/wp-content/plugins/uji-popup/modal/ Frame 330B
4 KB
2 KB
Script
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B837oya0tA4CIgrgVckbJK0kXPfZPWfRGC9JAH%2FQHooJT7tPUYECUkRdqN%2FaqZV4Mju1ykQpDwpMRDPLnQPemNCKDFzaB3o93RJ2682eLLk6ivjvhON4vWbIEQ%2B88WuLlMgBrq3k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6537efc4df1-MCI
popups.js
master.aimistik.com/wp-content/plugins/uji-popup/js/ Frame 330B
2 KB
1 KB
Script
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwA7nUlz23T1ebHRqtMmyiDGplJfRLsFdz5MPqJ1Tl63%2BSAWHidLQKRO52BdraCAZPO%2FqjeyCP1Fla%2FXCS7MHWhMq6izyOHR3NvEVOQDkgiFoepXbuHVBMY%2BgdaN12M6Q2crqr5O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6537efd4df1-MCI
bg-grey.png
master.aimistik.com/wp-content/themes/asteroid/images/ Frame 330B
4 KB
4 KB
Image
General
Full URL
https://master.aimistik.com/wp-content/themes/asteroid/images/bg-grey.png
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b962771e91582a7dc95cbf9c6caa71c0ec9aa7ff0570c7924846947659dbdc4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 27 May 2023 09:01:12 GMT
server
cloudflare
etag
W/"6471c6d8-f1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clakVIQdXlfYiD%2FGAflCke8JdjpFmfJfFen4idyB6mCCP%2FTzU8P3yRiqD25jStyrzq%2FjdGUOQoZjl1hT4r9St%2BVH%2F6W3XENBNJ3LLKt%2BUJKv5MdfxHvrqjCY4fU71zdPBAh2d%2BkJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d6537f034df1-MCI
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 330B
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMR0cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
38c94145b4069f06159391d6043446b680da7c5c24497c0ba7129804ec4f87ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aimistik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 13:50:28 GMT
x-content-type-options
nosniff
age
577180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22340
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:45:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 13:50:28 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 330B
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aimistik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:59:48 GMT
x-content-type-options
nosniff
age
580220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 12:59:48 GMT
7dfda8b1-4f0c-4818-99a7-fc2d56c43316
https://data.bolamerah.net/ Frame 4F69
1 KB
0
Other
General
Full URL
blob:https://data.bolamerah.net/7dfda8b1-4f0c-4818-99a7-fc2d56c43316
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
1540_03681
track2.securedvisit.com/sync/ Frame 9E9F
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:08 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
a.gif
t.sharethis.com/d/ Frame 5EA0
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175808112&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aijos.info&pn=%2F&qs=na&cc=US&cont=NA&evid=3AzyIzYAlTii1qARfayM&urls=&rnd=1704175808570&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=228&bcnLcy=73
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:08 GMT
/
net.itupaito.com/paito-harian-sydney/embed/ Frame 37A0
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sydney/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6e3d718ec50be14d2eb7fb0feaa27a40f1f010c39ba51a3623d4373ac04e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d653cfd34e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:09 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=14>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoYeA60Q2qyk2q4xsD3e4hysdxQlocxHMNtXkKNesDxKC9MFprjEFs7OzLCLVo051xUX0URMDPxUn4tjA4qp1vWiIMVsViZ17ivBpLrebDle1%2FwCbR4XBIAJznT31%2Fvgvwjb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-harian-sgp/embed/ Frame 4AF5
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sgp/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f82d49139d3790f2c8bd623dfd92939466b2b647c4359c55cab63b4ad4a995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d653cfd54e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:09 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=16>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiLpd%2B1gcyt0ZoecEaUHERC9q5%2FrEyOVb1GRLZPmFY0k%2Bu8rSnAR1ux6k%2BbZqTT7tXU4uGpyKcxjFpsV%2BqHzmWzCRsY6aFb2jM%2BXh9dLj4wDpBh%2FDUsZMpO1vYIgqoMcxcOG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-warna-hk/embed/ Frame 5C5B
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-warna-hk/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
170fc8ce076be1d4541eef1e0ee47854425c22cfd95e7e65db1eb3cb2b664730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d653cfd64e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:09 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=24>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTY5zRMmPcLhedAbSMxPQeVXxub%2FYuJICDBSpRmQImnAMPAqa98Pcadlmsf1ZgmO%2FfgncZBCfe5vU58mGXHzAC9hw4C%2BVTZSFT6q9%2BOk02jOrWsO9ts8yVMsf%2B14mQhvGJrL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ Frame 5DF2
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76527
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d653cf376a22-STL
content-length
4547
t.dhj
t.sharethis.com/1/d/ Frame 720F
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.042025005682345906&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:08 GMT
dtscout
pd.sharethis.com/pd/ Frame 720F
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aijos.info%2F&event_source=dtscout&rnd=0.042025005682345906&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=6&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
6df13adf99c436212c241c7e8d9885acc483698ca07e2e7b5931e407bda9d21f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:07 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1289
expires
Sat, 26 Jul 1997 05:00:00 GMT
js15_as.js
s10.histats.com/ Frame 330B
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76527
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6542f656a22-STL
content-length
4547
/
pools.comunityhk.com/ Frame 48A7
Redirect Chain
  • https://net.comunityhk.com/
  • https://pools.comunityhk.com/
47 KB
12 KB
Document
General
Full URL
https://pools.comunityhk.com/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6ac37e2140b047c57dda8c1d8aa405afbaa6f248f21604e8c80b03f6a56a88

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d654efb64de9-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:10 GMT
link
<https://pools.comunityhk.com/wp-json/>; rel="https://api.w.org/" <https://pools.comunityhk.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://pools.comunityhk.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbvFmosJ%2F4lGwHg7UTQ2SZUH3WhJKtPVsr2jXJl1%2BWdaYefwZOQt49Z3aMz7Ca4KMdeN7JLU3r7FkdMKm7BJPfcNBTB5YVjxDiXTcS1jtztNrH7hED0pqoLZR0NIymtTRaH4sjPyGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
83f0d6547f3f4de9-MCI
date
Tue, 02 Jan 2024 06:10:08 GMT
expires
Tue, 02 Jan 2024 07:10:08 GMT
location
https://pools.comunityhk.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUm7cgSyFaDebXA4ilNmIUNZlnaQrSHYflYgbNtfD%2BvxC98jwY5jlPKQHCGHkZ2C%2FOZ8PsfR7ckewD9UX%2BqkD0DN5dBNp7BwUNfZxD0sg3VUqPFMS6ZVEQeKIkflkS20F48ojgs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
data.bolamerah.net/ Frame FC96
Redirect Chain
  • https://bolamerah.net/
  • https://data.bolamerah.net/
70 KB
15 KB
Document
General
Full URL
https://data.bolamerah.net/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623bab1883fecbb704a437b8c7ce60842820e32258bc27fbc9c49d8825742927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d65478494df4-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:09 GMT
link
<https://data.bolamerah.net/wp-json/>; rel="https://api.w.org/" <https://data.bolamerah.net/wp-json/wp/v2/pages/30>; rel="alternate"; type="application/json" <https://data.bolamerah.net/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXcA%2BGTNpwqh6yVrDcLlwYwPkExqBhUJ%2BV1CU5S%2FxQnUb9QbIHDI3q5xbqwQxFBrzBy1RTiyOCG%2BX3uJOhzzhY%2B5Ab0Knj8RgBbWN9YBauUMH1goeyMxTp0Apxd6o03u8pmbx6Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
83f0d6542fdf4df4-MCI
date
Tue, 02 Jan 2024 06:10:08 GMT
expires
Tue, 02 Jan 2024 07:10:08 GMT
location
https://data.bolamerah.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba7oHGDdo9BR7d7HVx1Yx7vKz3cjJA2ZQ4UMqN0ii%2BgEsmsFEkdPstyUp%2BvVJNfYjpQREHiaRuHk7xX%2FlzIjEXO0r%2FsUUI63M2Hb7BYQ0grOQVy6rI%2BUtOVzj6GK32ci"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMB0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ Frame 330B
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWV3PuMB0ciZb.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
ebc4a28d28ca4aeda6c0091aa3f29289d7db2def86b2eeca06672c73719dec42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://master.aimistik.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:12:11 GMT
x-content-type-options
nosniff
age
21477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10072
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:58:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 00:12:11 GMT
wp-emoji-release.min.js
master.aimistik.com/wp-includes/js/ Frame 330B
18 KB
5 KB
Script
General
Full URL
https://master.aimistik.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 27 May 2023 09:01:08 GMT
server
cloudflare
etag
W/"6471c6d4-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkLhW0%2Bri3g1huNj1gLjoxQMwpN2WsvCruKqPswcqLzBLQgF8f1szlY7V4SHhclBlUZAHnF5SVM1ahHjj0Z3ZQ4e3nQYJOowqkkCbhqs9FHclI9T68Eaow8gPHRV0yJeyWdw%2BUtW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d65468264df1-MCI
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175808609.1
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=1aec285293aa4b7250c434a6992b656f57448a7484e0a87d6639f3c9ed33fbebc0cb235b3774c97e&cb=09575420
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=1aec285293aa4b7250c434a6992b656f57448a7484e0a87d6639f3c9ed33fbebc0cb235b3774c97e&cb=09575420
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CH6TDFXKJY95VQQYB88V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:08 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=1aec285293aa4b7250c434a6992b656f57448a7484e0a87d6639f3c9ed33fbebc0cb235b3774c97e&cb=09575420
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
5386
tags.bluekai.com/site/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175808609.2
  • https://tags.bluekai.com/site/29539?limit=1&id=2r2NrXWH_Fbj73xdaU1fFBCAOJqZvL3s-MzigvBrbwjc
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
62 B
306 B
Image
General
Full URL
https://tags.bluekai.com/site/5386?id=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 06:10:09 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/5386?id=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 06:10:08 GMT
server
Kestrel
content-length
221
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7557075&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7557075&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7557075&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
362248.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175808609.4
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=56d72184bf145c5fd097c7dff750b8d89b5fa2efb5cedbbb5973b3c5e0e54fe0b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=477&dpuuid=56d72184bf145c5fd097c7dff750b8d89b5fa2efb5cedbbb5973b3c5e0e54fe0b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3...
  • https://idsync.rlcdn.com/362248.gif?partner_uid=62221526355076880713237290817115184386
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362248.gif?partner_uid=62221526355076880713237290817115184386
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

dcs
dcs-prod-usw2-2-v050-0d18f59c5.edge-usw2.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
4MSDBZiCRxM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://idsync.rlcdn.com/362248.gif?partner_uid=62221526355076880713237290817115184386
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
qmap
sync.crwdcntrl.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175808609.5
  • https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.48.32
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7573092&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7573092&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175808.7573092&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
4724745.php
s4.histats.com/stats/ Frame 5DF2
438 B
573 B
Script
General
Full URL
https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:143972148&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
3e7514c70c53f04a3fb9e3988b373bdf352a4a9240e9d90e406a22d0bd67daf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
438
Content-Type
text/html;charset=UTF-8
t_.htm
t.sharethis.com/a/ Frame E2A5
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.042025005682345906&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:08 GMT
Expires
Tue, 09 Jan 2024 06:10:08 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
4563875.php
s4.histats.com/stats/ Frame 330B
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:83043130&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
4563875.php
s4.histats.com/stats/ Frame 330B
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:148814363&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
4563875.php
s4.histats.com/stats/ Frame 330B
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:191761306&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
4563875.php
s4.histats.com/stats/ Frame 330B
440 B
575 B
Script
General
Full URL
https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:177479528&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
440
Content-Type
text/html;charset=UTF-8
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 2AA5
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:08 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:08 GMT
close.png
master.aimistik.com/wp-content/plugins/uji-popup/modal/css/ Frame 330B
4 KB
5 KB
Image
General
Full URL
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 18 Jul 2023 04:43:54 GMT
server
cloudflare
etag
W/"64b6188a-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2a2nfwVwmvz%2BP3h%2Bg8yknF3gd6B4b1yJjiOJ61BWenkXC8eEZS10lit7tw4iB%2BAgW0YoLQLpxrRJrHblgF37afjIEN8TnM%2F8yIHYuK1pj57JbeEaxTXylHEH9GGGgcPk8BWtScJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d655fa674df1-MCI
/
e.dtscout.com/e/ Frame 720F
7 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4502232.php?4502232&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mFORUM%20ITUCT%20-%20PREDIKSI%20MEDZ&@n0&@ohttps%3A%2F%2Fmaster.aijos.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:13163932&@b3:1704175807&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmedz.forumituct.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0acea784f672f8c25d8f759234ef48bc72070b0d70aa7173f4d540069b4e87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
x-t
0.282
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSilrfIvGqvH50r4SLgUVxXCUFKkERwWNwAZGNdUCL%2Bdu9H%2Fm08iKaki4eacZgf7kpoFbSVTV77XxdwwrbRBbEfrOqZTMsusphjRTvbneUXMjqFYO526IlYCZzjD2ug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6560fbe6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:08 GMT
a.gif
t.sharethis.com/d/ Frame 2AA5
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175808703&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aijos.info&pn=%2F&qs=na&cc=US&cont=NA&evid=wGzyIzYA6Ipj0XEZG4Af&urls=&rnd=1704175808947&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=106&bcnLcy=108
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:08 GMT
db_sync
px.ads.linkedin.com/
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=92285&pu=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3F4CF96BCA2A41C1A949A037BE2D2495 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Fm74bxcSM1CQ/VbpA==
db_sync
px.ads.linkedin.com/ Frame 1668
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=92332&pu=https://medz.forumituct.com/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E6A3330A5465494A870DCFEA185697BA Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Fm71qmS9IYYJUd7iA==
logo.jpeg
livedraw.pro/master/assets/ Frame 7A47
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUSPJv7iOr4nwr4GYNwBOUziXMyng7UjDSFxv3RiBLRqD%2BOPkzaoI6O7XnXIc90fWqmoY%2FSCWIDoiTczfBFPzrOAuMF4oL6V2VzktnAMBBRzSs86dmL1jNAf9QVf7I8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d656be434df0-MCI
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame B769
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=18388
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:09 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-id
yfdN5sjc55neCYBiPqKspdDF7AzCwQwknpWs0cemADG6v9ankVweNw==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
/
t.dtscdn.com/widget/ Frame 720F
0
444 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmedz.forumituct.com%2F&r=https%3A%2F%2Fmaster.aijos.info%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
x-t
6.42
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPL1NWq7kSUI%2B1BjDl94s6XtCYE7OnuHb1QTea9eBWrQxh2DsB9TOCBm%2FRkAGWu0ig8bvlszK3yYlcqM4mq9i25%2B%2BHHYW8TRxgjQ7l4mJiSkeRnht96W9TuZprSt3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web15.ny1.dtscdn.com
cf-ray
83f0d6572ac94e03-MCI
expires
Tue, 02 Jan 2024 06:10:41 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 720F
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63667
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Q35cHk33Wjq1ffnf_2CkG7zxrNcDfA44k9dPbCoVNCwqxZB9cG1heA==
dtscout
pd.sharethis.com/pd/ Frame 720F
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/
19 KB
6 KB
Script
General
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=https%3A%2F%2Fmaster.aijos.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
age
150367
etag
W/"651ed188-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f0d657280a23c1-STL
expires
Fri, 05 Jan 2024 06:10:09 GMT
tpid=104017041758038360C2DD43CC8E4CDF
bcp.crwdcntrl.net/5/c=3825/tp=DTSC/ Frame 720F
49 B
366 B
Image
General
Full URL
https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=104017041758038360C2DD43CC8E4CDF
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.58.70
content-length
49
expires
0
/
pixel.onaudience.com/ Frame 720F
35 B
247 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=137085098&mapped=104017041758038360C2DD43CC8E4CDF
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.94.170.64 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-eu-7.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-length
35
content-type
image/gif
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=7&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
0d57a235d8207f4b1585df7930ec30f2a4a51b90a66cbf51ed7f3366d17ed341

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:09 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1289
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/
879 B
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=8&chmob=0&r=&pu=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
f8fc099809f261ede1e3d1b673e565c7a030820c6dbcc66ad91a01377931997b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 02 Jan 2024 06:10:08 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
879
expires
Sat, 26 Jul 1997 05:00:00 GMT
t.dhj
t.sharethis.com/1/d/ Frame 720F
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.542506302396772&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:09 GMT
dtscout
pd.sharethis.com/pd/ Frame 720F
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aijos.info%2F&event_source=dtscout&rnd=0.542506302396772&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 720F
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4071709998525823&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:09 GMT
dtscout
pd.sharethis.com/pd/ Frame 720F
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aijos.info%2F&event_source=dtscout&rnd=0.4071709998525823&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 5DF2
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcJmGhN5cRqym8rf%2FvCVJl252DXXxFBIl5%2FTldB2IxNnXyqz%2FvQ1bekSOnWdhUNmUa04KcOPv243zS9EgKneZLiFDs%2Buq0sYBgEegXTGsuoZrB%2Bl9Ei8e5UVgar7s4DLzXkQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6581e474e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
380008.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809273.1
  • https://cms.analytics.yahoo.com/cms?partner_id=LVRMP
  • https://ups.analytics.yahoo.com/ups/58768/cms?partner_id=LVRMP
  • https://idsync.rlcdn.com/380008.gif?partner_uid=y-88wzz_dE2pw8gPPYbwr0UZpZVp.J4soCDbQ-~A
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/380008.gif?partner_uid=y-88wzz_dE2pw8gPPYbwr0UZpZVp.J4soCDbQ-~A
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/380008.gif?partner_uid=y-88wzz_dE2pw8gPPYbwr0UZpZVp.J4soCDbQ-~A
date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175809273.2
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=1791377155475426268&bid=omt9pi0
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=1791377155475426268&bid=omt9pi0
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=1791377155475426268&bid=omt9pi0
Date
Tue, 02 Jan 2024 06:10:13 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4930162&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4930162&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4930162&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
379718.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809273.4
  • https://usermatch.krxd.net/um/v2?partner=liveramp
  • https://idsync.rlcdn.com/379718.gif?partner_uid=QAte4YZk
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/379718.gif?partner_uid=QAte4YZk
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/379718.gif?partner_uid=QAte4YZk
date
Tue, 02 Jan 2024 06:10:09 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1704175809273.5
  • https://idsync.rlcdn.com/423476.gif?partner_uid=2zpOqvYys2fgUdeHA0k0AJqglzetJRFLCB0-N9-CdUXw
  • https://loadm.exelator.com/load/?p=204&g=450&rluid=1826d3e0db4f08456b624f066e4ce6b23a17342f3d51c1575652a1ac06fa59d4f2fc7f7248dfd545&j=0
  • https://idsync.rlcdn.com/362708.gif?partner_uid=329fedbeb8b5a7adac2f0569ca6dd42b
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008NdjqRXYvgep_wEHheNPXZKbzke2yuT7pMLdsvnhS4DQ
44 B
705 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008NdjqRXYvgep_wEHheNPXZKbzke2yuT7pMLdsvnhS4DQ
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
18.238.55.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-16.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
rPk3VEdCHXFAiqYTfnbz42NSGLcgQwu6i0K55Iw2lEddOwramwpKWQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008NdjqRXYvgep_wEHheNPXZKbzke2yuT7pMLdsvnhS4DQ
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2WTqLsbi082J6a3Ag%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fmedz.forumituct.com%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d72d-237d-4cb0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1791377155475426268&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd6e6d7...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&pid=500040&it=1&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e%3A1704175804.1508296&_=170...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4939568&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
42 B
59 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4939568&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1704175809.4939568&iv=d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
t_.htm
t.sharethis.com/a/ Frame 929A
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.542506302396772&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:09 GMT
Expires
Tue, 09 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
401696.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.1
  • https://tags.bluekai.com/site/2035?phint=rluid=090c922f13b34de3663815fe4aa4878ecf3ad644f842802a24ddfa5c7ab0047d2971936f2f944561&redir=https%3A%2F%2Fidsync.rlcdn.com%2F401696.gif%3Fpartner_uid%3D%24...
  • https://idsync.rlcdn.com/401696.gif?partner_uid=XJlz%2FOtn999U08Bk
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/401696.gif?partner_uid=XJlz%2FOtn999U08Bk
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
location
https://idsync.rlcdn.com/401696.gif?partner_uid=XJlz%2FOtn999U08Bk
cache-control
max-age=0, no-cache, no-store
content-length
0
bk-server
f4b2
expires
Thu, 01 Dec 1994 16:00:00 GMT
364708.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.2
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01EC61A11KAM4QCFG5RN38VQJZ
  • https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=914C098408F29A75EC340A0515FF3321
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=914C098408F29A75EC340A0515FF3321
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location
https://idsync.rlcdn.com/364708.gif?lr=true&partner_uid=914C098408F29A75EC340A0515FF3321
cache-control
max-age=0, no-cache, no-store
cf-ray
83f0d65a3ae923c1-STL
content-length
0
397676.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.3
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=z2YEKjZGRndSGql7Q5DAQFFl0gzz93yh
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=z2YEKjZGRndSGql7Q5DAQFFl0gzz93yh
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=z2YEKjZGRndSGql7Q5DAQFFl0gzz93yh
date
Tue, 02 Jan 2024 06:10:08 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1297655
content-length
0
403896.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.4
  • https://sync.srv.stackadapt.com/sync?nid=liveramp
  • https://idsync.rlcdn.com/403896.gif?partner_uid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=&gdpr_consent=
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/403896.gif?partner_uid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=&gdpr_consent=
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://idsync.rlcdn.com/403896.gif?partner_uid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=&gdpr_consent=
Date
Tue, 02 Jan 2024 06:10:09 GMT
Connection
keep-alive
Content-Length
154
Content-Type
text/html; charset=utf-8
367148.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.5
  • https://sync-tm.everesttech.net/upi/pid/w8wqx7f2?redir=https%3A%2F%2Fidsync.rlcdn.com%2F367148.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24%7BTM_USER_ID%7D
  • https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZZOowAALd3uKdQBH
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZZOowAALd3uKdQBH
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

x-served-by
cache-stl760065-STL
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704175810.550532,VS0,VE0
x-cache
HIT
location
https://idsync.rlcdn.com/367148.gif?served_by=evergreen&partner_uid=ZZOowAALd3uKdQBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
403466.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1704175809279.6
  • https://match.prod.bidr.io/cookie-sync/liveramp
  • https://match.prod.bidr.io/cookie-sync/liveramp?_bee_ppp=1
  • https://idsync.rlcdn.com/403466.gif?_bee_ppp=1&partner_uid=AAA6J07LJ1IAABM4PAw9Bw
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/403466.gif?_bee_ppp=1&partner_uid=AAA6J07LJ1IAABM4PAw9Bw
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/403466.gif?_bee_ppp=1&partner_uid=AAA6J07LJ1IAABM4PAw9Bw
Date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
t_.htm
t.sharethis.com/a/ Frame BE1A
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4071709998525823&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:09 GMT
Expires
Tue, 09 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
style.min.css
data.bolamerah.net/wp-includes/css/dist/block-library/ Frame FC96
107 KB
15 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:42:24 GMT
server
cloudflare
etag
W/"654aaf40-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7HQKJyXtnGwkmKTQZi9TsLGUX8vsFwDVamWYxKWUw9xexcRnhVr5rV03dojWpQGIVfzIHDmmjTogZEFUTqCpSgX6epB5b36IPPVwnB8Muyd0QyyYtqSM6O1G%2BwNUzIQYakpPJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6594f5a4df4-MCI
css
fonts.googleapis.com/ Frame FC96
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:09 GMT
genericons.css
data.bolamerah.net/wp-content/themes/frontier/includes/genericons/ Frame FC96
28 KB
16 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Jan 2023 16:22:12 GMT
server
cloudflare
etag
W/"63cabfb4-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg3oRbS6Wodhyvuc8vuo8%2FngWTx%2FyOdHuGA1V1KuUjPqqYs1cdPCdDr%2BQsXDGW5fFfzuAb1YYjHe1dnjv6aDSmkcNr6SpbILKnD8RyPHdtB8wMfv8Sk1fNbw1HdCr4i1mwjb%2Bgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6594f5c4df4-MCI
style.css
data.bolamerah.net/wp-content/themes/frontier/ Frame FC96
26 KB
7 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Jan 2023 16:22:12 GMT
server
cloudflare
etag
W/"63cabfb4-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB3yvM1Es6Wjq5s%2BC8yZYLOIh7reHm3nxDBq8jMgEqwhpcHJNPbsgYs%2FNXwvj7nu0%2BCugWB3GM7v%2F1zYtg6WTGSeunUPST9EasmoA4PtgwQFgKPkxJf5YC41n%2BRIYQqM7F07S9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6594f5e4df4-MCI
responsive.css
data.bolamerah.net/wp-content/themes/frontier/ Frame FC96
3 KB
1 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Jan 2023 16:22:12 GMT
server
cloudflare
etag
W/"63cabfb4-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhAPp1X0ZC5RxQGAYpRmLb6rDKDfVkPpDb85OHph1Z6Gh4jw%2BulSBT1C8XH0u4NL%2F4Lb7zHaLyG4XNs3DmCgT%2BPCyxLtSx6wEpH1x8SZKGtihYh5bmjaTLZFfkVKnspQJFO3cHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d6594f5f4df4-MCI
jquery.min.js
data.bolamerah.net/wp-includes/js/jquery/ Frame FC96
86 KB
31 KB
Script
General
Full URL
https://data.bolamerah.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 21:42:24 GMT
server
cloudflare
etag
W/"654aaf40-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XalbmRQrsUra3BjZfGmT1liKBmC1ekSVo9jnN8DSXOmDMl3PKC2%2BqerYKoJaGGEe17u1ceMt%2B%2F3DMvRm9Zl2van1PgR25xkNyBEcLyn2IuI%2FrO0i3yBMwvVoZSGvd4nOMdphTsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6594f604df4-MCI
jquery-migrate.min.js
data.bolamerah.net/wp-includes/js/jquery/ Frame FC96
13 KB
5 KB
Script
General
Full URL
https://data.bolamerah.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 08 Aug 2023 21:55:46 GMT
server
cloudflare
etag
W/"64d2b9e2-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23JLTp3jt5veXyCbr4JZhQqj5pLI3qC1XbgChhtxZ5TR2689q7YrJEuPnK5QDZfIrqPdBsVxp%2BTaJIJ00vfGnQSg7vwxer8nlLAvsgjUpHjaXVvDmJEhqPwBghW9DU04cFOtIOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d6594f624df4-MCI
idncash_gif_728x90-8.gif
sniperbom.files.wordpress.com/2023/11/ Frame FC96
621 KB
621 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/idncash_gif_728x90-8.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c5a63f739a50d01fd97bbde57f263cdfbec0421551f7d08e893cca85d537f398
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 03:17:19 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
635553
expires
Mon, 15 Jan 2024 16:41:49 GMT
betcoin_gif_728x90-14.gif
sniperbom.files.wordpress.com/2023/11/ Frame FC96
92 KB
93 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/11/betcoin_gif_728x90-14.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9399bf7570eb0eafa3574c3b8f9a54e9e25dafae4354f1add9375f8e78dc778
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 20 Nov 2023 06:17:27 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
94584
expires
Fri, 05 Jan 2024 11:44:49 GMT
cropped-pngwing.com_.png
bolamerahhk.com/wp-content/uploads/2023/01/ Frame FC96
0
0
Image
General
Full URL
https://bolamerahhk.com/wp-content/uploads/2023/01/cropped-pngwing.com_.png
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame FC96
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 07:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 07:24:05 GMT
colorpicker.js
gistcdn.githack.com/totowebdesain/b03e8bc00f707a56eb21da0f6af67d95/raw/34b95b25502ee6fc026bf6d9359a7a9ba9fd426f/ Frame FC96
17 KB
4 KB
Script
General
Full URL
https://gistcdn.githack.com/totowebdesain/b03e8bc00f707a56eb21da0f6af67d95/raw/34b95b25502ee6fc026bf6d9359a7a9ba9fd426f/colorpicker.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be767e656e1835ac64fe3653974acd312d2d4ea0ac0f66136cd123bb7ec79a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-fastly-request-id
76392f170f9d100289beefa27e3d8ee5866c198a
date
Tue, 02 Jan 2024 06:10:09 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
215400
content-encoding
br
x-cache
MISS
x-cache-hits
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-hel1410024-HEL
server
cloudflare
x-github-request-id
FB9C:B216:3DA555:413A05:6565B6FF
x-timer
S1701164813.729711,VS0,VE177
etag
W/"c721ae985b30bf1da0500b87d31b790c1e55bef5865db5c5620e16526fb274be"
source-age
0
vary
Authorization,Accept-Encoding,Origin
x-githack-cache-status
MISS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1LYgapusT%2Fh1S7dRRvzs9nOjJ3%2BJHhOnGy%2FZzAKyFrhzO9YIi2XVoT1f4WZRxEtp3enbs8nz%2B9oCe7IpD0yHyW8CB%2BMFqNlR5jytIQpZ0el5RM2DR445fNIp6ajpIQPTf9zQGXY"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000, public, immutable
x-robots-tag
none
cf-ray
83f0d65b1d052c9c-DFW
expires
Wed, 27 Nov 2024 09:46:52 GMT
close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame FC96
2 KB
2 KB
Image
General
Full URL
https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f1.1e100.net
Software
fife /
Resource Hash
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:18:37 GMT
x-content-type-options
nosniff
age
10292
content-disposition
inline;filename="close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
server
fife
etag
"v744"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 03 Jan 2024 03:18:37 GMT
pphoki_728x90.gif
sniperbom.files.wordpress.com/2024/01/ Frame FC96
150 KB
150 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2024/01/pphoki_728x90.gif
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d2f8ddf56e742d7775fa43b3bb72580d7a2a4bc689ebf2cf3b82b40822e4e43e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
MISS mdw 19 np
date
Tue, 02 Jan 2024 06:10:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Jan 2024 05:34:06 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
153795
expires
Sun, 04 Feb 2024 09:49:02 GMT
email-decode.min.js
data.bolamerah.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame FC96
1 KB
1 KB
Script
General
Full URL
https://data.bolamerah.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58GhQBxGDgQVD3I5XAkv9l6qORsOa78mx75YN%2F2UP4bTs%2By6AzpSbG6Vffk5YAkla4%2FczaD5j4t1x5YglxlR%2BiweqOk5lmw0%2FFj3H%2B47p%2BhiwCGntIqAiC5yzUIadehofQoUnVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d65c6c504df4-MCI
expires
Thu, 04 Jan 2024 06:10:09 GMT
jquery.modal.css
data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/ Frame FC96
823 B
790 B
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia9SquuVX61pSrDHiPnNhBhR9ryfknZgH7eIIhIGuSGTCJ24DRMJebtyC2X3SRyLWttpBsTB7gLIVs0UlkvtCDKNvs8qe9lQE4hoQecTYu5hlrKvPSmzcGAv3ksC8R5aV9LQYt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d65c6c524df4-MCI
popups.css
data.bolamerah.net/wp-content/plugins/uji-popup/css/ Frame FC96
2 KB
1 KB
Stylesheet
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ83BP9yUBbyvrAWnjwW6WcV8kq%2BdfemSfgX93dkZly1ZgI0VAd2bbHFQUAKunueb08qWoU1%2F31mfSTsn8sY3p%2BF5q8C6%2F8WUCsGUL7Ksa7yEXFr8UU%2BsZAZmbRI%2BSKC02aUkK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83f0d65c6c554df4-MCI
jquery.modal.min.js
data.bolamerah.net/wp-content/plugins/uji-popup/modal/ Frame FC96
4 KB
2 KB
Script
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCxql8N4Nqaat8x%2FS9yLZwyge0%2FazHZKPn6LYqmlwVczDsYXIgt%2Fwrk6vp9BAbfH36QlqPVhE4DuP%2FFtSwCNyjKaCdCOEh9c20DFnXovM7k3qXC1Zq8I6RqDMi8SuLPCmFQPoj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d65c6c564df4-MCI
popups.js
data.bolamerah.net/wp-content/plugins/uji-popup/js/ Frame FC96
2 KB
1 KB
Script
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2WzSmP1pdWGO3bp2hZbz0E8bZPK8qwGspBbfWRgjb%2B7%2F8CLiN8l09osJws47EOey%2FUjw4KOnM48DvTlrrbUVVIsHAHwHDy5uEg05ZAIZnJmJvVK10vj1mRZHfZNgKift8A04%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d65c6c584df4-MCI
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match?r=45910
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
679 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:09 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:09 GMT
merge
ce.lijit.com/ Frame 1668
Redirect Chain
  • https://um.simpli.fi/lj_match?r=22157
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
679 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:09 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:09 GMT
close.png
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 5DF2
4 KB
5 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtWHzyMQ5nMP0SXelp%2FHsKmH7yiHT7Ic6e47mx4sgMjqcSABRQ0Zat0zTxlg1Z%2Fq%2FOg7wx35VvNhEYXyOL83ynXO8MQ4mooyTXFVaFslje24VcsXain0IcfBM5s4TSTQ7Qj%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d659e9174e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 3726
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:09 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 9D2F
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:09 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:09 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 9E9F
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=74262
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:09 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
188914
expires
Tue, 02 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Tue, 02 Jan 2024 06:10:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
a.gif
t.sharethis.com/d/ Frame 3726
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175809427&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aijos.info&pn=%2F&qs=na&cc=US&cont=NA&evid=-SzyIzYA5QzsGqFPIP-9&urls=&rnd=1704175809730&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=97&bcnLcy=79
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:09 GMT
a.gif
t.sharethis.com/d/ Frame 9D2F
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175809444&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aijos.info&pn=%2F&qs=na&cc=US&cont=NA&evid=PTzyIzYA3snkpG_ZXf_T&urls=&rnd=1704175809746&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=102&bcnLcy=79
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:09 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 5C5B
0
0

cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 4AF5
0
0

cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 37A0
0
0

wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 37A0
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uV5MMctBcxCyOEkBGMDYOKSPlrb%2Fztts%2FDExz7rRJqWN7TClonNadQbUx%2B%2BuZVkqVrAPkema8E07lEiFk2G5CBgXDRYgVeDGYw1ibT0Ockm8FGfRmFEWo6xLjM7hOsHZWEN%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65bdc064e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 4F69
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://data.bolamerah.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 4F69
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://data.bolamerah.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 5C5B
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU0aB3MQ1PnG9uJa%2BoKFlUOhUA4fZZJUmOoQTumDZWUk8s2VfJZ1UAn36rzAdW8TcsUYxHlcyk%2BsHbV%2BgeYRTKKmppbnsXPI%2FJEtH84y7VNqoyyleGO67g1Ll5sdGH%2B0q8rU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d65c2c894e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
style.min.css
net.itupaito.com/wp-includes/css/dist/block-library/ Frame 3314
107 KB
15 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioj88BzERYF1gYmTr82Bo7RkBys6CLDaQcLM0PuMubwiYlTNpa81vh8iZMS61SCHR2EM1YYLp6gIEtlZnHwPhaXt9VzIUHwxeHMmr%2FOMe1l%2FpM4rG3ZffRNjjj4IgTou92YP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d65c4cbb4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
css
fonts.googleapis.com/ Frame 3314
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:09:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:09 GMT
genericons.css
net.itupaito.com/wp-content/themes/frontier/includes/genericons/ Frame 3314
28 KB
16 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx4uiN7zhv0sqXBqhFF2wZ8c63Hrbo6JPnwj8sdkgBhrRnNyLXef%2B2AxeYqOptxXUjKGxDrj6Vybc7%2BttUWHwctGqvR5Jv9XdfoQ30yBj7hQRVKaSHqhJVRocvwC%2FGKjpGY1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d65c4cbe4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
style.css
net.itupaito.com/wp-content/themes/frontier/ Frame 3314
26 KB
7 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnRxlm41JGZXdAvuczLsaWSK0k1I7uNNAjJ0y%2FmrZzk6E9DHI4nglYbPn6utJCWQP8xdveQ0o2b87QCRqcbDbdAcOPhcqjqPnWTOZnwiIWp8IrqzEUaY5M94p1qtyMKwo6cd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d65c4cc04e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
responsive.css
net.itupaito.com/wp-content/themes/frontier/ Frame 3314
3 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePZfgEBAszBaYdGIx%2BeS%2F2YnQZ6V3fH2ULK6JsefoCbs8hJwoCPeEY2BzfvuQQnhxrzn7gbEljqgZNq7kNvYlXKIB5UmDcO83PXRf8dtrLZolz0OouH2cT30NCX4F9twogag"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d65c4cc14e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 3314
86 KB
31 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hft7fS0RyleptiRLQ8FHyBlfjnpuEGRyo56wQkoFcoVNtiNTVgUahzCWp4C59IOqQESOvVTIFp8B0jIpyXPa%2F94fLHxeIOk9A85swhaNU%2B3wsszB2%2FJDwd7ATOwk6CWABx%2Bf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65c4cc24e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery-migrate.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 3314
13 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyaVJNQyiQ9oVz0Il%2FxIvYFzgcspQxjCeWe3SIhImoGfeZF2xTDLfjAh1pk%2FDLwIAleVo2H%2F7JKuNFVrj7Csj3pRmzghJTzAOMdvWAIoQAE4p3%2FCNSzvobde1KPW0vzpESwW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65c4cc64e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
itupaito.jpg
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 3314
41 KB
41 KB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/itupaito.jpg
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2148e4d782585cf051fc1e4260e1aac881e9b3d7016a5a88f709ac8667124f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 11 Dec 2023 02:46:37 GMT
server
cloudflare
etag
W/"6576780d-a23a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHa5qvT3GUCZjDbY51EbLrd6C9KJZ0gYyqHz5M7WlM1mlDuoMXvSesRelRH1TetXjIAAjasLNHCfmmbKfhdDFBHTf2K2JgbKU4nThLFp8op4LOirNzRIF8cMtiPqHXcDCZAhhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d65c4cc84e01-MCI
ezgif-2-57185206c3.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 3314
3 MB
3 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/ezgif-2-57185206c3.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f603e8ca70ab2fe4e27345b6ed4777e0d4229e10158318d2d56188737e3c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:22:15 GMT
server
cloudflare
etag
W/"658d0607-37536c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3npe%2FvzkuA5lAMDt9prnwIvXbyhGM7vaIA0h%2BCW6%2Fw8WkDwySCXDUZ9486lTtGKMx0FCzFDnX0CQcyhI9WU1tQAxDS%2FpvhPYYffvlaJRfdF7w9Q1i6x30FVsVkni5KY%2BrUjnQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d65c4cc94e01-MCI
dewahk.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 3314
1 MB
1 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dewahk.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29eec787b47f80e9c88f284711a9960b7234312cdee191b60b8a791110402b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:10:10 GMT
server
cloudflare
etag
W/"658d0332-12ab6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikNgZvzP2OqwJ8XCUBYT7xbykfK2fLKyvKFM3D33cE4U0YL84PyKvqoLAgD8sX%2BQ4AgKfFLoJRIOS%2FdwUQxK7fpopQ4%2FX8q5gH%2F%2FMT3HRCaRTdmDZ2LDj812NPIn6tnmm9uDQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d65d2dfc4e01-MCI
dwjt.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 3314
2 MB
2 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dwjt.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc490ec6a9b3acd4ab42676d2be07d89f943b43c5fcfa814ff1a2240d8adafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 04:59:03 GMT
server
cloudflare
etag
W/"658d0097-1e9f81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQ5O1z5us92zJlTviemHBHAsdJWt%2BrbLLVdhWjVVw3iSneksyipaCWNfWIHLlSNA643mnU3Fb%2B3sSFR57AyXckGKlF3c6OCXlyXz%2BNrnJd3qP4Wk%2BRmLVVm3iGXd4%2B0h%2B4nBNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d65f89964e01-MCI
kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 3314
1 MB
1 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
79fd518534c7a5da85d4c1e31b84ef8492a73bfc195a59983579ebcdf97004f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:20 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1488081
expires
Tue, 16 Jan 2024 04:57:56 GMT
domino88_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 3314
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/domino88_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
be94d0e3dc5a19a564e445be20558efee2eeb851b453faaaedf82f9e0db68f6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:08:41 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1998053
expires
Sun, 21 Jan 2024 12:45:52 GMT
dewacash_gif-banner_prediksi_728x90.gif
sniperbom.files.wordpress.com/2023/10/ Frame 3314
98 KB
99 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/10/dewacash_gif-banner_prediksi_728x90.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ebd6573326882892ed88414467a25bb6c0f05266418e67816dbd8779c22b6be1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2023 04:02:28 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
100715
expires
Thu, 11 Jan 2024 04:06:20 GMT
lapak303_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 3314
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/lapak303_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
61c8a7e7fb9f931484a0f4f1ad9fffd134f92497ebd2fb11671bca96e5cd2553
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:03 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2071280
expires
Fri, 12 Jan 2024 18:31:40 GMT
itupaito.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 3314
37 KB
37 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/itupaito.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c549eca6d723d2d78691f886ce702f3df04cb59ed4848d778d2d4d68451eab4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 16:34:14 GMT
server
cloudflare
etag
W/"654a6706-935c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tluVlTDDL9wM%2B8y%2B%2FwNIFx0Yambd55M%2BqVJrBjAhtl9PHOBXeNB895KnHwo%2FLS8il5oaomY3gZLsHgAbCVfm1JLzSFtb%2FA86mRYlZyj9VGAslGn3JHjpZGhQr7J%2B9LFzGHCh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d65f89aa4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 3314
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 20:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 20:20:13 GMT
email-decode.min.js
net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 3314
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtp%2B%2FcY7%2FmSMCX0tn7OM52%2FV8oeJfb7BNV%2BKX74dNeRcIhaWagwypzGjpdTMyTcCIC%2FFZ3MEychlhGKvST2m94wYnviabl3ChG3EfBWZ82XVUCZLHyMoZW0MIhGvuhzYjF9e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d65f89984e01-MCI
expires
Thu, 04 Jan 2024 06:10:10 GMT
jquery.modal.css
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 3314
823 B
819 B
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk%2BiLzAGDy3XHRn3SFGcn0dr2TBz5QBN44Y9tbsEmc9Dr4VPdgxus80r68NxcBau2d5rhUH98JKUudYVte7MNGERYaF4alFN%2FXoPcFxhop24QnxPw90sVWpVhKjiscAM0mxz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d65f899d4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.css
net.itupaito.com/wp-content/plugins/uji-popup/css/ Frame 3314
2 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RM68pdb1ZehWD9KQQqk2qVgnmCUabVfP8SPN%2BqxRDuesiXuqS1I0QozPrnGOD9bwSJCSDsQ6ehR1ld3RMpEEMTZMiQGOeTHrZt8E7F2uWzLZJNEAmMwUYSntLwIN2PhPfAt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d65f899f4e01-MCI
expires
Wed, 01 Jan 2025 06:10:08 GMT
wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 3314
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zb2DqrdQFnJtXed1Era587zznE%2BoEW2uasdvWZ18v5KPPaBOgtobbr4xGjkuFyqFTLMOK7x2D75DKlMkKY28gWLiQ776tIOUX521Y3IRsEfMJLg1XZui06HZp98w8A%2FuyEqb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65f89ab4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.modal.min.js
net.itupaito.com/wp-content/plugins/uji-popup/modal/ Frame 3314
4 KB
2 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWzg8q9Xz3cU9wVZaLhJiPBFvLNHxbDzALHKVR5i5dDmGsEvABNzF2MaMk%2FhvplwdnxaO%2B%2Fn74UNptsw%2FdVDFNd0cUM6NUrxrOiKTkZwac5bG1090PJdW8XlynUI4tiOZ%2B1P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65f89a34e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.js
net.itupaito.com/wp-content/plugins/uji-popup/js/ Frame 3314
2 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kc3ItEqVz0g4SOVEkr3ZSJk0JChdeutooJUoTzv8QgRgEvavX9OAlWFZO1OoeDXm9V8uXzzKe%2FfTM9QYCF1ZMEtP5qpHIRVPZAqLAs2iGvLnHBniKhJdgy2SaQQyRRLxaPjp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65f89a74e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 4AF5
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9xGOnrN7XsiUs%2B37EM67F1T0V%2BxSaKRVVmTIhZ9oGbuH5cMv3vBtewxZhuNk9glCbUUMK5RrrxSPD9EkY5cN2s0q%2Fs%2FHXbhAEnurHBsqGFxK3yhegpWrueJ7xN9Hvp3omty"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d65c4cca4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 37A0
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzq49W6MMivLx4vWpvs3Y7Q4JPTVM%2BSDV92V5sfj951nH6vg2LT4ihq%2BO0W1ym90e8ws3CxbIqBa6bBEO1QqS9uMbZJUnspxEf9hYSIvDr%2FyOoHsIQ0jf1KQY%2BA7kiKfsJHN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d65c4ccf4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
/
net.itupaito.com/paito-harian-hk/ Frame 9B47
95 KB
18 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-hk/
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f795705bc67bc00b8f39980b7d44da8c00d604eb6086f089def237313b7baaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d65c5cd84e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:10 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=18>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft0sbTiz3KdKVV4d7u8%2BZdeRxOWwobyONjRq9vtlM%2BWPPMVObSwIY4qfYs2bM%2BXjGWvQaeFN7OSI8C%2BobSm9hsIb%2Fgs8EcT8dj7cdD8UbRv8IIM%2BhxL73IBjf73EMn2Ey3oa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ Frame 4F69
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76528
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d65c59ea6a22-STL
content-length
4547
b6e9c339-b9a5-4b0d-bf5a-888cd2489dfb
null/ Frame 5C5B
1 KB
0
Other
General
Full URL
blob:null/b6e9c339-b9a5-4b0d-bf5a-888cd2489dfb
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
truncated
/ Frame 37A0
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 37A0
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 4AF5
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 4AF5
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 5C5B
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 5C5B
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame FC96
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://data.bolamerah.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame FC96
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://data.bolamerah.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
52715e16-0542-4489-be69-0c6eb8346a27
null/ Frame 4AF5
1 KB
0
Other
General
Full URL
blob:null/52715e16-0542-4489-be69-0c6eb8346a27
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
9b966272-7f4c-4f8a-9154-a1d5e9b4fa9b
null/ Frame 37A0
1 KB
0
Other
General
Full URL
blob:null/9b966272-7f4c-4f8a-9154-a1d5e9b4fa9b
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
/
net.itupaito.com/paito-harian-hk/ Frame 416F
95 KB
18 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-hk/
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9cc708ea9ac724a2f399afe8807324aa9ca7dcfd8659a2c912514aab065032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d65d6e5b4e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:10 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/18>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=18>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23Uo7QT2W1k1uvwXO2sggXH166WkDP3i9wrHKl3N%2BJFg5vDbBnr9RjsrbnMYYmGOxC0xsBTbbixD0zycwc7CV%2BeAzInprFB%2FMkoD7WTx0fGiNUPd4umc0f6Jh2e6fmvnxy9m"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ Frame FC96
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76529
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d65d6a486a22-STL
content-length
4547
ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
dpm.demdex.net/
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=76687
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
44.234.228.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-234-228-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-usw2-2-v050-004bce71a.edge-usw2.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
QVpzeKdvQEM=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 3B8E
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853710
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
efMi0rJiVLjsMCfl_9OCXaRx77RwOUpe_ksySWlM2RYL9mzfRwZtxg==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
dpm.demdex.net/ Frame 1668
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=18639
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
44.234.228.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-234-228-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-usw2-2-v050-0ce6e86b4.edge-usw2.demdex.com 3 ms
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
nD9syIbdQtY=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 1513
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853710
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
PLSLmfueKk6R6LT4pommKu5t-mMLYnLqtdnO_5yitQhEFHDXKs0gsw==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
db_sync
px.ads.linkedin.com/ Frame 9E9F
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=13068&pu=https://medz.forumituct.com/
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E28C478DA33F4765B382AC6D892D924F Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FnP7ergKmWBGW9FeQ==
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 5C5B
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cUAOi47lgIBFuFxTyRD6By8DQ6Q7sxtCDgfBd29jaowY7WTq2ZPkfDYyhDfQu5LBDvVn0YyItxeu5geYYYiHmLIB0NksM4vLPEz2ITf1nmdgQAbVRovzEDlxerEslpGagWN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d65f695c4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 3B8E
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770631
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
ta5dczNSnyOBYsLfO0gDYW6O2gfl0_gpUvW1z0IjCtd46zbI1-J-4w==
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 1513
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770631
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
gnq7UhbUglmokE6QhPwIenlP2yyFWcQv9wk7GfDdEnE6oBgannzlng==
cc_3023.js
s10.histats.com/counters/ Frame C5B6
18 KB
7 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_3023.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
3
etag
"73940338"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d65f8b2e6a22-STL
content-length
7567
/
e.dtscout.com/e/ Frame C5B6
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4542820.php?4542820&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mAIJOS%20-%20MASTER%20AI%20TOP%20SDY%20SGP%20HK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s3023&@ten-US&@u1600&@b1:42034284&@b3:1704175808&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aijos.info%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073ec469082f98b81bf0038021090404b1f7533ab236c6633f58df8463d4542b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-t
0.265
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8g9XbCgGhTTmt7ukqByGGc0eDhEMFKla%2FULsl4tixi1TwMmjWog8Wtp%2BcBVoLt979%2F5j6xNal24%2FGZtHG6rOIFmy2hUAeYm2TJWWe3WxkICRE2wslLf%2BUjl%2Fq9kapcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d65f8d046a1e-MCI
expires
Tue, 02 Jan 2024 06:10:09 GMT
4725990.php
s4.histats.com/stats/ Frame 4F69
435 B
570 B
Script
General
Full URL
https://s4.histats.com/stats/4725990.php?4725990&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBola%20Merah%20Hk%20-%20Bola%20Merah%20HK%206D%20-%20HK%20Fortunes%20-%20Paito%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s601&@ten-US&@u1600&@b1:-28352722&@b3:1704175810&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fdata.bolamerah.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
e78037d5acd790fbc3ffbf9c424d49913ea33a6520101833863027528a9e013a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Connection
close
Content-Length
435
Content-Type
text/html;charset=UTF-8
cc_1033.js
s10.histats.com/counters/ Frame 5DF2
15 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_1033.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734c14e84ff8761bc051ed5aaaf859e6405762c676239af86a63243231e01173

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:41 GMT
server
cloudflare
age
6826
etag
"77917907"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d65f8b2f6a22-STL
content-length
5820
/
e.dtscout.com/e/ Frame 5DF2
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:143972148&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d50cf1fef1db2e325c6ef1875bb76d16dde50eac69f6b9d864ff5b6c2b0527

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-t
0.291
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GaOWsJ3hi%2BGfl0SOrGxt89uXoBh03bJSefDfqPIcntEYLo6mI76yAtRbNmKi6Zob0hbixV6M%2BjHM0fgdWKliTE8A%2F8GyhJwvJjw5Bpc3djwggo8o73hJQQm6sp%2FreI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d65f8d0b6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:09 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 3314
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 3314
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 4AF5
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeT%2FF332JAey%2B96rgvn7I2Q%2Br7J7WBcOHGSm0Db1ynYlW5jYKgpSV0JeCnEfschidPSbln8c81O8AYqkmW8X%2BFRaGJzXkMToaZMdsjmzgr9VxRGve4gY7wMW%2FC1QEaK5pN95"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6600a7a4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 37A0
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dQ53WIt6c06DNpXM87FPgEaG8Z4q2bWHkhIxnfKFecWdY6pc0i4ho0cjaKwM0cYDSoG10c9kZ6QAOBeXogMSxOAHHjayXRZHn21desIroJ38tVxLYHiFoHl4PllZYWv5MzN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6600a7e4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
4725990.php
s4.histats.com/stats/ Frame FC96
435 B
570 B
Script
General
Full URL
https://s4.histats.com/stats/4725990.php?4725990&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBola%20Merah%20Hk%20-%20Bola%20Merah%20HK%206D%20-%20HK%20Fortunes%20-%20Paito%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s601&@ten-US&@u1600&@b1:6006075&@b3:1704175811&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fdata.bolamerah.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
e78037d5acd790fbc3ffbf9c424d49913ea33a6520101833863027528a9e013a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:12 GMT
Connection
close
Content-Length
435
Content-Type
text/html;charset=UTF-8
style.min.css
pools.comunityhk.com/wp-includes/css/dist/block-library/ Frame 1DB1
107 KB
15 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Dec 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1add3-657d31ea-102d3c;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKoMQVaPRk%2F6aKp95A%2Fx%2BPKMHDqwlV%2Bcbgnwdtq4tMTh4Ns8lUBLMdKgT9Ts9VXvC7evZqnFjrcQ8YdrmSmlrMRa3zKp2P1oGPlV9hdH2jvw7N6VgsUWbwAABwaHbeAjZTLHENO%2FVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d66028294de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:11 GMT
css
fonts.googleapis.com/ Frame 1DB1
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:55:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
genericons.css
pools.comunityhk.com/wp-content/themes/frontier/includes/genericons/ Frame 1DB1
28 KB
16 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 03:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6e71-63d8876e-103448;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVx7n%2BDCqsTD0jVko8SrkLcSL8c3WLgM817uJal8XWaC3DTFu7j7%2FjkZXCXyfg3fNhw4cwVhfgc4Z0I3IVPNHr2e9CnGCAf3WoPPKakO6%2F5faPD71Nce9yL7LxldY5fQwVEl%2BDsbrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d660282c4de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:10 GMT
style.css
pools.comunityhk.com/wp-content/themes/frontier/ Frame 1DB1
26 KB
7 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 03:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6685-63d8876e-103470;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1a5qgq%2F8A2Hu5ThVx4colMnoyCj9R58BaX2HwOE0YzoOtsK6Re5lKTo5Pw0nQVrRag7fLu%2BDs49h0f3ePP22yVW2hTHdG29axZ%2B9b0B6qH29NCoaaM2ivHYYrATHXP46KVHc0Ysaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d66028304de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:11 GMT
responsive.css
pools.comunityhk.com/wp-content/themes/frontier/ Frame 1DB1
3 KB
1 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 03:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d3c-63d8876e-103480;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdn1YbyUx1qXHn2CNlmjv3oxe0TsgfJXUdd%2BJ6MV3mVg28xVCMRAR3%2FKanFGshCo8nax1beYO60nxUTXTdu6h2H9m7Q4A8PK35r7sfua8P2PzRihuSz5SxZvIBQOTSduenyjOfhRgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d66028314de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:11 GMT
jquery.min.js
pools.comunityhk.com/wp-includes/js/jquery/ Frame 1DB1
86 KB
31 KB
Script
General
Full URL
https://pools.comunityhk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Dec 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15601-657d31ea-102cfa;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9Y9Hrfl%2BlVFw3BkKvaTeVo3eEMyY8waKxRZcT%2B8HHtxTEuyHI7DVIBUTghlOQ5s7BE76FBbeNf4AgmkuxPvmT8s4GERRwdRqbX4VnHFP7QymRSeZxC95bArtVb1zOz0zxGJRkE%2BKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83f0d66058804de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:10 GMT
jquery-migrate.min.js
pools.comunityhk.com/wp-includes/js/jquery/ Frame 1DB1
13 KB
5 KB
Script
General
Full URL
https://pools.comunityhk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Dec 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3509-657d31ea-102cac;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTrWOr9f8VYXCsDvEQePO%2F%2BnSlopoe%2BcBGdn%2BC5Jq4AbuQvpIpguykJ6KBdUUZj1wSk5tfY8zga7DNKOuFH1QcVzmevXxQt36y%2FBySD8gHggLz7fUWAoO3rxkVhjprzbF7Gnypj%2BXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83f0d66058834de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:10 GMT
css2
fonts.googleapis.com/ Frame 1DB1
1 KB
483 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
138e7f355c55bbf2b7b3bbed2b52f37ed4b733dc7715eb10aa2c2bcda7d23a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:59:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
css2
fonts.googleapis.com/ Frame 1DB1
2 KB
561 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Play&display=swap
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
fch-oioi.jpg
net.comunityhk.com/wp-content/uploads/2023/01/ Frame 1DB1
64 KB
65 KB
Image
General
Full URL
https://net.comunityhk.com/wp-content/uploads/2023/01/fch-oioi.jpg
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b98d72d997cb3f5c346c1a25a5317cde74d32c5cb790437f1015f9e7d62fc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
65615
last-modified
Tue, 31 Jan 2023 04:57:56 GMT
server
cloudflare
etag
"1004f-63d89fd4-822c4;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbKLMZjx6sZfuy2dc38GLhKkA3PtLKdPKRW2GCM6n7e1eePkGh8e%2BjSAgF5DeRpHTEzMBtbcalcE4LQ4tDB6IvN451YoJUMGi5xR5D4WNv9hLRPsgH2ZFFxcB7WbDrCrobdfHpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d66058874de9-MCI
expires
Tue, 09 Jan 2024 06:10:11 GMT
fch.png
pools.comunityhk.com/wp-content/uploads/2023/01/ Frame 1DB1
469 KB
470 KB
Image
General
Full URL
https://pools.comunityhk.com/wp-content/uploads/2023/01/fch.png
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f4127dbd19996763ec55ace69d11c721df35853d7603a695b856881f7593ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 03:57:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"754cd-63d891a7-103389;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE5luMP0DVQzOn0WO4EUXrznauvQfdY8MOtaanG49f1%2FMwwPNZa1wsXkTN%2FpDHHBSX7bAItL0fZNglqcPc7ODaqYt3bTGkUDvPvbWBJ5V1J81ZEm6VARE8k5m1rvwsgOyZZrPHoTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d66bbd874de6-MCI
alt-svc
h3=":443"; ma=86400
content-length
480461
expires
Tue, 09 Jan 2024 06:10:13 GMT
style.min.css
pools.comunityhk.com/wp-includes/css/dist/block-library/ Frame 48A7
107 KB
15 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Dec 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"1add3-657d31ea-102d3c;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y7Cn7KiIpCNLltg4f%2BybGFTEhIwGpYGGrq7lcsVWZuakVLgZtrt%2BO4JiQkDbJ921PlF03pdTvM%2FRn%2FXi%2BGOY%2B0eGZrpPzhffKEhvyoOctn1G9bADZ8smVAPjUtrK%2Bqfee5iHbKrEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d66028324de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:11 GMT
css
fonts.googleapis.com/ Frame 48A7
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:31:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
genericons.css
pools.comunityhk.com/wp-content/themes/frontier/includes/genericons/ Frame 48A7
28 KB
16 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 03:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"6e71-63d8876e-103448;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thNSv5JLmvYqf53lo52o0ygNhzZckmICSTzvuQJkehpKkPNwYADNq7anWiu1nsNo7BePVhduMadUcnFQ6KIpCVltGzyng2fdmkaXjP9I1SgIyfKvqKMmRwMBvJtfS6%2B0pTlVt6hAVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d66028344de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:10 GMT
style.css
pools.comunityhk.com/wp-content/themes/frontier/ Frame 48A7
26 KB
7 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 03:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"6685-63d8876e-103470;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fg6T4DRVZcjW9p56ugidSruiTj1Dv5AmAu73zrqw76ZDLDpWHV8j8PHOmSyDKom93W%2FfLTU3zwjCFEaBj5dw4RmkwMYlL%2FDZQgKeFRogFLeolISj%2F1dmcysT%2FyjEKuXpdBeV5%2B2mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d66028364de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:11 GMT
responsive.css
pools.comunityhk.com/wp-content/themes/frontier/ Frame 48A7
3 KB
1 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 03:13:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"d3c-63d8876e-103480;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdwTDqOTE9N%2FZ4tpH2boHc0NJM45H8sX7C09IdH8xj5vSY4EsS9locN8uk2oWXWQwV5IF349PhSh0uov3Mqz84O0B4QHhQnaZ%2FEnUFZwvo6H%2FjOICkamlka6iOhFqQNQOeVouVmYPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d660283a4de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:11 GMT
jquery.min.js
pools.comunityhk.com/wp-includes/js/jquery/ Frame 48A7
86 KB
31 KB
Script
General
Full URL
https://pools.comunityhk.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Dec 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"15601-657d31ea-102cfa;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoEsn22KoYNeeMcBvigVWr%2Ft2Y6aFqDcHhwf7q313y0sGEmOSMM8cAthBYfKi79kIF9fr0LkPEN0rBpsttwLCORCPKOxfHgRQkbjn7DcjO06PrTEuKRAyvAjBsO6Jk23RqvViEmZ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83f0d66058854de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:10 GMT
jquery-migrate.min.js
pools.comunityhk.com/wp-includes/js/jquery/ Frame 48A7
13 KB
5 KB
Script
General
Full URL
https://pools.comunityhk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Dec 2023 05:13:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"3509-657d31ea-102cac;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEQAGkd8qJr%2B92%2B0X8fE7DidRYMSd5ZyWLjKP4OyoAHW0I54osonBSm2xnuqt7azYjqMAL%2BdI9kftnCbxx4rv7kQ%2FVJcC8krw8Ntm%2FAfYiIdHDgD9IZGnRsMOXUS%2BUJq%2B9Jw57GcmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83f0d66058864de9-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:10 GMT
css2
fonts.googleapis.com/ Frame 48A7
1 KB
483 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
138e7f355c55bbf2b7b3bbed2b52f37ed4b733dc7715eb10aa2c2bcda7d23a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:26:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
css2
fonts.googleapis.com/ Frame 48A7
2 KB
561 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Play&display=swap
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:01:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
fch-oioi.jpg
net.comunityhk.com/wp-content/uploads/2023/01/ Frame 48A7
64 KB
64 KB
Image
General
Full URL
https://net.comunityhk.com/wp-content/uploads/2023/01/fch-oioi.jpg
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b98d72d997cb3f5c346c1a25a5317cde74d32c5cb790437f1015f9e7d62fc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 04:57:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1004f-63d89fd4-822c4;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NAYBUzh8dWRkHPo4LSNGGhVeiZbYHLfPQs1zaz3yOlKc%2FJ3CUgbrQB%2FkJiuP2TVDbiOcGyFHwQmZGmhschSaBIJk%2F6fEyRes3pNibgp%2BwqRE2hujvlqYnBSFTKVU5gZ5K0zi7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d66058884de9-MCI
alt-svc
h3=":443"; ma=86400
content-length
65615
expires
Tue, 09 Jan 2024 06:10:11 GMT
fch.png
pools.comunityhk.com/wp-content/uploads/2023/01/ Frame 48A7
469 KB
470 KB
Image
General
Full URL
https://pools.comunityhk.com/wp-content/uploads/2023/01/fch.png
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f4127dbd19996763ec55ace69d11c721df35853d7603a695b856881f7593ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
480461
last-modified
Tue, 31 Jan 2023 03:57:27 GMT
server
cloudflare
etag
"754cd-63d891a7-103389;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93VUevdjaFH974yED72VzpwUnDPYdnmwvbZmDpf05dNLVTthcaxvE58ARWL7NOh5JEWe4w2dZdX8otzbM8tFmDxqwz5cfgdQo4mpwt0pHTNsk91nLD5eV6m5Sxsz6O11Rls9UrBKzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d66bcda64de6-MCI
expires
Tue, 09 Jan 2024 06:10:13 GMT
1fe58c22-8ec0-43f9-af01-ea4c0fe55495
https://pools.comunityhk.com/ Frame 1DB1
1 KB
0
Other
General
Full URL
blob:https://pools.comunityhk.com/1fe58c22-8ec0-43f9-af01-ea4c0fe55495
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
f27912e9-ce4c-411e-8767-481c073b39ba
https://pools.comunityhk.com/ Frame 48A7
1 KB
0
Other
General
Full URL
blob:https://pools.comunityhk.com/f27912e9-ce4c-411e-8767-481c073b39ba
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
cc_331.js
s10.histats.com/counters/ Frame 330B
19 KB
8 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_331.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e7227e04393bb6223ffc5ea952a7ae9f332cdb78207b178048a53f84e8918f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
49170
etag
"-959646999"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d660dbaa6a22-STL
content-length
8459
/
e.dtscout.com/e/ Frame 330B
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4563875.php?4563875&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMASTER%20ANGKA%20JITU%20-%20TOGEL%20MASTER%20-%20AIMISTIK&@n0&@ohttps%3A%2F%2Fmedz.forumituct.com%2F&@q0&@r0&@s331&@ten-US&@u1600&@b1:83043130&@b3:1704175809&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmaster.aimistik.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddda443cdf4571845d1355643305b77436bea8dadade37744eac1ce86c4bbcb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-t
0.283
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=641BlXsgY01PvH%2BqEYGv77%2FO4H7zdrN5FbCNVMgARI%2Fd8729CTvMxfFS4srlKwKLLfxkhO9DNP6fNIxBhJRINYuPiVtWJKK3weSphrW1o6kr4g4krJ9%2FHTaH6uaFZek%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d660deef6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:09 GMT
/
net.itupaito.com/paito-harian-sydney/embed/ Frame 232C
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sydney/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4939ec43504b049baac11915f63710ffabf7bbacdc5ec97b3e67ba5bba60aedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d660dbab4e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:11 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=14>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=436m5BdX%2Fae6vhVmolwo6vLL4Z9SDqhpvuGqke4Y2wcgrmFJrUIoARTtQC0IRXVKCTxE%2FSdoSP9qsSkBAaTavuilOX3QNHQdnCLWvahO6KpN2wwLOCDaN6wMJZ0PcB6r1voe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-harian-sgp/embed/ Frame 8CD4
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sgp/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab63016140afc419d1550363e2abe5ecc1604d7c0eb64017006f9a2966a17d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d660dbac4e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:11 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=16>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A5edNFuyOXPwqLD8krs8YQAgobz%2FMbusI6sRWuCIPnv9r20YjQSagUjBHJqLYrHHeQVp1UsZgKJ0Ve%2Bwh9UBc0BkeDbDG6Up6%2Fxxy5pp8D8HhyQEqsKQsPimX6FqpJnCuub"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-warna-hk/embed/ Frame F116
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-warna-hk/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10525d6414fd7e4bfded204f858a0b7d5e0c84670f945efe5f582400c1bbae3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d660dbb04e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:11 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=24>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFBKXO5Mb%2BiY%2Bkl7WiAbE8RkmM2%2B2AQoj9CWfDWQ1jWE8QKlEMNMO0l%2BZxeyDgKf6fpHPWlmYSXtfCFbvJ2BK6%2FiGy2cvIOrsmkmZjxNSsjmhpywBGLDjX%2F%2F9kWfHPqG1sPc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
style.min.css
net.itupaito.com/wp-includes/css/dist/block-library/ Frame 9B47
107 KB
15 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iNOMByjvo%2BNS4%2Brv7rwzianm61A31967VEzwYLxK6aVrOd6S9k7VCTiOl7Unl7jaVNbuaWsWMSzKUckLHYgiJVWc0kNXmYf2G3wklKe7GJNAWC5tRDo68DsCc7XtSfmvDDI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6611c424e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
css
fonts.googleapis.com/ Frame 9B47
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
genericons.css
net.itupaito.com/wp-content/themes/frontier/includes/genericons/ Frame 9B47
28 KB
16 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKuNQbD6qVG71pfcUdTyJ%2F1Qro5U3gnXTdLyTSZf5Y8ow6r25YGt0OTfbwqe00dLq0Y6v1ih0NjJGlNh93gSEwzIwjn54e49u8K1WjOyj6m77tKN6SUC%2BbsQSeZv5iTwanPN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6611c484e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
style.css
net.itupaito.com/wp-content/themes/frontier/ Frame 9B47
26 KB
7 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2liYfOjqVOMYfodlyV5tCwi2pUVAI2vynkCWwZG8Mv0WZS0g4mHwyOgZKFRq%2BhxoE9la%2Biwd7fIHsoCXNwVk%2B6JWBuf%2BS%2FqPFs1SFw4RcsD0NjqvtQzb2qswyo1L1G%2FfEcU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6611c4b4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
responsive.css
net.itupaito.com/wp-content/themes/frontier/ Frame 9B47
3 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr0Wk5nUrDkjRYR5Hmx5FkdZeXjCFYyG909Ku3%2FNbv9jZOfgU9auVFKrXiNSQZDUtSnOyqC5Ke%2BaQhWXf5ZLrcPBgwNN%2Bed1bilqot40ItfcJOhm7uSPDYvGnLRENau3JJ%2BG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6611c4c4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 9B47
86 KB
31 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbgrLs4G0wKYUGRqzvCM%2FYJJ%2Fr%2BSeo5YUmmh4%2Fj284wg9F2rgiyovKk7NoWXsHnpZqt1EXgbwV4Vhw2nlsSPeddMEO8mKW0UbEefin2XKQvlq6sOdXTPW4jMUJImWhot6GiS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6611c4f4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery-migrate.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 9B47
13 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92EGHk%2BEzqYGwB9MneYRCRPcy9DkCYtYpjwIJkLCAwzan9dY9xfWYMDegFBIUE7bQFRWghsUe%2BV9353if3RPigI1AfQipFgZDJjWeo0tO%2Fx51wrCMYUz7gsZZ3D70hFVTmKM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6611c514e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
itupaito.jpg
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 9B47
41 KB
41 KB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/itupaito.jpg
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2148e4d782585cf051fc1e4260e1aac881e9b3d7016a5a88f709ac8667124f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 11 Dec 2023 02:46:37 GMT
server
cloudflare
etag
W/"6576780d-a23a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKBWyXIBOLcQzlqwBRA1HPmP3pjFWrTigqMViwgp%2Fm%2F1a%2B7Ddl05vjfjdK7LQMvTNqVATYcoNLLHW0TTDjYb%2FmXRp%2F%2BDAG2JciYGBs7TuDiZFG3DPowJ5POq31jsmxHyv0OZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d6611c524e01-MCI
ezgif-2-57185206c3.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 9B47
3 MB
3 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/ezgif-2-57185206c3.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f603e8ca70ab2fe4e27345b6ed4777e0d4229e10158318d2d56188737e3c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:22:15 GMT
server
cloudflare
etag
W/"658d0607-37536c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee23OLjZbEmMYY9RqCSagnLw1krgwBC9q56Z46ZtLJKK6dHCzGOkAGqOZ6kiUPDPia848ws1lvlDKZkT3gJlfVbZqMCxylp%2Bl5N16vtafLgMJevgWzwNtssibS2u4TaN9gVPPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d6611c534e01-MCI
dewahk.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 9B47
1 MB
1 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dewahk.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29eec787b47f80e9c88f284711a9960b7234312cdee191b60b8a791110402b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:10:10 GMT
server
cloudflare
etag
W/"658d0332-12ab6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHro6wr0%2BPzxPB%2FsIGGWz6212wWv8%2Fp4VBZQIly7rmyQKnQi8zbdPsouWe8ChhZQuOhEDe8Pd7C9p9p6CYa7W8B%2FIc%2BM65pq54T5xYW6uNPJCjC%2BwXp8ra8pX7h2UBH0Ic8iKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d66408a84e01-MCI
dwjt.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 9B47
2 MB
2 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dwjt.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc490ec6a9b3acd4ab42676d2be07d89f943b43c5fcfa814ff1a2240d8adafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 04:59:03 GMT
server
cloudflare
etag
W/"658d0097-1e9f81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8uMpD9msKKPXUB7MhiUrJCu42y%2Fy4Gc7rpRfnYl2y49qgVvRCWRLGoeO%2BY0qucvHpGXVxvqPiIsezI16kdGhx7E8ZawGRqXODzs5k76NOPB2G1juDIQVqh5EjNFJ5YSvro4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d6657ad04e01-MCI
kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 9B47
1 MB
1 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
79fd518534c7a5da85d4c1e31b84ef8492a73bfc195a59983579ebcdf97004f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:20 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1488081
expires
Tue, 16 Jan 2024 04:57:56 GMT
domino88_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 9B47
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/domino88_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
be94d0e3dc5a19a564e445be20558efee2eeb851b453faaaedf82f9e0db68f6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:08:41 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1998053
expires
Sun, 21 Jan 2024 12:45:52 GMT
dewacash_gif-banner_prediksi_728x90.gif
sniperbom.files.wordpress.com/2023/10/ Frame 9B47
98 KB
99 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/10/dewacash_gif-banner_prediksi_728x90.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ebd6573326882892ed88414467a25bb6c0f05266418e67816dbd8779c22b6be1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2023 04:02:28 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
100715
expires
Thu, 11 Jan 2024 04:06:20 GMT
lapak303_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 9B47
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/lapak303_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
61c8a7e7fb9f931484a0f4f1ad9fffd134f92497ebd2fb11671bca96e5cd2553
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:03 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2071280
expires
Fri, 12 Jan 2024 18:31:40 GMT
itupaito.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 9B47
37 KB
37 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/itupaito.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c549eca6d723d2d78691f886ce702f3df04cb59ed4848d778d2d4d68451eab4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 16:34:14 GMT
server
cloudflare
etag
W/"654a6706-935c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnK9LcqU8vN3E9QPXkQ0rx1LXI%2FY%2Bj9LP4MlPqKmNFB8BZXZW98tch3l6pwj1c2wY4hFtfM%2F%2FoikWeJbmmhawvJRWKf257p7uit7Y4%2FhUJqXaiCd8hNVJmRWURXTGXAZCJ0l"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d6658ade4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9B47
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 20:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 20:20:13 GMT
email-decode.min.js
net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 9B47
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wropk04itBjfkejpz7Ioq6GzxCRa26NU8Q0Hv64j5LKdfKOot0poM25a7X0N1hKf6V5NuI8VF79JzIv9cwHR%2B7ekIlXHYcApMdAOz70oTb8mSpXYNGGH1uvc3EGYeyFYCC4i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d6658ad64e01-MCI
expires
Thu, 04 Jan 2024 06:10:11 GMT
jquery.modal.css
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 9B47
823 B
824 B
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuRXzSdsx20bv5FeiHtGxkWCMZTP1mw%2FIXxNAFs0YrlYoiFeBGV7o7Msv3jcAP8MDIuGHOFRxfCqAugBqW9qIbrTa%2FfrzdawAuZTxiTUGZ6HE4vYRwEMwiSgfw1iFbugK%2Bzr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6658ad74e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.css
net.itupaito.com/wp-content/plugins/uji-popup/css/ Frame 9B47
2 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vljIfktT86%2F06ZTZ0NOI5b0kv3JS0Jequay90b9WUgJMo%2FyvHSUULaT%2BFYVREiTDN4Rrxqd8zRaES7znzPDfw44v4DznhGv0rHfbGLG6gvx6GCkm89%2F8p26hk%2FhlqN7UE5C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6658ad84e01-MCI
expires
Wed, 01 Jan 2025 06:10:08 GMT
wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 9B47
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BIFE4zdjvgQuN5l%2BkReoaG1qdJr7sqmLiCuflxLBLoxR1hxds8%2FfhyMPEVKitx%2FBxTFJ4nuHovR1Z2XBze0ICEpGAcoNlG55X3SwjlGXwSRS92at8qkp%2FgCR4QMnh8BwEPn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6658adf4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.modal.min.js
net.itupaito.com/wp-content/plugins/uji-popup/modal/ Frame 9B47
4 KB
2 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVTVCAlVTvxbWr8Gab4X%2B1T7rmqswEBzK0fwKAaplBo7B6h8%2FGhnYHE2Hld252ByyPPUaFQVgW%2FTXAY8nB%2BoU%2BpXGJYt%2FD7%2FA5p0Dj3FLyW5VXA0FWSGGfpthBtCzSQifOBS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6658adb4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.js
net.itupaito.com/wp-content/plugins/uji-popup/js/ Frame 9B47
2 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm%2BuAP%2BrzqNLhCYqpBdIWa5YAOHVHfqP2OGFSQUabf8yLQ6a4ZoAQQVdt88gjut2b6HAQUh3gE78jO6jzLt6BLJOGASmROqHEU4yOnf2ZKLobT6sj4TXcdIpFGvgKthnMFGV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6658adc4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
/
t.dtscdn.com/widget/ Frame 5DF2
0
425 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&r=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
1.83
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u%2F%2FX7qe%2BkYR9dOtD80S1tUtBHUlzhH7V7eec0x84kNGfhKXT7mwmQxFBcq9Yien7TcQf7NR%2B6fkD1vL6PH%2FBnVgtZt%2BCW5cULbtF2ti0iWAdNdLY2uouCNp%2B2EY8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web14.ny1.dtscdn.com
cf-ray
83f0d661298e4e03-MCI
expires
Tue, 02 Jan 2024 03:50:25 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5DF2
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63668
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
uWsor-hCZvIPgpcOn8rZxxpDMGjVEOxN6qZ54509wZsJdeT0vyplLg==
dtscout
pd.sharethis.com/pd/ Frame 5DF2
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 5DF2
51 B
337 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=net.itupaito.com&_ss=6rr3z3hycq&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4g9n&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4fa44201d7d99bcd15b4675c64e6bf9015cf220d3298dc5f43c3263d905fa2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-t
0.142
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ov8hGB2Oo%2FWHfKWERA3x2erZfo8XvuXxCKjxXL%2BHP1fvXcKfasQyK7pQA4qurS2dhmrQ508M3Yl6JTYU43ZfDnTGIzBmN65uSy8P6l50CPdmgvzNHcXBJQFEY4LSNE%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d6612f4c6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:09 GMT
truncated
/ Frame 5DF2
662 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1688533b1bb11d75812e5afc6b7844471b159688a7f5223f97a32eea9ee14c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C5B6
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
t.dtscdn.com/widget/ Frame C5B6
0
279 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmaster.aijos.info%2F&r=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
x-t
3.08
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLsp5iyK13bc%2FJXINiI%2FTkkZxb0OAX%2BzCij7y3C2qZMS%2FDNaVXOk2l%2FwuHmAwY3%2F5JBx%2BpNHayeQSz9n0dR5rhUe4vUsApBJSQuY1OqwRreqzLnlyyb9Wihm7R1jOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web15.ny1.dtscdn.com
cf-ray
83f0d66159f34e03-MCI
expires
Tue, 02 Jan 2024 06:10:41 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C5B6
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63668
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
9cbVeWFqGgacVHQXx0BOF2ZTygi2oKQ-6e0pDl0xFLn-LM1_QgLY-g==
dtscout
pd.sharethis.com/pd/ Frame C5B6
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame C5B6
0
277 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=master.aijos.info&_ss=51sj67tz7f&_pv=2&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=238x&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-t
0.109
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruTHr49E%2Byja6ms8VIJCw%2FJt1HmUtIEy8RLAdgAgdTJiuJFnWef3AxXW3k5mqdLPv3pAH9Ol%2FZxAYvhK%2F7gjGS4awBlRxajE6eABNCzYVsi%2F0h552fC%2BEH%2B6JerXBl8%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d6615f986a1e-MCI
expires
Tue, 02 Jan 2024 06:10:09 GMT
email-decode.min.js
pools.comunityhk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 1DB1
1 KB
1 KB
Script
General
Full URL
https://pools.comunityhk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK7WYrRsGGXqY5cabX4ngu0x9QCFwduaZpyD3I3SRcXeLqo%2BPQNkNF8MsSkpIAg5GDNqZia1iG%2FEjLhCwX%2BV3AamtqgM7qWxM83lZqs%2BNS%2FoPhPbmLvyhXaulJSXnDs3QOCeGss4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d6615f984de6-MCI
expires
Thu, 04 Jan 2024 06:10:10 GMT
email-decode.min.js
pools.comunityhk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 48A7
1 KB
1 KB
Script
General
Full URL
https://pools.comunityhk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyZEEysGzt5GJ%2F9LV8ngr8QWBNz79FhNU7wmFon3PM1IP63EabgOENBds4EvRi9ctNZ8PniGnE2pghdYFf%2FKbXzLyTJbYDy8jqeepo9agp%2FNEqz43M2mDve3EyMMl8niyjk65ds0YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d6615f9a4de6-MCI
expires
Thu, 04 Jan 2024 06:10:10 GMT
cc_601.js
s10.histats.com/counters/ Frame 4F69
13 KB
4 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_601.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
67826
etag
"-433514832"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6616bf46a22-STL
content-length
4486
/
e.dtscout.com/e/ Frame 4F69
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4725990.php?4725990&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBola%20Merah%20Hk%20-%20Bola%20Merah%20HK%206D%20-%20HK%20Fortunes%20-%20Paito%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s601&@ten-US&@u1600&@b1:-28352722&@b3:1704175810&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fdata.bolamerah.net%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560ca2354d933350abd9fa1d1b028e14fdc5beb63fcbb94e0d5b56698a30eaa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
x-t
0.264
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg8x4ASs0hkux4Hkzf7lLuUbrA40tgCVgke87Ue1L7z88ystjSnfjQfedtuBb7Xhd%2Fta8jLUMho1eDSUcT6FtPlipY%2B34d0P%2FBqApKEUC3v0B2ddiqZMfRGNG4o8geQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6616faf6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:09 GMT
truncated
/ Frame 330B
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65ff71b69e1b131836cba65761d020f91e023fda6d2c2ce79cdc800c5c66e3d5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
style.min.css
net.itupaito.com/wp-includes/css/dist/block-library/ Frame 416F
107 KB
15 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGXyHD%2BnBqz%2FXkbCfij5wroTFfhdkH5bE5thj2QPOCUQSSrDmJhveJKarlOrXRxpQ1%2FRCkOUTDJvmlOjf4yefvMxr0GnMPy2NEhScuLLONJ6mUYo32Qt8ASL9aiBn2oQzc8N"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6622de94e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
css
fonts.googleapis.com/ Frame 416F
9 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f10.1e100.net
Software
ESF /
Resource Hash
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 06:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 06:10:10 GMT
genericons.css
net.itupaito.com/wp-content/themes/frontier/includes/genericons/ Frame 416F
28 KB
16 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6e71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTO6lN%2FAfr6YCZsDzrNKi%2F94MrNRlc5vW6tSpVcX0PrU02uZIGmxCqqUoNJa0dhUx75rPdZqUETwL8UBPT9M8jTwFTR4angXqt8QS30GMFH5kv3%2BlMywz6EBnkgOv4JHnXGk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6622deb4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
style.css
net.itupaito.com/wp-content/themes/frontier/ Frame 416F
26 KB
7 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/style.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-6685"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHclQARcqtsTR98MEComecyBBpu0YD50DVqlW2%2BpDUFyR5iHVZLfA8lNsZe0hRno5TIGN0zYZbWSsj3gMOhCWsChJK4DVsJ4SFv8VgSC9C2c1LiP6X0NKJZh%2F5boD6vnUqkY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6622dec4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
responsive.css
net.itupaito.com/wp-content/themes/frontier/ Frame 416F
3 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/themes/frontier/responsive.css?ver=1.3.4
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 22 Oct 2023 14:45:04 GMT
server
cloudflare
etag
W/"65353570-d3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D7ryBEO5qTtsdwWQN24I0d2MbQMWldazbxhZlAl8DeNVJLo%2BGXrjJiT23HWE23swr2osJEppcJnXFZChyGXCJs%2F6lX1i2fANtM9YZ7uHwZ0bbB2a4oRXb2r4t54mwxz7i%2Fs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d6623ded4e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 416F
86 KB
31 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d8WwfbLBpXqmzq2%2FpcGBoCYjtpW81GGcqePwozAwA2VxNtC49%2FiVgLAOuYJXKPCUAMcGPMgh5gpLTIU37bsCeRI1aAS5erRdi2JrjQR5kJCQZgXA1cv4tqQJME9JzRAeWw6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6623df04e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
jquery-migrate.min.js
net.itupaito.com/wp-includes/js/jquery/ Frame 416F
13 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFvJb0n2Rf6AzAf7ajnyCfTQ2xrJyb8HlFvM0OfyNPmrpN9QwMm286oVdFR6MdnW6oSssAm1sJVfiS48Ic6XapQjneyz9dFjLhABQoyETgwIQBBodo6l50gNHfsz7TQ6EK8%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6623df14e01-MCI
expires
Wed, 01 Jan 2025 06:10:07 GMT
itupaito.jpg
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 416F
41 KB
41 KB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/itupaito.jpg
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2148e4d782585cf051fc1e4260e1aac881e9b3d7016a5a88f709ac8667124f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 11 Dec 2023 02:46:37 GMT
server
cloudflare
etag
W/"6576780d-a23a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzkUwP%2BGXdJcHrPub92rxDya%2FewR%2B%2FJz3Fr5OVd83ozliJ8r8wJbF2%2FWdydK3pEUeazqKGCSJHpzfBLNubee4qItSl%2B7hh5WbDURJuaurioGPt5K%2BcdimIN3WSvH3PN0er0USA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d6623df44e01-MCI
ezgif-2-57185206c3.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 416F
3 MB
3 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/ezgif-2-57185206c3.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f603e8ca70ab2fe4e27345b6ed4777e0d4229e10158318d2d56188737e3c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:22:15 GMT
server
cloudflare
etag
W/"658d0607-37536c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFsw5Ip3nC%2B4shlJL11rSeoqznQx%2FRXeo4Y5SiCjqapTquEEAk4sNd8zwxMOzWXHrnK14P3Dn0rYZ9GflogG1Y4oxNYZ79AkkfchQlwzpkNedn5Tz2zbbSyHBRq%2FMARlSOy9Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d6623df54e01-MCI
dewahk.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 416F
1 MB
1 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dewahk.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e29eec787b47f80e9c88f284711a9960b7234312cdee191b60b8a791110402b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 05:10:10 GMT
server
cloudflare
etag
W/"658d0332-12ab6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STdGWZMGTVruNOCI2hI3Rh8M0B8AfyK8x%2BGNZfsImTc0X9IeXRzXwaUHh%2BTDHDD7ujM6L8CYFTYXeltu%2FC3CKLB5GvGLOjEbb2EeH1CzzPzpoz7CXBKplfP28e0omfGncKnMYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d666ccb04e01-MCI
dwjt.gif
blog.itupaito.com/wp-content/uploads/2023/12/ Frame 416F
2 MB
2 MB
Image
General
Full URL
https://blog.itupaito.com/wp-content/uploads/2023/12/dwjt.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc490ec6a9b3acd4ab42676d2be07d89f943b43c5fcfa814ff1a2240d8adafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 28 Dec 2023 04:59:03 GMT
server
cloudflare
etag
W/"658d0097-1e9f81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnwsJhYnMowbIcRXVDYWpy3hq3fWNleQqp%2FC5NfuS8xiIYF0yhTw067XT%2BuqVJlcCiRZ98eSXAXC3HrA3p86d6VnRzJKiLstvF9mJDsQPddul4FZm0ik9p05iq44TA1Hc4ad0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
83f0d669b9624e01-MCI
kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 416F
1 MB
1 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/kartupoker_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
79fd518534c7a5da85d4c1e31b84ef8492a73bfc195a59983579ebcdf97004f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:20 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1488081
expires
Tue, 16 Jan 2024 04:57:56 GMT
domino88_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 416F
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/domino88_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
be94d0e3dc5a19a564e445be20558efee2eeb851b453faaaedf82f9e0db68f6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:08:41 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1998053
expires
Sun, 21 Jan 2024 12:45:52 GMT
dewacash_gif-banner_prediksi_728x90.gif
sniperbom.files.wordpress.com/2023/10/ Frame 416F
98 KB
99 KB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/10/dewacash_gif-banner_prediksi_728x90.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ebd6573326882892ed88414467a25bb6c0f05266418e67816dbd8779c22b6be1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2023 04:02:28 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
100715
expires
Thu, 11 Jan 2024 04:06:20 GMT
lapak303_gif-banner_prediksi-mp_728x90_edited.gif
sniperbom.files.wordpress.com/2023/12/ Frame 416F
2 MB
2 MB
Image
General
Full URL
https://sniperbom.files.wordpress.com/2023/12/lapak303_gif-banner_prediksi-mp_728x90_edited.gif
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
61c8a7e7fb9f931484a0f4f1ad9fffd134f92497ebd2fb11671bca96e5cd2553
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-nc
HIT mdw 19 np
date
Tue, 02 Jan 2024 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 03:09:03 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/gif
access-control-allow-origin
https://sniperbom.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2071280
expires
Fri, 12 Jan 2024 18:31:40 GMT
itupaito.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 416F
37 KB
37 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/itupaito.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c549eca6d723d2d78691f886ce702f3df04cb59ed4848d778d2d4d68451eab4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 07 Nov 2023 16:34:14 GMT
server
cloudflare
etag
W/"654a6706-935c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCvbEdlnBWPQQCpbK%2Bi6hT995lxSc7Rk4eQTW6X0QofWQwA%2Fy78q8Q8EbNTa4No66TkKgFgMn3%2BmT6d6n8wcf06p1I5P%2BRAf2HRs0NzL93tI%2BMJzJGbwZISM2v85hHueYBCm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d669c97d4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 416F
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 20:20:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Dec 2024 20:20:13 GMT
email-decode.min.js
net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 416F
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BOVZUn3NO6YOHtqd3hK%2FRPx0W6k0yHY%2FYGKczORSZweQyAVDMJNUvNGJVqJmm5iW7g8cbG96miBUgSkWnj9tEBMWj8X3BApBpqmTsTnlVZ5Gwerzyeb530QI94rr2Att0RV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83f0d669c9744e01-MCI
expires
Thu, 04 Jan 2024 06:10:12 GMT
jquery.modal.css
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 416F
823 B
821 B
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KObsB3XB2DfIbici8%2FHVf9xR6f1Kr93F9jvVRz6taB3GhW7Vq8IMtw0lQouU6pX7tG7wmKYYzXeZ7ol1uOXneej7PRd9rdzOROfOlIIKxRgMN8l%2FIEaQ14ajOsBenF0TGJqD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d669c9784e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.css
net.itupaito.com/wp-content/plugins/uji-popup/css/ Frame 416F
2 KB
1 KB
Stylesheet
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx8pMa1O7AXgnM%2FrU5sbHPoOzjcV8kFVKPextWvA39rSg1w%2BeDeDSWhuIMUD8XocMNJUkB3aebf2DGhcMR6jsmykLh4Dx93SKwtBMOtFAXnMDfrG2sJNxRLXCOJ3XSChHZXl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
83f0d669c9794e01-MCI
expires
Wed, 01 Jan 2025 06:10:08 GMT
wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 416F
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf7w%2BCIg9tUF%2BvcG5ChJJIJSMqTq6fXkh07z6%2FrAN0a1R0f8lRGtBYolm%2FuvKQNAqAXPjaRD46EhfeHPxgebWylzo1m2cqYSF0%2Bpe7Rkn5akkUK2OREJO6rdAwJy3H0Ue8kI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d669c97e4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
jquery.modal.min.js
net.itupaito.com/wp-content/plugins/uji-popup/modal/ Frame 416F
4 KB
2 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-10ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDAta4Dfv9bbpUI%2FKALqT4f%2BYQmzJKrJdkH5q%2FYxo8wmF1%2FWzf%2BeP1CMN2C%2BqjABsdysVQmyRB3NIgDVOZXuotig7xwEQjBQal4piKPZzbUaNXX7k6TtHHzmwjTuG8gOj7M6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d669c97a4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
popups.js
net.itupaito.com/wp-content/plugins/uji-popup/js/ Frame 416F
2 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-8c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2Pt1%2FzZeWfEw%2FFxH%2F6lcg0F3hb47Tyo6OMkCSIgX%2F8JiD%2BNXhEDMsSq2SKa8xMbVKyhWsdnEVGO9ZWOIfA53uY9uNqQBcXpB7%2FopRJvfcJFjUA66JZXH158Y0YXAP95D%2BpO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d669c97b4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
merge
ce.lijit.com/ Frame 9E9F
Redirect Chain
  • https://um.simpli.fi/lj_match?r=89511
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
998 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:10 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:10 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:10 GMT
t.dhj
t.sharethis.com/1/d/ Frame 5DF2
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4607512998044092&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:10 GMT
dtscout
pd.sharethis.com/pd/ Frame 5DF2
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aimistik.com%2F&event_source=dtscout&rnd=0.4607512998044092&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
onetag-geo.s-onetag.com/ Frame 5DF2
50 B
455 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:10 GMT
via
1.1 0c4024c249c7bc0948cf981ba6a5def2.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
65dd97d6-d161-4dce-a14b-85e144de3c8c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dOgHi1CYcEGEw=
content-length
50
x-amz-cf-id
Cx_SaNAYawRGK0MwO3okIgpXAUfa-QETnTdSK0OMTR13MaTlTeuMNg==
/
t.dtscdn.com/widget/ Frame 330B
0
444 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmaster.aimistik.com%2F&r=https%3A%2F%2Fmedz.forumituct.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
x-t
3.82
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8DhuZs%2FU9jJJ8A9xYVqNyxusDPp0jbSDCJT%2FoGJtFdKzC0FX8YdobgOiQvqR6Gs3eVxb68g6H86owBEWJupxqXytteVw9jx7hpM2pY%2BP1gDQ3a7OEm5n61%2FSJ4BQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web4.ny1.dtscdn.com
cf-ray
83f0d6627c264e03-MCI
expires
Tue, 02 Jan 2024 06:13:41 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 330B
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63668
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
_xT48WnLLrlpGKW6A5136lzJSJOKWF4WIb-g5ZMNBPVSV-YiJ34nTg==
dtscout
pd.sharethis.com/pd/ Frame 330B
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 330B
0
313 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=master.aimistik.com&_ss=3qc1tkzenv&_pv=2&_ls=5&_cc=us&_pl=d&_b=chrome%40120&_cbid=3a2i&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
x-t
0.109
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E1DdnhigeIWY3RT%2FKoD0sZuJJ8mzZ8j3%2BHUTonQVTshzDuRY4bbdfugi9h%2FOOBIpqdgIcWiYB4rZnz55F8LAbGQtiHYRmFp3gXyS0VkkRoZI5xwp3gqIw3Jfa5%2Bb5w%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d66278f46a1e-MCI
expires
Tue, 02 Jan 2024 06:10:10 GMT
t.dhj
t.sharethis.com/1/d/ Frame C5B6
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9574538986377004&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:10 GMT
dtscout
pd.sharethis.com/pd/ Frame C5B6
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.9574538986377004&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame C5B6
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1276
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
wlzdu1AHRIOTU4Qj8dsjIOOkigNag_eECxKqlQZB3gBX2nNkJ-kN0w==
wp-emoji-release.min.js
data.bolamerah.net/wp-includes/js/ Frame 4F69
18 KB
5 KB
Script
General
Full URL
https://data.bolamerah.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 29 Mar 2023 21:43:04 GMT
server
cloudflare
etag
W/"6424b0e8-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5kaL68TqgvoHYuQANFX%2FW%2BHHeErjSF8D0N6i2LTRMm7R4GL23wCwBwxbubKGnk3ZUScg9CSz9KP3O%2F29LXuYOcMYUmzT7wGH%2B%2Flx3WpMEcToxDWIvsuUzzl0qwmJ0QU64kwl5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d662ad7b4df4-MCI
/
t.dtscdn.com/widget/ Frame 4F69
0
364 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fdata.bolamerah.net%2F&r=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
1.77
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KieKCfwjr9mQtQI5ogWpO4xarLznMBy3sOjElDAYAuXhbvHqrGfinMqrRhBPzmcDKfxe3rgb%2FFI1tFPWMBqapvO%2F8CGhVlvJQ3wpOOM3SAb%2F26ePfGntcNw%2BmZEqPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web14.ny1.dtscdn.com
cf-ray
83f0d662ece84e03-MCI
expires
Tue, 02 Jan 2024 03:50:25 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4F69
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63669
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
rkiFJRFQI9ImqhVmYHcAdkdbF7RRocnouJN7HrofUPQy2C3ZH5MQjA==
dtscout
pd.sharethis.com/pd/ Frame 4F69
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 4F69
51 B
326 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=data.bolamerah.net&_ss=3savppj0lh&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=7chf&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96f5c5d8591da4219b0a43e92b9701d211ad30c11520d9ab677f6710715a99f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
x-t
0.172
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSDV5eF2yui7vpi2GMxUAlUolTfuZrd57%2BaTnpOYIC2APWFaHV0%2BTEuZyb72QL%2FYoZUCp3v8VaTkSk%2BVUlI7oEKEvNsdI6ITepotZzGxcT%2BnLl1XCx5MWJPdaxZ5UWI%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d662e9b06a1e-MCI
expires
Tue, 02 Jan 2024 06:10:10 GMT
t_.htm
t.sharethis.com/a/ Frame 226D
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4607512998044092&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t.dhj
t.sharethis.com/1/d/ Frame 330B
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.26642518492134526&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:11 GMT
dtscout
pd.sharethis.com/pd/ Frame 330B
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.26642518492134526&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 330B
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.18637002806212366&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:11 GMT
dtscout
pd.sharethis.com/pd/ Frame 330B
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.18637002806212366&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 330B
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.07212644534473545&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:11 GMT
dtscout
pd.sharethis.com/pd/ Frame 330B
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.07212644534473545&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 330B
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.25254160044571594&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:11 GMT
dtscout
pd.sharethis.com/pd/ Frame 330B
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmedz.forumituct.com%2F&event_source=dtscout&rnd=0.25254160044571594&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t_.htm
t.sharethis.com/a/ Frame 1107
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9574538986377004&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
v2
ap.lijit.com/readerinfo/ Frame C5B6
119 B
541 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://master.aijos.info
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 330B
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1277
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
luic8ZxXuMjc869JxrN3ttlL3pKID2anuDeGo4kgf5IfuGgpYy-Iug==
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 5DF2
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1277
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
6wutY_Hj0yRqTTwbW8qPiYw-VYaO3KY7cispM5W4t4VyBrHP8mDmoA==
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 232C
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjoMjEhdIlHpqb%2Fx7%2FEL%2F4V0lHP%2FCbAej7NIvUJnlia%2BMyNdIYtNN3WlmtlX1xjKluJWjXzNbkoPCd0i6WFg4MCtsirvHGn6OY1LLDAtiPQl4E%2FBemVshs70mIMmHZnpqyh0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d664590a4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 232C
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpavvB8Qx8IEZBKF8IhA%2Fl4aMKEkHMGnzaCTtet9PBucQubYKsb3kaRWwkrYqdjuOUVA2QG9R%2BrGSfb8pnu%2F%2FDdOj3KNO6XErYHOZaMSNjD%2FmEBBw97nuqGR%2BFu2%2B7YnayC4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d664590b4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 8CD4
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vy%2Bcot7ChOWZO46kO85aS3cK0GSbuVhg0unbAq3AOyo677hZId45D3%2FL2IUt7PVYT1yuOHNoQdPF8r2eN3EiQIHmzRNK0QXEr0n2h1W%2FGe0NuhipIwrbVfaLoWvxt%2FMiepjC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66459134e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame F116
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2F7pfHDS6NvQmjkMPBTalFlxFD3cY0NvWyS6f%2Bw9o5YZrm6EdgOiexl%2BtEps1NYzI0SNdp7AEnVbqmwpkt57OHVExLgE3cq1bJYR2VNluI%2Fo%2FQ6u7%2BxYmQNXktz1lSSAH6ZQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d664691b4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
t.dhj
t.sharethis.com/1/d/ Frame 4F69
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.05038886802364928&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:11 GMT
dtscout
pd.sharethis.com/pd/ Frame 4F69
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aimistik.com%2F&event_source=dtscout&rnd=0.05038886802364928&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
close.png
data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/ Frame 4F69
4 KB
5 KB
Image
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6593a017-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiI6PiCjk689v0PVNwDQ4LCPik6ssg1oPUR%2BuAgvoQGijmoWCYNxvcAfFZwzpRrXca4qpl2wr92U9y%2B1a63sh75aYds6qoGix9TWMiCYXV3b006VuLVH%2BKK8KTdf1Oeio1vdoZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d664a8604df4-MCI
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
merge
ce.lijit.com/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H7CyjSZHio99Iu_wQ8e-eYFF/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=79da43ccf13077612bbc33c1eda67811
43 B
1001 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=79da43ccf13077612bbc33c1eda67811
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:11 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:11 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=79da43ccf13077612bbc33c1eda67811
cache-control
no-cache
x-server
10.40.58.70
content-length
0
expires
0
pixel
ps.eyeota.net/ Frame 1668
835 B
1 KB
Script
General
Full URL
https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
df4bc03f643eaee45ba846c8fb5f8d29918e2dffac8f4e052ef94e665a7867e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Length
835
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
wp-emoji-release.min.js
data.bolamerah.net/wp-includes/js/ Frame FC96
18 KB
5 KB
Script
General
Full URL
https://data.bolamerah.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 29 Mar 2023 21:43:04 GMT
server
cloudflare
etag
W/"6424b0e8-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnLWlfRFiVHOZ0BlYcW63UYGod2ZImq3qPNf7KDiJe%2Fw4i0xZnN9C7YMxMK5EwWtPQTiPoENZ2gR3sVgwcCZXF6EyhDb1oTqPvgSoDPhRLmPw3NwI69ciEvKJ2OGmZrwmZvWTGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83f0d66508d04df4-MCI
/
onetag-geo.s-onetag.com/ Frame 4F69
50 B
456 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2, JFK52-P2
x-amzn-requestid
35699d49-d4c2-4def-a003-a98f9c7ccc2a
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dOlE9EiYcEcuA=
content-length
50
x-amz-cf-id
nGTRA9Aqpd6-Ad_IrRQLzUyC1RgNIYbpQl2rLrDl_wbRtJsoqmD1zA==
truncated
/ Frame 232C
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 232C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 8CD4
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 8CD4
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame F116
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame F116
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame F73D
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:11 GMT
js15_as.js
s10.histats.com/ Frame 3314
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76530
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6654d406a22-STL
content-length
4547
t_.htm
t.sharethis.com/a/ Frame AD6E
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.26642518492134526&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
ce3cc428-4304-413f-9743-0b0202930cab
null/ Frame 232C
1 KB
0
Other
General
Full URL
blob:null/ce3cc428-4304-413f-9743-0b0202930cab
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
3d5b1394-fc42-439e-a001-37f45f462a49
null/ Frame 8CD4
1 KB
0
Other
General
Full URL
blob:null/3d5b1394-fc42-439e-a001-37f45f462a49
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
36c6e9fd-089b-4d26-ae53-d9b66cb35859
null/ Frame F116
1 KB
0
Other
General
Full URL
blob:null/36c6e9fd-089b-4d26-ae53-d9b66cb35859
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
t_.htm
t.sharethis.com/a/ Frame 6729
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.18637002806212366&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame F4EA
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.07212644534473545&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame A037
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.25254160044571594&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 9B47
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 9B47
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
35759
i6.liadm.com/s/ Frame 9E9F
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=39793
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=79363d6d-3dc6-42db-a1a9-d035557bb78e
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=79363d6d-3dc6-42db-a1a9-d035557bb78e
43 B
274 B
Image
General
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Server
3.223.167.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-167-169.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Date
Tue, 02 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 3B10
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853711
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
br67m24TItX246aGxQDP8D7C7vCyYHibkJtL8u2prESKm7fHeIiorw==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 3314
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyGCx0teYfqrRkNJLeUjzO1L3D8WlpVRL8fRBjw0ECEqYi%2B9awmDpGSf2CRiX%2BLsuhyfBdOIvtti8lCdSJIM%2BpSR9aL8cX49TY1cM%2Fu9Hu3wfnmpezGNkHRSfW4v2%2BGCGOUy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d665fb914e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
v2
ap.lijit.com/readerinfo/ Frame 330B
119 B
543 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://master.aimistik.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 1E41
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:11 GMT
v2
ap.lijit.com/readerinfo/ Frame 5DF2
119 B
540 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://net.itupaito.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
t_.htm
t.sharethis.com/a/ Frame 6040
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.05038886802364928&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:11 GMT
Expires
Tue, 09 Jan 2024 06:10:11 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 3B10
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770632
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
m_WsbGsQaNk4euUF9zMYN50a7fV9LJ55_vN_cpggPmWhhWSuTrBSSA==
close.png
data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/ Frame FC96
4 KB
5 KB
Image
General
Full URL
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.3.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Jan 2024 05:33:11 GMT
server
cloudflare
etag
W/"6593a017-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnK9tw0FNz2xDcR%2BIxcqC68c85YAtng0saM0D4FzJXvJTfSCte2J3N7%2B6itr6wvhSsoFq61O1WT6Why6IBIyjyOlw6gfylXjCHa9%2Fc6sTN%2FXoyr9lWyg0UI1fbYgBV8sGJBAm6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
cf-ray
83f0d6670bdc4df4-MCI
match
ps.eyeota.net/ Frame 1668
Redirect Chain
  • https://ws.rqtrk.eu/pushpull?pid=6b6d3924-92d3-4998-bf20-3f75688546c0&dmp=6b6d3924-92d3-4998-bf20-3f75688546c0&uid=265J83xpEOgHahGntIsii_Cx00YRyJUpEknu9wPSrbwM&cb=1704175811&src=www&type=100&return...
  • https://ps.eyeota.net/match?bid=m5ri0ru&uid=88deb437-0e30-4411-8bdc-455b8d1e91be
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=m5ri0ru&uid=88deb437-0e30-4411-8bdc-455b8d1e91be
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:11 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://ps.eyeota.net/match?bid=m5ri0ru&uid=88deb437-0e30-4411-8bdc-455b8d1e91be
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Tue, 02 Jan 2024 06:10:10 GMT
match
ps.eyeota.net/ Frame 1668
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=eyeota
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&gdpr=&gdpr_consent=
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=tpm4omv&uid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&gdpr=&gdpr_consent=
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?bid=tpm4omv&uid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&gdpr=&gdpr_consent=
Date
Tue, 02 Jan 2024 06:10:11 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
match
ps.eyeota.net/ Frame 1668
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=18cc8cb1ef6-9330000010a4f07&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=62221526355076880713237290817115184386&referrer_pid=51md42u
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=6j5b2cv&uid=62221526355076880713237290817115184386&referrer_pid=51md42u
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

dcs
dcs-prod-usw2-2-v050-06b3aaddd.edge-usw2.demdex.com 1 ms
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
KFkC73nyTRA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ps.eyeota.net/match?bid=6j5b2cv&uid=62221526355076880713237290817115184386&referrer_pid=51md42u
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
receive
pixel.tapad.com/idsync/ex/ Frame 1668
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2Yo_TSczAumwUUyZ_9Nnps-P6CwwwMjFXNHm1-8hIE6c
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9119299034427209259&pt=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9119299034427209259&pt=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2C%2C
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:11 GMT
an-x-request-uuid
615717db-6896-4dcb-8137-54522a37e3c4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=9119299034427209259&pt=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2C%2C
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ps.eyeota.net/ Frame 1668
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1009
  • https://ps.eyeota.net/match?uid=5964995709526982727&bid=9gdtmu1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=5964995709526982727&bid=9gdtmu1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://ps.eyeota.net/match?uid=5964995709526982727&bid=9gdtmu1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
4724745.php
s4.histats.com/stats/ Frame 3314
438 B
573 B
Script
General
Full URL
https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:197510175&@b3:1704175812&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
3e7514c70c53f04a3fb9e3988b373bdf352a4a9240e9d90e406a22d0bd67daf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Connection
close
Content-Length
438
Content-Type
text/html;charset=UTF-8
a.gif
t.sharethis.com/d/ Frame F73D
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811042&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aimistik.com&pn=%2F&qs=na&cc=US&cont=NA&evid=ZyzyIzYAzN-Ckc3DfNpY&urls=&rnd=1704175811739&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=344&bcnLcy=129
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:11 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame CF69
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:11 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 8CD4
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe2ECoIgPg3TSZ7U8xxgY4%2B6hN4NFSmOntSfryQaH2Z6sK90PAJ%2ByXSxIYiW2YvKDvCMF6GEsz9KtWSb7FQGCNZbwCCZ6FG7jMhSpMcH%2F8eFz1LYIEvtJdY67MdM9AOTqLfE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d667ee5f4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame B9C4
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:11 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame F116
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FRoUWmJbRvjR5CSqlLT3PjoW%2Fp4gAdgWEXhyY%2BFxyWeQ%2B%2FONttzM1iExTrNsfsALSrli2Nk0HWYnqMfsZ3zY1PhzA8eJKXX1jv5bQ3OuiZzsreZKr2JJRNsA6WsGnXwlA9j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6680e814e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame E8C4
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:11 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 74ED
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:11 GMT
/
net.itupaito.com/paito-harian-sydney/embed/ Frame 69FD
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sydney/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0e53255b1a1aafc6f831eab888822b06856a1513d8d50061a4e6f1544f7b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6687f844e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:12 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=14>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZmvU6Z5M0tnvycgj1Zfr6Fu2af7fs6Z%2FzeW22S88Nc%2FfnnVvKS2AI0Jl4eYruXBkOk0lnr5CY8gHQhn610d2uqvysgeD48m2qVWF5swA9erHcIZaR3HzDH4Csxl9s5%2F%2BhwG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-harian-sgp/embed/ Frame 16F5
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sgp/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea21799355668ba49b22455718fdd784c76a0787e6473f28cae3d0ad66cf4955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6687f854e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:12 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=16>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw5MTH71UtxLDBJPX3%2Ftgcd%2B4ByOoP2VFcqvsQRBXFLMNHg0pIVScVCDrzG8bR%2FCLk%2FuySxQTD%2FPJ37tNmxUz4VDLAPACRG1KPllBWFDfHoUf%2BQw4zk0LiMGtRirSys4WSR5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-warna-hk/embed/ Frame ECAB
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-warna-hk/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83711b52d1b6fd6c53c26e983bfb403fdc7bd55ce8190b70de29603fd3f87a88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d6687f864e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:12 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=24>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAIJp14%2BXMKbcvg2psM7flo6r7ZA5XjGR9DoGYyNZXviP3xskRXGLPSClFHtFe4iOzHICVR0bCyenv1Ki3ocFmwKPU49ciZYR9G5tkhgwXYds%2F1fGmo%2FJVdecOR7Gn5Hho98"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
close.png
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 3314
4 KB
5 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGHq8E4K6kOTOMakWEr32IMC%2Frdb9fJ7J5h9P4VPjmCxMW2sLeo7Iag%2FDMNNKNuKkKX8qsuTrpKCpUMWjApCHM3vmBp2WLIdyHCwtBQURHnbHC1WiluQCDJtIAvXzCXrSZTD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66928794e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 4F69
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1278
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
56NNdC-jy0g_P53VuyA0i2gRnjtvx_cYQA1kSi9OjcvmSisg4VwmvA==
CookieSyncThrotle
rtb.adentifi.com/ Frame 1668
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://thrtle.com/sync?_reach=1&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF&vxii_pid=12&vxii_pid1=7002&vxii_rcid=30615073-c759-4760-a1bf-863ab2b5d817&vxii_rmax=1
  • https://rtb.adentifi.com/CookieSyncThrotle?
0
284 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncThrotle?
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncThrotle?
date
Tue, 02 Jan 2024 06:10:12 GMT
content-type
text/html; charset=utf-8
content-length
66
p3p
CP="NOI OUR BUS UNI COM NAV"
a.gif
t.sharethis.com/d/ Frame 1E41
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811203&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=K3zyIzYAUDKeS9ny4FxF&urls=&rnd=1704175812044&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=489&bcnLcy=270
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:12 GMT
1540_03681
track2.securedvisit.com/sync/ Frame C5B6
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:12 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
CookieSyncThrotle
rtb.adentifi.com/
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://thrtle.com/sync?_reach=1&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF&vxii_pid=12&vxii_pid1=7002&vxii_rcid=8ce8c14c-ec60-4a3a-b455-815b2c9ed1b6&vxii_rmax=1
  • https://rtb.adentifi.com/CookieSyncThrotle?
0
285 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncThrotle?
Requested by
Host: medz.forumituct.com
URL: https://medz.forumituct.com/
Protocol
H2
Server
72.44.44.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-44-12.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncThrotle?
date
Tue, 02 Jan 2024 06:10:12 GMT
content-type
text/html; charset=utf-8
content-length
66
p3p
CP="NOI OUR BUS UNI COM NAV"
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 3382
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:12 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:12 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 416F
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 416F
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
a.gif
t.sharethis.com/d/ Frame CF69
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811395&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=t5zyIzYALi4n483y2gtV&urls=&rnd=1704175812208&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=414&bcnLcy=146
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:12 GMT
a.gif
t.sharethis.com/d/ Frame E8C4
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811426&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=l6zyIzYALM_g_yCICsV5&urls=&rnd=1704175812264&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=426&bcnLcy=146
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:12 GMT
a.gif
t.sharethis.com/d/ Frame 74ED
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811428&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=s6zyIzYAAel-5phD9pIt&urls=&rnd=1704175812270&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=398&bcnLcy=146
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:12 GMT
a.gif
t.sharethis.com/d/ Frame B9C4
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811423&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=medz.forumituct.com&pn=%2F&qs=na&cc=US&cont=NA&evid=26zyIzYAmuplRJKQ1oxL&urls=&rnd=1704175812281&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=460&bcnLcy=146
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:12 GMT
v2
ap.lijit.com/readerinfo/ Frame 4F69
119 B
542 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://data.bolamerah.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
cc_601.js
s10.histats.com/counters/ Frame FC96
13 KB
4 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_601.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
67828
etag
"-433514832"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d66b4f3c6a22-STL
content-length
4486
/
e.dtscout.com/e/ Frame FC96
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4725990.php?4725990&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBola%20Merah%20Hk%20-%20Bola%20Merah%20HK%206D%20-%20HK%20Fortunes%20-%20Paito%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s601&@ten-US&@u1600&@b1:6006075&@b3:1704175811&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fdata.bolamerah.net%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a6839c25c2aa44015b47181b2f49246e097e6aa4b3bbb28bc06f25021b3a7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
x-t
0.235
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqY0iUHDkTHOSmIGiU0waDupGU1zwXfkCqCkJYQYknfWOF8iiq5KLqfERMOsS%2FmiSdf5N%2BY67nikwtqvBWPZv75aRRV2Wfxq7hTSxxjHIX4y3avptAGFMpUaveELbcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d66b4d186a1e-MCI
expires
Tue, 02 Jan 2024 06:10:11 GMT
/
net.itupaito.com/paito-harian-sydney/embed/ Frame 0881
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sydney/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5320cab8ec82ec933f0e147b99b9fe1442f42af8ebe232838904ea9dd049d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66b5bab4e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:12 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/14>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=14>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tZqBzsnmhXycEBYN1oqlQWihXYgf5Yn2j2ioXhc40guBZSORxjbYlEqLOxjuDrtxzsCZRh%2BfAtpw5bh0kcsVvrYXshCV0v6NHoo0jlJuLncL2kRN92YXWF8sCghEygRJ77i"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-harian-sgp/embed/ Frame 075C
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-harian-sgp/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9e911ea400f2b634ff3f0318f7a6cc7d41bd63f631c61725dd496ae94af9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66b5bae4e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:12 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=16>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxMyZJyxAMhjRXBmpMfbBC0wzUVDpAQvKSEYnzmM10pL1ODItx6YwxIpNCL2fl0J13yGT1SIKirm16FRvbKJQdxEI139L66UxfkR5Lrzrb9iLc1Iy80lxuruG4zy%2FboAK1bx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
/
net.itupaito.com/paito-warna-hk/embed/ Frame 6DD2
20 KB
7 KB
Document
General
Full URL
https://net.itupaito.com/paito-warna-hk/embed/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67172f9e581cf260753e871cb3e95578bb7ae68e5c3568a08dc30b1579051ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://net.itupaito.com/paito-harian-hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66b5bb14e01-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:12 GMT
link
<https://net.itupaito.com/wp-json/>; rel="https://api.w.org/" <https://net.itupaito.com/wp-json/wp/v2/pages/24>; rel="alternate"; type="application/json" <https://net.itupaito.com/?p=24>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQv%2BUoxUTXydeWVmk58HzQOzS411c0V3bgI2uOEk3zp8f2ZelBMJqW8hppH1kvIgXHRxe0OGzMjP6tcaDVU7I6dnRMDbhLHMxGCH%2B90Tplhwti%2BwfZt6oXH%2BE0VEGYiB1GOd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-wp-embed
true
x-xss-protection
1; mode=block
a.gif
t.sharethis.com/d/ Frame 3382
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175811611&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aimistik.com&pn=%2F&qs=na&cc=US&cont=NA&evid=J8zyIzYAaIXGMNDvYj7s&urls=&rnd=1704175812363&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=226&bcnLcy=76
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:12 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:12 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 232C
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzJTnools3IYGSPpmq7NW3IKBysXeb9ZyugV67YMoc%2FbZkSwRKU9FR6ast%2BrEoBcj7pD4UtSHHHTayCtLvNxSvl3RuZj2xBoA7RT39TUZE0GpNRfBH%2BhQA0I3pPzRWd0W5p5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d66b6bc54e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
index_hk.php
pools.comunityhk.com//master/ Frame BC11
2 KB
1 KB
Document
General
Full URL
https://pools.comunityhk.com//master/index_hk.php
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0289f02df0945a734b56cbe3d9219df261c030f5a08410a2dee5dfd79a25bd

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66c1dfb4de6-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSk%2FFgFJr%2FT8ZVk8vASRXepamWoOE3Me4SDIZWPEIrXxkiOk8bVQqTJya0xZ%2F%2F%2BdSI%2BeCW1djwB6xFOiRwBUEwNo%2BIyNIW8W%2BBZkfz1ZRqiCtDjyLaKj8YVp%2B9nUfBrdLBl2kK8fmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
hk-live1new.php
pphtbms.com/hklive/ Frame 7626
927 B
653 B
Document
General
Full URL
https://pphtbms.com/hklive/hk-live1new.php
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.53.131 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
48b9d06d698b8e0488480551dd957a0003c349be64c947120eb9e6e4db80dac2

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
388
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:13 GMT
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 1DB1
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
truncated
/ Frame 1DB1
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://net.itupaito.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 1DB1
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ Frame 1DB1
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
afc8ec27017051865f6411f798ef57415d2de6d19e687052719a2c6f46059eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:02:36 GMT
x-content-type-options
nosniff
age
572856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15924
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:02:36 GMT
index_hk.php
pools.comunityhk.com//master/ Frame 25B6
2 KB
1 KB
Document
General
Full URL
https://pools.comunityhk.com//master/index_hk.php
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0289f02df0945a734b56cbe3d9219df261c030f5a08410a2dee5dfd79a25bd

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66c5e4d4de6-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uvodpj7%2B59YjzM3yf2Y9N%2FFfC4iyhv0I%2Bxy4H1huUAfmdeULK3KIEwvobp9TNFVIZhdQr4y2YBsjsyaUWEjF%2BloPo11HKo%2F8TKvYjAzQzMkVdmgWM09Rd8T13fuCcUdOCGvGzaZ2VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
hk-live1new.php
pphtbms.com/hklive/ Frame 77A9
927 B
425 B
Document
General
Full URL
https://pphtbms.com/hklive/hk-live1new.php
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.53.131 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
48b9d06d698b8e0488480551dd957a0003c349be64c947120eb9e6e4db80dac2

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
388
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:13 GMT
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
result2.php
livedraw.pro/master/ Frame 9A2A
2 KB
795 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66c7bba4df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCVNFaDNcouJbujuWc9L4lfaD8iYX7kCk9Ni4waDaShEQ8wTeFV5wLHOmP8Y%2Fy4tLHZooK%2FhCPVIy9igwrpN0xkJWORUqKNc0tE74QvjEqWemkxQbXYVBYVRIffmNhE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ Frame 1DB1
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76531
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d66c7f9f6a22-STL
content-length
4547
truncated
/ Frame 48A7
14 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 48A7
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:09:53 GMT
x-content-type-options
nosniff
age
511219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:09:53 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ Frame 48A7
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:03:35 GMT
x-content-type-options
nosniff
age
558397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:03:35 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
fonts.gstatic.com/s/quicksand/v31/ Frame 48A7
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
afc8ec27017051865f6411f798ef57415d2de6d19e687052719a2c6f46059eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 15:02:36 GMT
x-content-type-options
nosniff
age
572856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15924
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 15:02:36 GMT
result2.php
livedraw.pro/master/ Frame 3C75
2 KB
795 B
Document
General
Full URL
https://livedraw.pro/master/result2.php
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83f0d66d3cb74df0-MCI
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 06:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DfmNIsuemuVYK%2FdijGJyDFcpbXquXNje7IB%2BmVbqxirTEP2cpoxVEcEoybVeBErLO5aawETA0aulo4LeJ41vFjVCTqzz6XDhBbeC%2BOPK9Jr3fxhAcoI344vZVELuOc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ Frame 48A7
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76531
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d66d3fd86a22-STL
content-length
4547
1540_03681
track2.securedvisit.com/sync/ Frame 330B
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:12 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
1540_03681
track2.securedvisit.com/sync/ Frame 5DF2
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:12 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
wp-emoji-release.min.js
pools.comunityhk.com/wp-includes/js/ Frame 1DB1
18 KB
5 KB
Script
General
Full URL
https://pools.comunityhk.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 03:12:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4904-6424fe37-102d03;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhMls9F2qJeujxN1CJLzTo24V0KLc2XVcqKnnIjXfrMTe7xnYaR%2B2iNwQgpAocnNy4fZXtyfpXUBJed3GKtOm%2FinAtr6%2BrdteURCKK5r9i8GUPtjBEvKnTxsDM1Iu8V55iZQgNdYEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83f0d66d4f744de6-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:12 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1191
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=99437
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:12 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
OVVEXcTvYwvk6aA7w8A_Pw2v154vsePYgc_2u1T_03jjiSQLoXAQ-Q==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/
9 KB
4 KB
Script
General
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Tue, 02 Jan 2024 07:10:12 GMT
wp-emoji-release.min.js
pools.comunityhk.com/wp-includes/js/ Frame 48A7
18 KB
5 KB
Script
General
Full URL
https://pools.comunityhk.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 03:12:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"4904-6424fe37-102d03;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKo3xKQtYuBqIGnR4Ci3C2N3aTUDOhfSKob9wekj%2BJXPjiEhcSEbW8RUk8IQL%2FkxJZTumCOyBvWxRL8hKbzMjhdMGQc1E8DKSh3RNmYikIrpz8vmBp6N0Pe3x%2Fch37QZ%2BnZaQwNM8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
83f0d66e48b94de6-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:12 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 69FD
0
0

wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 69FD
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRCAour9lezP5b3jUYTjLau462hZSqAvQmq6H45Dr5lzVPYQXtrs%2F%2Bbgh%2B0BR%2BOMwq3mSWywqOWYCh0fzUojRvOYLZCsy2aYx6c6JcBGsaT6gd2aotsaNgL1hFgkF34UKXLX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d66e68ba4e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 16F5
0
0

cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame ECAB
0
0

/
t.dtscdn.com/widget/ Frame FC96
0
546 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fdata.bolamerah.net%2F&r=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
x-t
50.83
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlyKcQSzwyrfMMeQr9rJL1UTCy%2FrQzJ7UJUaUFid%2B2lXof14fJGqZCg1uFKOBiWnG9Yd6RLbP536zVYsNjpIqVRHwykpbN48RSspya96jWDqper7fmlrytxeJ%2BA3cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
83f0d66e6e904e03-MCI
expires
Tue, 02 Jan 2024 05:16:46 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame FC96
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63670
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
yuaPDvK3lDhfADcSGJysTGZ0KX9oCnGKp067DY20ga3hMFbkVuuBfg==
dtscout
pd.sharethis.com/pd/ Frame FC96
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame FC96
0
274 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=data.bolamerah.net&_ss=3savppj0lh&_pv=2&_ls=2&_cc=us&_pl=d&_b=chrome%40120&_cbid=1vtg&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fdata.bolamerah.net%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
x-t
0.1
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2B8wFkys7RH3hLbWJCqUy3wSGWZtpyFIusWstg8CE6RJb%2BIgV7UmouQ6tPAI5KJdZWe2UTEPYSF3Pws%2FY2VMblCq%2B8bIa%2B5X8ZMSLYROvfNGEb1hfkWCWQEcMnJIuJU%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d66e79b46a1e-MCI
expires
Tue, 02 Jan 2024 06:10:11 GMT
js15_as.js
s10.histats.com/ Frame 9B47
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76531
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d66eb84c6a22-STL
content-length
4547
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 69FD
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb5mykQxgv5iFM3hTJOYuETHT9Z8gHqQZH5KCrH6Fq2HKxoBnvD%2FKed7%2FsOLac3Y75lfFiPVsOVBHeW%2Bo4KKrJHDCoWjBo3p4rNPA%2FCbtUVqlXvcizuxjYlZiONzqFSFhpl6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66ee9684e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 16F5
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLyxqiRNz6JIPiy7dmdrGCg010wyK79vC4m%2B96oBhj2tGe0a4VCZq0vu7JMAn2JFQ%2BHz67E27H%2FH%2FgXaKPVruxxTHY0zKd%2Fvv5UjFiuFVOlm6moGyQGX%2Bd9kqyibNj2A2UHZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66ef97e4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame ECAB
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkEPFalHmsBoDAit4HNT%2FehCq2icLHhTc8W1WXjhINmmabCQ6CDdePOfzXMxuuxQIk5SrbEiFzxBMT8ksSf%2F6AvSsbjBizjE4ZnNzP4G%2FKBhRLlukxFt3Ai0r9XM24%2FwGnrW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66f09884e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
sync
thrtle.com/ Frame 9E9F
0
466 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"
4162465.php
s4.histats.com/stats/ Frame 1DB1
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4162465.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mForum%20Comunity%20HK%20Pools%20-%20Live%20Draw%20HK%20-%20Live%20Hongkong%206D&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s2049&@ten-US&@u1600&@b1:-183642384&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
fd1ecc634e73503f6324cdb6a0d2e4d2de9fb606c52579001481c8bde7343857

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 9B47
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE0kaNJnY9%2FfoHbSymU3OL6fXQj0n6Ss%2BxFm7980lShYrHdpbWB%2B5ttMCwbrA4aTqu9B%2FY4gO9RoPoY4gMl6MYCNvtm8q%2BWWbQjdYKB7%2BU%2FDp%2F922rsBb%2F%2FzPFSCdR5w8hWl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d66f09904e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
truncated
/ Frame 69FD
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 69FD
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 16F5
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 16F5
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame ECAB
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame ECAB
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
a3abc6e5-de60-4d25-89bc-f625553f1cdd
null/ Frame 69FD
1 KB
0
Other
General
Full URL
blob:null/a3abc6e5-de60-4d25-89bc-f625553f1cdd
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
5d718b22-e53c-4507-93e3-66c216cda46d
null/ Frame 16F5
1 KB
0
Other
General
Full URL
blob:null/5d718b22-e53c-4507-93e3-66c216cda46d
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
1540_03681
track2.securedvisit.com/sync/ Frame 4F69
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:13 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 0881
0
0

wp-embed.min.js
net.itupaito.com/wp-includes/js/ Frame 0881
1 KB
1 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 08 Nov 2023 02:44:22 GMT
server
cloudflare
etag
W/"654af606-4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDHnK5tT5U8f2ksg%2FCCtNdnlEf5IHM4sFfFRa4RH2iFRpfuFESZYS3vEIGClFTfrkbYr1VGWCBeFcjAiACACeKLQLUcH0yKw3HNWz%2FZF4QJga6JDNAKhicyvHWtWr2ELncjO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d66f49e54e01-MCI
expires
Wed, 01 Jan 2025 06:10:09 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 075C
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IEzzdqn2KGp47cSQZ8V1j0So%2F%2FLn2vaqgxTf7Bif8zm%2BCe%2BklXQIhaSK8PMCwpzSMC34wtMzLrKOeGL%2BjAjOrx55gU6Rux4iXorO3VxsusDAIhWTUCozA1IMYR%2FmGtAehn4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66f49e94e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 6DD2
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6%2BJSi%2B4qO4wOsV42ooFqmjQNKUTkEXMOm27dwqd2KygeL8Vow5uWzQR6eap8IqErXTuRHB02exkr3H%2BeRgA3kYG2xGr%2Fsi5TEGuW97EVvx%2BiCyj8w9J6G4InXq1sId%2Bk4zy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66f49f04e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
4162465.php
s4.histats.com/stats/ Frame 48A7
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/4162465.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mForum%20Comunity%20HK%20Pools%20-%20Live%20Draw%20HK%20-%20Live%20Hongkong%206D&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s2049&@ten-US&@u1600&@b1:40392450&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
fd1ecc634e73503f6324cdb6a0d2e4d2de9fb606c52579001481c8bde7343857

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
0569d69b-212e-4a89-b048-2481f56e7295
null/ Frame ECAB
1 KB
0
Other
General
Full URL
blob:null/0569d69b-212e-4a89-b048-2481f56e7295
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 0881
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em1ZXT%2FImQFxka%2BJIQE2yFvUtuoi6d8vctzUITBSc9U%2F67TtxTWpNZYL429HOp4Me92bAy5j3zrZvN7N%2BzF481%2FINmvOwHN8NKbxJseiMIXchO3nstmN3%2BHN9qjsNVOmooqy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66f7a384e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 075C
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgrzoF%2FRQoBBYy6BW0M%2BNUiEgtpLd1FnU9e9cWPVX3nt1x%2BddPGOO6kgoByvmbQ9lYA6xGEsBhjeMIIVYDNOCcqJ6EYVUzagJaL3GwDWP0t9kvRpQPFicratBmMsy2pUVbeT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66f8a494e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cropped-itupaito-2-32x32.png
net.itupaito.com/wp-content/uploads/2023/11/ Frame 6DD2
2 KB
2 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 15 Dec 2023 17:28:00 GMT
server
cloudflare
etag
W/"657c8ca0-656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cocIw%2Bjag%2BgmLIBIDC1nVs8js6kjxISLLJXzFom4oYDv1xk3fB6y1TklX9IF3DfutGLG84DZipK19zyQdRQNZj9SShCobVa%2Fqs%2B7eBEtQcU0YIn9yt09o6KLkmoCjG4pFG6g"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d66f9a5a4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
truncated
/ Frame 0881
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 0881
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 075C
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 075C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 6DD2
397 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 6DD2
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
js15_as.js
s10.histats.com/ Frame 416F
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76532
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d66fd89e6a22-STL
content-length
4547
9f22e092-fcca-4e14-a739-8a6f6a21de96
null/ Frame 0881
1 KB
0
Other
General
Full URL
blob:null/9f22e092-fcca-4e14-a739-8a6f6a21de96
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
3fb6cd59-89bb-436a-8b47-b76bd42101ec
null/ Frame 075C
1 KB
0
Other
General
Full URL
blob:null/3fb6cd59-89bb-436a-8b47-b76bd42101ec
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
06c6399b-0c13-41c9-bf10-170013ca4e59
null/ Frame 6DD2
1 KB
0
Other
General
Full URL
blob:null/06c6399b-0c13-41c9-bf10-170013ca4e59
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
t.dhj
t.sharethis.com/1/d/ Frame FC96
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7098438763028259&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:13 GMT
dtscout
pd.sharethis.com/pd/ Frame FC96
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aimistik.com%2F&event_source=dtscout&rnd=0.7098438763028259&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame FC96
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1279
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
h88ZLAX9qCOMuyE0hG4Mn9dGQE6ybbVXo692aNrCncDcA_8fcgpWEw==
4724745.php
s4.histats.com/stats/ Frame 9B47
438 B
573 B
Script
General
Full URL
https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fdata.bolamerah.net%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:-197359356&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
3e7514c70c53f04a3fb9e3988b373bdf352a4a9240e9d90e406a22d0bd67daf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Connection
close
Content-Length
438
Content-Type
text/html;charset=UTF-8
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 416F
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/paito-harian-hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaRcRInEMM3isBhMJgoi5T5O4fkj5gnzDbTPW5w6wRfgUVYoZmf%2FNFaAIon6iFmCaFe468snSMspaIZEhw5kH4WTRERIZ2ZdHmP31StEQNE%2FRMTx79Oii9Tsk1hvPvTnIynj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6704b8a4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 69FD
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qsc4%2FMbsGVch%2FZ4vHMtfPUC5Pd7wHBB%2FDGrIaX9UPlinzsPShD%2BAvtHZhFrwUTm%2Bu4TZ6GacQv89dIZs%2FiXPi7FuayB%2F6m4u414eVf77FOp4P4OspjIcbT6vfgPOzKCwBAcw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d6707bd14e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 16F5
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLUnnNp7%2B%2F%2Bn61lYLVwdeLPw6IovbrEDzC9P68gTjBwqVRA9wxeiLIjRZxy9jLEMGK1JBko%2BCmoWhs3iruD1YUVO56OrTC3vk9ES1mfK7dUm0NyAQC4mF%2F2yivUBfHzDQ0bB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d670ec634e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame ECAB
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5qQkYfo9pHgNKlbbpWvcwQQuB8NT33PaMZAjoF%2BqPzpn5JxS2XvKs7zGVEkAAoRUCHlWWkCFAmTnGTK1qA9EYM0GTOG%2Bj4Eot3QFa28Y1ZuXjUDiKltvmUtDVyrsSQmb6Hk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d670ec6a4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame D92F
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=90239
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:13 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
xlGg1XuRvlEoYvNB68SU6W9FaQ-DLpRuhCxvM2pNa4tzdz5QVIRKOw==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 46A3
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=63619
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:13 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
GI8J9gvoly-VCRFqjF8_kWk4cycOEt2DhIWEGBdU2F-K5w9q9nDVdQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
close.png
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 9B47
4 KB
5 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZ%2B0LRuRSqiOwKOIKwPzP6BsGonWEMGDt%2BvV06xNUptunTtMb6gwGfFzbI9yFFFsuNDmQ5vP%2Fh%2BViITfFEYw1Q20NXEtVQAojbhVCof%2BMt1V4fDL0CBx0WZC8zxPKsWkYjuV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d6710ca44e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cc_1033.js
s10.histats.com/counters/ Frame 3314
15 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_1033.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734c14e84ff8761bc051ed5aaaf859e6405762c676239af86a63243231e01173

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:41 GMT
server
cloudflare
age
6829
etag
"77917907"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d67179246a22-STL
content-length
5820
/
e.dtscout.com/e/ Frame 3314
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:197510175&@b3:1704175812&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
216b156ebf8735a24e403b2130b74e361d1b30d30e437ccb30902552aa75d6ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.248
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo%2BA%2BOLq%2FEikGSfOO0xNJsRos1ZriK68vmwpx%2Frzu1rsvW8A9vAZjWEpqeZE5mTWGEq69PWp0Tdyd7JePKxTHQUM%2B2vhWmMqM6bfd0T0PGC4ZqizjRP4mwVd3DFY0xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6718ddd6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
cc_2049.js
s10.histats.com/counters/ Frame 1DB1
16 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_2049.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8967c0995fbc07c6c4d30e5ca9b33604973de29f542d3710e6bbbcc1f7112022

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:22 GMT
server
cloudflare
age
12290
etag
"353935570"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d671a9346a22-STL
content-length
6230
/
e.dtscout.com/e/ Frame 1DB1
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4162465.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mForum%20Comunity%20HK%20Pools%20-%20Live%20Draw%20HK%20-%20Live%20Hongkong%206D&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s2049&@ten-US&@u1600&@b1:-183642384&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1a3050157d2ae962e88cbeed2f23f34567d5cbe210e775ee61342c9e8f3015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.254
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAOWnA%2BPcXtOBMtakyLH6DXMuJOz5fJJery%2Fpw8tXThu%2FnqGZBzfr%2FTZ94OSkOeJTdSIxIvtUNliQqDHZcHGblTzvXFX6o6vgTiaWn8lDToBDH2IYNyBrXFaw5gOrII%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d671ae1b6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
4724745.php
s4.histats.com/stats/ Frame 416F
438 B
573 B
Script
General
Full URL
https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fdata.bolamerah.net%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:-20395640&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
3e7514c70c53f04a3fb9e3988b373bdf352a4a9240e9d90e406a22d0bd67daf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Connection
close
Content-Length
438
Content-Type
text/html;charset=UTF-8
logo.jpeg
livedraw.pro/master/assets/ Frame 9A2A
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSUJ28zjejhUFBwXNm9HA1y9mnJOSHiRSC%2FT6vdFmpyhwlypNONPP13wLTfqZ388QZd9sH1RP5RmpISqiMK0nHU16GaozysZmgTQ5CA0yIDx0Y6sjy0sJSJH341EkK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d671ab804df0-MCI
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 0881
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sydney/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEsDaL8KWxV5WaRCACXItQ5uQ9pWoVufrexRW9fY299g%2B1AbHhwzBDcYt3eVe%2BroTpprLdBW0s%2Bq7eIAAqQDFNx39%2B%2BSMrt%2BiEs0r0%2BoEhEUH1ARclKWsi24EHDiq%2BkEPz93"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d671ad6b4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 6DD2
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-warna-hk/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BHssWk%2FmykQ%2Fyo9U%2BZpF7bxI%2FjZqrFA0DDytGcZfU0x4eI%2BnWuF6sgztmi%2F0u%2BqzWBJbeXdsbM2zO%2FUdnH52KBwN%2BXQEpzATvJeNnG%2BHdEqix0M2ZujVuXxUFyYVlJpbFxs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d671bd6d4e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
wp-emoji-release.min.js
net.itupaito.com/wp-includes/js/ Frame 075C
18 KB
5 KB
Script
General
Full URL
https://net.itupaito.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-sgp/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddus8pZu9u41h5w7mDRRCWC3uizzCbutVWWcrchrHCzSq5t%2BD0EWVdYImVxspHJlVSm52ozkjoAF0ShhOUIrkGWXPsvEnrPgunaUFxCkTS07HofS7%2FjymmNAhz2VMMacQV7R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
83f0d671bd734e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
52164
i.liadm.com/s/ Frame C5B6
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=51887
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
  • https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dliveintent%26bsw_param%3Dda1570b0-c1cf-4bc6-9218-2052...
  • https://pm.w55c.net/ping_match.gif?scc=1&st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dliveintent%26bsw_param%3Dda1570b0-c1cf-4bc6-921...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=WInt1Sei1RkxYG5&expires=30&ssp=liveintent&bsw_param=da1570b0-c1cf-4bc6-9218-2052f4462aa2
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=da1570b0-c1cf-4bc6-9218-2052f4462aa2
43 B
644 B
Image
General
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=da1570b0-c1cf-4bc6-9218-2052f4462aa2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=da1570b0-c1cf-4bc6-9218-2052f4462aa2
Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
t_.htm
t.sharethis.com/a/ Frame 9CA5
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7098438763028259&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:13 GMT
Expires
Tue, 09 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
cc_2049.js
s10.histats.com/counters/ Frame 48A7
16 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_2049.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8967c0995fbc07c6c4d30e5ca9b33604973de29f542d3710e6bbbcc1f7112022

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:22 GMT
server
cloudflare
age
12290
etag
"353935570"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d671c9416a22-STL
content-length
6230
/
e.dtscout.com/e/ Frame 48A7
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4162465.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mForum%20Comunity%20HK%20Pools%20-%20Live%20Draw%20HK%20-%20Live%20Hongkong%206D&@n0&@ohttps%3A%2F%2Fmaster.aimistik.com%2F&@q0&@r0&@s2049&@ten-US&@u1600&@b1:40392450&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83eeeea912a5dd2c852e32ff5d37161f3c3e8146eadd605ed41be0a91a8f2150

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.238
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CZd2%2FLBuIInJ88TsSFIuxXssQH52Hwewd8udGtoXxGMa6lX1GTqjJxIZt38uSbnc7VzefuNQnJqBG6uKkMQFqpj4yPZSyk2vOjtHnOCV2JvZiLhbFweDoGQP%2B1XRUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d671de4a6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
v2
ap.lijit.com/readerinfo/ Frame FC96
119 B
542 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://data.bolamerah.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
close.png
net.itupaito.com/wp-content/plugins/uji-popup/modal/css/ Frame 416F
4 KB
5 KB
Image
General
Full URL
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/close.png
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.5.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Dec 2023 03:01:19 GMT
server
cloudflare
etag
W/"657a6fff-1129"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUbjgSH%2F8HzRAJ7g2A6C8Yt7coD%2BTKV0vU%2BiU9s1yDd%2B3ObYV%2BmhXv7Sfn%2FojFqIdWLJ%2FKoj%2BGNP1%2F5%2FFOPF%2BrG1Htw09d8gzyW0NfJMioqewxHn7m9%2FSHDb32C3cEqFIVhN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
83f0d6720e334e01-MCI
expires
Wed, 01 Jan 2025 06:10:10 GMT
cc_1033.js
s10.histats.com/counters/ Frame 9B47
15 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_1033.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734c14e84ff8761bc051ed5aaaf859e6405762c676239af86a63243231e01173

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:41 GMT
server
cloudflare
age
6829
etag
"77917907"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d672094e6a22-STL
content-length
5820
/
e.dtscout.com/e/ Frame 9B47
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fdata.bolamerah.net%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:-197359356&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62e208fb0cc12e4d0386a3fef7446e32389d1a3337a154801f6d85fd590ac04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.249
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2VfKh9rG1dEQgeGI9JzI4fPYTnNYbFDw0HZLelAUZqT9XfMIKp1YuCdzHeIW9sYYKVexQZ1%2BCVX4wu7YsaV7L72a%2FbY1qvqYHuKCt0VEDWnqO54cgkBT6Hrk%2Bcv7Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6720e8c6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
style.css
pphtbms.com/hklive/css/ Frame 7626
5 KB
1 KB
Stylesheet
General
Full URL
https://pphtbms.com/hklive/css/style.css
Requested by
Host: pphtbms.com
URL: https://pphtbms.com/hklive/hk-live1new.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.53.131 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bfc280b741345015c121cb4ccc1dcba510a3dadc5a146fbe9ed50f11f8c853a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pphtbms.com/hklive/hk-live1new.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 07:03:46 GMT
server
LiteSpeed
etag
"1288-654b32d2-7e047;br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1214
expires
Tue, 09 Jan 2024 06:10:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 7626
87 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: pphtbms.com
URL: https://pphtbms.com/hklive/hk-live1new.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pphtbms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 10:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 10:17:00 GMT
style.css
pphtbms.com/hklive/css/ Frame 77A9
5 KB
1 KB
Stylesheet
General
Full URL
https://pphtbms.com/hklive/css/style.css
Requested by
Host: pphtbms.com
URL: https://pphtbms.com/hklive/hk-live1new.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.128.53.131 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bfc280b741345015c121cb4ccc1dcba510a3dadc5a146fbe9ed50f11f8c853a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pphtbms.com/hklive/hk-live1new.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 07:03:46 GMT
server
LiteSpeed
etag
"1288-654b32d2-7e047;br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1214
expires
Tue, 09 Jan 2024 06:10:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 77A9
87 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: pphtbms.com
URL: https://pphtbms.com/hklive/hk-live1new.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pphtbms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 10:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 10:17:00 GMT
truncated
/ Frame 3314
662 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1688533b1bb11d75812e5afc6b7844471b159688a7f5223f97a32eea9ee14c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame D005
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=28143
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:13 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
99V2oxG90--Y99Vofx12KN16zuj38t1wHzzkVVR8lEfCCxxJ4mzK0A==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
logo.jpeg
livedraw.pro/master/assets/ Frame 3C75
6 KB
7 KB
Image
General
Full URL
https://livedraw.pro/master/assets/logo.jpeg
Requested by
Host: livedraw.pro
URL: https://livedraw.pro/master/result2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.136.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://livedraw.pro/master/result2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 16 Dec 2023 00:25:59 GMT
server
cloudflare
etag
W/"657cee97-193e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUN2JfHhSOFOYv%2BlRhC8LS5FhTTyyQgjGw70p13znnkaeDDmT92mchnC7gzgSdWjdm4%2FE0L0uKQQJBJNxSVbESGJk04gtmJci6xQFZO%2FPAxRJ91Nto3PdV5S%2FYq0Fj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
83f0d6729cca4df0-MCI
truncated
/ Frame 1DB1
787 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3415e5f8a37fa5015a3d73d41543396403f0ddfe053e493f21508d07e0100188

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
t.dtscdn.com/widget/ Frame 3314
0
445 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&r=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
28.85
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txBDLX2VMkJtE7UPbtJn2Iz%2B2qbhAZblsxeSXvhBMdTINrEiVRuOfX0vX2c7f5jmUQeyvCtKADVNwYlBqdpOqDiA8WKzT7oI4%2BnQmA4QVCWbyiMdE4IdoxOTjQKvfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
83f0d672dd554e03-MCI
expires
Tue, 02 Jan 2024 05:48:45 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 3314
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63671
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Bprurzi5ZAOk0B_Fwk_BUMtNlTGRqNLhnMz25rp9KxetHrElhv3b-Q==
dtscout
pd.sharethis.com/pd/ Frame 3314
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 3314
0
275 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=net.itupaito.com&_ss=6rr3z3hycq&_pv=2&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=71t0&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.097
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1Q4rB3msrcGwX%2FiJBv9WEL1AlXeCl4gHGHorFd4mZ6EjBl6FfMBX17BRdBH1rpNcoxPo44RGEIkY%2F0kCs4Q83d9TeBO1z4YsfsysuvGphe55Suio6oxUZ77IpKvW58%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d672df726a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 48DF
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:13 GMT
/
t.dtscdn.com/widget/ Frame 1DB1
0
412 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fpools.comunityhk.com%2F&r=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
11.85
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qw%2B9QbsYZR%2Fdl%2Fi6FjwW52cJZZ8iZL%2F3Fhk9QKA1r0FtG%2Bw2E9%2BEJlRZXw4BBVZSivoqNTdUDjOTFgpqsL28k6YV1FLyXKhvsZaYSmYJgijZzCODy15iMoauEFD%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web4.ny1.dtscdn.com
cf-ray
83f0d672fda54e03-MCI
expires
Tue, 02 Jan 2024 06:13:44 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1DB1
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63671
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
YZf5MeYLBs76zn5rvcbCtAPaWHHepaJOee-EXsFQ9igvqrXBlncHCA==
dtscout
pd.sharethis.com/pd/ Frame 1DB1
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 1DB1
51 B
326 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=pools.comunityhk.com&_ss=4ogh3ucwg4&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2hwj&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ef23fa189bac70741ce7db369292ea3241388fc72ba2a5784f3a2f685eb1ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.164
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OJIYj6NNCw8weoCTQEc7HmXoBEhv02zxisgq3I3dKjplACLLg889nYnQsz%2B%2FF%2BUFzMVMq4XthXd7QXiHTMjbheaYU8CVVQW8boWxombdye2vzCBD8Yh2TloQ%2Bh%2BZAc%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d672ffb36a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
truncated
/ Frame 48A7
787 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3415e5f8a37fa5015a3d73d41543396403f0ddfe053e493f21508d07e0100188

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9B47
662 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1688533b1bb11d75812e5afc6b7844471b159688a7f5223f97a32eea9ee14c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
t.dtscdn.com/widget/ Frame 48A7
0
417 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fpools.comunityhk.com%2F&r=https%3A%2F%2Fmaster.aimistik.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
4.12
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aS61riwz5MUVoej7uCQhhh9G19ytAEGcYv4ZPxDRS4f%2BA1fU8wKYX1y9id5o1tNM7fDR2kmAA03CfLv6kXaa97Y%2BaLoQcxKM2AZ41oHV0ri53pqQhvPaCoxFNvbIig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
83f0d6735e194e03-MCI
expires
Tue, 02 Jan 2024 05:16:47 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 48A7
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63671
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
I-KdNpDRccPL2cQ4p_fgDwMi3XpUvFd4u63RV6-vCCLISFD9PVITJg==
dtscout
pd.sharethis.com/pd/ Frame 48A7
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 48A7
51 B
327 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=pools.comunityhk.com&_ss=4ogh3ucwg4&_pv=2&_ls=0&_cc=us&_pl=d&_cbid=40xj&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F&j=https%3A%2F%2Fmaster.aimistik.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36c99bb1cb6d812cadc4689f516bec97252dbfc1fa45e031899d649ef927850

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.131
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teleV6mQUNlec%2FutKtArouOVY%2FT9LJkoX2Ks6yVXcL1Mtnxv1W8CrAJb8vpFU5qFHQ%2BU%2Bs5Qed03AlLWwmCMjvBVn7d%2B%2FlunFVCyZroce1W55ysURPF9qxXNCHvkocU%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d67358236a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
cc_1033.js
s10.histats.com/counters/ Frame 416F
15 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_1033.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734c14e84ff8761bc051ed5aaaf859e6405762c676239af86a63243231e01173

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:41 GMT
server
cloudflare
age
6829
etag
"77917907"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d67359ac6a22-STL
content-length
5820
/
e.dtscout.com/e/ Frame 416F
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4724745.php?4724745&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPaito%20Harian%20HK%20-%20Paito%20HK%20Harian%20-%20Paito%20HK%20-%20Paito%20Warna%20HK&@n0&@ohttps%3A%2F%2Fdata.bolamerah.net%2F&@q0&@r0&@s1033&@ten-US&@u1600&@b1:-20395640&@b3:1704175813&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29950dfa94fac7f25463ea7a1708a6601334bc7006a4813ece81367608f66f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.323
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkjGlLgXurwh9dgYjrdJ%2BR5am0w3ZVPzba%2FVqI6q56q1QuO8H1z%2BYqj0iD%2BlpU5odDzjaxE8vsjOq0R7UAnzJyHMJwJRYVSE1q0zDt%2FWGc0xogQbZcO5GEBFJLMPloM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d67358256a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
/
t.dtscdn.com/widget/ Frame 9B47
0
269 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&r=https%3A%2F%2Fdata.bolamerah.net%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
1.5
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOCDsdqio1Ra45GdqCeSC6fCJLO6n7g2tsmy9LHM7sep1wgkbLimJwZeDNf%2B80kY5kHDtqCGkoELiXimsiCZVVOlH9NZ8dqUTeF5NBJz5TbPE572bEgckF9Q5X2rMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
83f0d6736e2c4e03-MCI
expires
Tue, 02 Jan 2024 05:16:47 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9B47
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63671
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
2M6gd3kTwn6PXDtL15ajuk_bkohHNAuXBu8TH5baXORtwMO7P2OJUw==
dtscout
pd.sharethis.com/pd/ Frame 9B47
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 9B47
0
301 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=net.itupaito.com&_ss=6rr3z3hycq&_pv=3&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=64b7&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.109
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veTKLJBhYxB68bYS3VZzRGnOrHr7yNk8e0%2FRlXEaMx%2Bxe1O4BhnWYBFLCVgHDkpK0CvbQs6kcKVw1%2BI6Fi1vY7eEPL9%2FzvI%2BqkZxBsZ7CXAKD%2Fl51R4TlIKGaZDbrPo%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d673682e6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
t.dhj
t.sharethis.com/1/d/ Frame 3314
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.540737779006236&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:13 GMT
dtscout
pd.sharethis.com/pd/ Frame 3314
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aimistik.com%2F&event_source=dtscout&rnd=0.540737779006236&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 3314
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1279
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
8HjvxioCnD6fjMyGox9iPrfFLB9FwYsY7aSP4CmL3s6LjXwI3K9Krw==
t.dhj
t.sharethis.com/1/d/ Frame 1DB1
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3783283465844127&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:13 GMT
dtscout
pd.sharethis.com/pd/ Frame 1DB1
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aimistik.com%2F&event_source=dtscout&rnd=0.3783283465844127&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
a.gif
t.sharethis.com/d/ Frame 48DF
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175813387&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aimistik.com&pn=%2F&qs=na&cc=US&cont=NA&evid=jR0yIzYAhKmgRLJUx5gw&urls=&rnd=1704175813733&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=160&bcnLcy=96
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:13 GMT
/
onetag-geo.s-onetag.com/ Frame 1DB1
50 B
455 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
via
1.1 aaf016fef66eecea8770da00a4c0e9d6.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
504c54ca-e0e3-4ae2-81ea-1d5d28cdf3be
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dO8Gj7CYcEb6A=
content-length
50
x-amz-cf-id
sN3V2_Ur337njaxIb-UgHdYFjvkHE7RsGSGU8kEZdSVyIKl9IBcapQ==
t.dhj
t.sharethis.com/1/d/ Frame 48A7
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6728698093138754&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:13 GMT
dtscout
pd.sharethis.com/pd/ Frame 48A7
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmaster.aimistik.com%2F&event_source=dtscout&rnd=0.6728698093138754&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame 9B47
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.01658996678391511&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:13 GMT
dtscout
pd.sharethis.com/pd/ Frame 9B47
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fdata.bolamerah.net%2F&event_source=dtscout&rnd=0.01658996678391511&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
/
onetag-geo.s-onetag.com/ Frame 48A7
50 B
453 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-61.jfk52.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
via
1.1 aaf016fef66eecea8770da00a4c0e9d6.cloudfront.net (CloudFront), 1.1 e6b4dbead926e5325f87837a8678a68a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK52-P2
x-amzn-requestid
504c54ca-e0e3-4ae2-81ea-1d5d28cdf3be
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Q5dO8Gj7CYcEb6A=
content-length
50
x-amz-cf-id
KbFZirTrEr48BIX6V7iQuuf-yQ9LR-ZqC7zp85VcfPoiwB_Oi-lfUQ==
sync
x.bidswitch.net/ Frame 330B
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=93092
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=833e90b2d14045db80ee46b12733997b
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Tue, 02 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
sync
x.bidswitch.net/ Frame 5DF2
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=80321
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=48fa5402f3b940dcaf8988bcda20df86
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Tue, 02 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
5
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 9B47
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1279
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
l9ZsAiBkm-9IgcawI4VdA-DPVpZZQ3XEBICYykFoHDZlUNBc7DZSSA==
truncated
/ Frame 416F
662 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1688533b1bb11d75812e5afc6b7844471b159688a7f5223f97a32eea9ee14c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
t.dtscdn.com/widget/ Frame 416F
0
306 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&r=https%3A%2F%2Fdata.bolamerah.net%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
3.53
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf7lnW540Qutad3ttvPZ%2B8S92A1BW0vjY%2B9LfLyrAyNX5aQZtSoem37a%2BwheVJfYxYwYykbyC%2BAomwSY2NeASQSHxveEk530Ira%2FwMuWjH%2BgTbndUZY%2BSB7O5UpTQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web13.ny1.dtscdn.com
cf-ray
83f0d674afc64e03-MCI
expires
Tue, 02 Jan 2024 05:48:45 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 416F
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63671
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
3h5s0i_0BG3Fq1stfqstcH_Dv6YCp4NM5MlzOqED-qu6dolyPCCzhw==
dtscout
pd.sharethis.com/pd/ Frame 416F
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 416F
0
296 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=net.itupaito.com&_ss=6rr3z3hycq&_pv=4&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=62wf&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnet.itupaito.com%2Fpaito-harian-hk%2F&j=https%3A%2F%2Fdata.bolamerah.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-t
0.123
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87qyb9LjaPzaTliMkpwTQDu5nu%2Bz3SVCf5%2B1lnqYbOpZS9tC3uMgOv%2BynnBxoFF9MHXaTNteN2KZLJHisARCtW0pfOuBrWQWnrbPW15nc%2Fbcv5gjekUMmQUdmKSqWJc%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d674a9dc6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:12 GMT
hk1.php
pphtbms.com/hklive/ Frame 7626
1 KB
612 B
XHR
General
Full URL
https://pphtbms.com/hklive/hk1.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.128.53.131 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c89d8c559b9a191a9dfe87c831fa2872cc0be7403ce5fd79f16e4155645ac923

Request headers

Accept
*/*
Referer
https://pphtbms.com/hklive/hk-live1new.php
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
server
LiteSpeed
x-litespeed-cache
hit
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
374
hk1.php
pphtbms.com/hklive/ Frame 77A9
1 KB
391 B
XHR
General
Full URL
https://pphtbms.com/hklive/hk1.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
178.128.53.131 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c89d8c559b9a191a9dfe87c831fa2872cc0be7403ce5fd79f16e4155645ac923

Request headers

Accept
*/*
Referer
https://pphtbms.com/hklive/hk-live1new.php
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
content-encoding
gzip
server
LiteSpeed
x-litespeed-cache
hit
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
374
t_.htm
t.sharethis.com/a/ Frame 829C
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.540737779006236&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:13 GMT
Expires
Tue, 09 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
v2
ap.lijit.com/readerinfo/ Frame 3314
119 B
540 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://net.itupaito.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
t_.htm
t.sharethis.com/a/ Frame 0950
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3783283465844127&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:13 GMT
Expires
Tue, 09 Jan 2024 06:10:13 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
db_sync
px.ads.linkedin.com/ Frame C5B6
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=40657&pu=https://medz.forumituct.com/
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:13 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 423688209659426995E3231FF4FCD187 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FoGw+R6QTCXq4cptA==
t_.htm
t.sharethis.com/a/ Frame 4AEF
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6728698093138754&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:14 GMT
Expires
Tue, 09 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 1DB1
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1280
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
qdkzvNw8XlAPFZcHYaK2lLU92WuuGLSrKtxBqaTSd1mFrhoukrJ-EA==
t_.htm
t.sharethis.com/a/ Frame 5DEA
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.01658996678391511&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:14 GMT
Expires
Tue, 09 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 48A7
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1280
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
uh_uLPtKt7m74DSKqBuG7AEcBvmBvEIB2eVjaJ4lKrs157KjLYeGXQ==
img
sync.mathtag.com/sync/ Frame 4F69
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=69401
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=9119299034427209259&gdpr=0
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=9119299034427209259&gdpr=0
  • https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
  • https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=9119299034427209259&gdpr=0
  • https://sync.mathtag.com/sync/img?mt_exid=36&4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
43 B
589 B
Image
General
Full URL
https://sync.mathtag.com/sync/img?mt_exid=36&4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
HTTP/1.1
Server
74.121.140.211 Reston, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1237 600843f master iad iad-pixel-x15 config_version:"2793" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Server
MT3 1237 600843f master iad iad-pixel-x15 config_version:"2793"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 02 Jan 2024 06:10:13 GMT

Redirect headers

Location
https://sync.mathtag.com/sync/img?mt_exid=36&4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
Date
Tue, 02 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
v2
ap.lijit.com/readerinfo/ Frame 9B47
119 B
540 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://net.itupaito.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 19F5
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:14 GMT
t.dhj
t.sharethis.com/1/d/ Frame 416F
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.08558347246792386&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:14 GMT
dtscout
pd.sharethis.com/pd/ Frame 416F
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fdata.bolamerah.net%2F&event_source=dtscout&rnd=0.08558347246792386&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 416F
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1280
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
ctGjSeffescOw9CeojOIhqhnmbsm7AwpWEaKvVdZxE5zkWlsSVVm0A==
hk1.css
pools.comunityhk.com//master/assets/ Frame BC11
6 KB
2 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com//master/assets/hk1.css
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8601e105167d22f226886e486ca4351330b5255350b853ee1b5fb7943c8750d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com//master/index_hk.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 18 Dec 2022 08:46:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1969-639ed35c-103ff2;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCnqhe%2B%2BBKYeMN7aNtXwGTs2OV3gDQtRJNJlVw0j007JzzPnIoK6cGr%2F%2FbVcN%2BklW6M7vqSeFeAL9SGrp43s5vmPirFcpygNMF%2BJyUpD8MkrKmLoYoF8uXlvhl9VPb3%2BPBG1wMJ9jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d6768bd94de6-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame BC11
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pools.comunityhk.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3520139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss6hKf1MsDhvbGLxK%2BqjpPX7%2BnzSliBk4T5yRLAEPUbHMKMOD2HgR18gBUV0q15qqoKr4USMCRJjVeuJo6b02sv9OnhrB%2B8cOscbpGusDTFw191Bnhh9NZgbBtvA3WddiJ5yT5RP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83f0d67708d977bd-STL
expires
Sun, 22 Dec 2024 06:10:14 GMT
hk1.css
pools.comunityhk.com//master/assets/ Frame 25B6
6 KB
2 KB
Stylesheet
General
Full URL
https://pools.comunityhk.com//master/assets/hk1.css
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8601e105167d22f226886e486ca4351330b5255350b853ee1b5fb7943c8750d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com//master/index_hk.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Dec 2022 08:46:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"1969-639ed35c-103ff2;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWqSaidb%2Feiz3CYIwt%2FG0b4mPpJ49vOckfIEkeGuVRFaI%2FxZM%2FL4PkAvirEzw3mwMwUoOyhkUhAMBDmwBUc8U5xjKjhsCUS2OfG7xKIRw7rz3XRYU2Evt%2BkKPpxTFSpanLFavSsahg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
83f0d6768be14de6-MCI
alt-svc
h3=":443"; ma=86400
expires
Tue, 09 Jan 2024 06:10:15 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 25B6
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://pools.comunityhk.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3520139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFmPfKASk4AK1gA6oktDOVNV7cHPXajw4j14X4RsfgxG1irGy%2BQbkIoJHdBX7%2FVIRm1jRxjOXxtfx4f3DyS0FGCxe04qfQH27g51zlHu5dIhoi3cIZQbKuDyLC2NiDM95j7KFLPm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83f0d67708d777bd-STL
expires
Sun, 22 Dec 2024 06:10:14 GMT
1540_03681
track2.securedvisit.com/sync/ Frame FC96
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:14 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 743D
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:14 GMT
v2
ap.lijit.com/readerinfo/ Frame 1DB1
119 B
544 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pools.comunityhk.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 0BB8
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:14 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 93D4
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:14 GMT
v2
ap.lijit.com/readerinfo/ Frame 48A7
119 B
544 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pools.comunityhk.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
db_sync
px.ads.linkedin.com/ Frame 330B
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=95510&pu=https://medz.forumituct.com/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E5FF871958134B259596D078337A4CD6 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FoNZiBSQAk49GxphA==
db_sync
px.ads.linkedin.com/ Frame 5DF2
0
141 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=87679&pu=https://master.aimistik.com/
Requested by
Host: net.itupaito.com
URL: https://net.itupaito.com/paito-harian-hk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4842001FF243420C84263E07BC37A800 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FoNfOgInB5B0A2Qrw==
t_.htm
t.sharethis.com/a/ Frame 30FB
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.08558347246792386&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:14 GMT
Expires
Tue, 09 Jan 2024 06:10:14 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
a.gif
t.sharethis.com/d/ Frame 19F5
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175813853&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aimistik.com&pn=%2F&qs=na&cc=US&cont=NA&evid=wb0yIzYA6TzlCUUrSCz-&urls=&rnd=1704175814388&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=253&bcnLcy=111
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:14 GMT
v2
ap.lijit.com/readerinfo/ Frame 416F
119 B
540 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://net.itupaito.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
136
a.gif
t.sharethis.com/d/ Frame 743D
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175813922&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aimistik.com&pn=%2F&qs=na&cc=US&cont=NA&evid=Pc0yIzYAF8m4SFBKevcx&urls=&rnd=1704175814419&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=215&bcnLcy=111
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:14 GMT
a.gif
t.sharethis.com/d/ Frame 0BB8
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175814018&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=master.aimistik.com&pn=%2F&qs=na&cc=US&cont=NA&evid=yc0yIzYAPdz9ds6efxJs&urls=&rnd=1704175814454&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=138&bcnLcy=111
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:14 GMT
merge
ce.lijit.com/ Frame C5B6
Redirect Chain
  • https://um.simpli.fi/lj_match?r=18276
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:14 GMT
a.gif
t.sharethis.com/d/ Frame 93D4
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175814024&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=data.bolamerah.net&pn=%2F&qs=na&cc=US&cont=NA&evid=Jf0yIzYAq2Gcl-708pGo&urls=&rnd=1704175814603&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=182&bcnLcy=90
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:14 GMT
db_sync
px.ads.linkedin.com/ Frame 4F69
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=81208&pu=https://master.aimistik.com/
Requested by
Host: data.bolamerah.net
URL: https://data.bolamerah.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:14 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AB18B111518F41D1ACEBC9E20A80771C Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FoRZ456G5ivo7BedA==
1540_03681
track2.securedvisit.com/sync/ Frame 3314
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:14 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 341F
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:14 GMT
metrics
connect-metrics-collector.s-onetag.com/
0
73 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://medz.forumituct.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:14 GMT
content-length
0
vary
Origin
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 8D05
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=85017
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:14 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
69WOQ6yZ2NQkmdhyDRPP1IcdC3CpkGmYvpOpZCADOXxW89NyXpKWIg==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
a.gif
t.sharethis.com/d/ Frame 341F
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175814377&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=data.bolamerah.net&pn=%2F&qs=na&cc=US&cont=NA&evid=rh0yIzYAYa_1vjNAMJD5&urls=&rnd=1704175814765&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=65&bcnLcy=97
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:14 GMT
1540_03681
track2.securedvisit.com/sync/ Frame 9B47
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:14 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 330B
Redirect Chain
  • https://um.simpli.fi/lj_match?r=15519
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:14 GMT
merge
ce.lijit.com/ Frame 5DF2
Redirect Chain
  • https://um.simpli.fi/lj_match?r=38626
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:14 GMT
1540_03681
track2.securedvisit.com/sync/ Frame 1DB1
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:14 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
35758
i.liadm.com/s/ Frame C5B6
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=79237
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=da1570b0-c1cf-4bc6-9218-2052f4462aa2
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=ZQGbn9t8Muf-Nkc2oDQC
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 0F17
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853715
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
TpB9q7P4Tow-1drS33GfOeA7tVOIslm6K9nRcWoh5ylz9Yf0-uQxyw==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
1540_03681
track2.securedvisit.com/sync/ Frame 48A7
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 0F17
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770636
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
IcYwWwEZBRqPJ4PK2yAsXn6_-5kbuFDRnpd3VufCdhV-0jEQfd7FQQ==
merge
ce.lijit.com/ Frame 4F69
Redirect Chain
  • https://um.simpli.fi/lj_match?r=80883
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:15 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3A64
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=30652
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:15 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
MT-EL80MZNfGUfRpMPl3wV6H5nqEq60HvxpHBYWKun2iG2gPFGIm8g==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
1540_03681
track2.securedvisit.com/sync/ Frame 416F
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
35758
i.liadm.com/s/ Frame FC96
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=10
  • https://match.prod.bidr.io/cookie-sync/liveintent
  • https://i.liadm.com/s/62491?bidder_uuid=AAA6J07LJ1IAABM4PAw9Bw&bidder_id=237139
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 383F
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=53936
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:15 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
a5jEggbtdF3z8Fddleb2Hfccp77U6zJCfoS5RgPFZz67lcCRbolCGQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
35758
i.liadm.com/s/ Frame 330B
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=15357
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame F957
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853715
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
SrDbBiLvWfxhp_AtUP4jo-FN4bVsXGJZNbrlnmQsXHKJGaiF1ejLSg==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
35758
i.liadm.com/s/ Frame 5DF2
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=7136
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
  • https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 55DF
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853715
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
xi2sHHigdRnvJNT8h9WA9DrVQkmguDfqz_VKed5uTEs6hpMo3GmTaw==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6644
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=67039
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:15 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
quyzWZ8uUFacKMs_ha4n2R-h8VIsF1VYaeasZ1PJzzvbyvTnHwSSkg==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame F957
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770636
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
qZQIdXZwdhz4HkwE14OVq9aUAFJum8vAq0jNjpzOZJgq16zRudak5A==
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 55DF
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770636
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
saRMk9gmXSlJt5qe0zisf26Qmgv_yA3UCtE37IeuAGQ4YOtK10cA3Q==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame E08F
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=28161
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:15 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
oSRZQsW_xNT_eBVLH-7__-MsD1S_oOO-Xu9RoymsXZw-vuIhjO3JFA==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
41715
i.liadm.com/s/ Frame 4F69
Redirect Chain
  • https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=31575
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D
  • https://i.liadm.com/s/41715?bidder_id=127211
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/41715?bidder_id=127211
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://i.liadm.com/s/41715?bidder_id=127211
cache-control
no-cache
x-server
10.40.15.156
content-length
0
expires
0
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 818D
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853715
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
8-CbDxai9FC2hhmYMDVQONf8feHq_enbRF_pPztBhd-3ski1SCCPnQ==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
41715
i.liadm.com/s/ Frame 3314
Redirect Chain
  • https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=75562
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D
  • https://i.liadm.com/s/41715?bidder_id=127211
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/41715?bidder_id=127211
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://i.liadm.com/s/41715?bidder_id=127211
cache-control
no-cache
x-server
10.40.9.166
content-length
0
expires
0
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 818D
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770636
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
PXVZvr6wVuazNPIQ4gchD8JmDeLkRRQkm2a5Mm8Trs_4Mh6j_OhpWA==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame BA41
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49517
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:15 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
b-QIKInkMpCf-MCUsnxHUxhvLmZUW_lmmts4L9s-ui6Tqj5yu6lC2A==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
db_sync
px.ads.linkedin.com/ Frame FC96
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=33441&pu=https://master.aimistik.com/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7688FE6EDB2649E5829903F98751DA60 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FojCCBat4bJITj9Ng==
sync
thrtle.com/ Frame C5B6
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://sync.srv.stackadapt.com/sync?nid=throtle
  • https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&_t=1704175815
43 B
540 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&_t=1704175815
Requested by
Host: master.aijos.info
URL: https://master.aijos.info/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 02 Jan 2024 06:10:15 GMT
content-length
43
content-type
image/gif

Redirect headers

Location
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=a5wZSxFgVdVnABCeO7Y5-LmsNDg&_t=1704175815
Date
Tue, 02 Jan 2024 06:10:15 GMT
Connection
keep-alive
Content-Length
120
Content-Type
text/html; charset=utf-8
js15_as.js
s10.histats.com/ Frame BC11
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76534
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6810e926a22-STL
content-length
4547
js15_as.js
s10.histats.com/ Frame 25B6
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
76534
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
83f0d6810e936a22-STL
content-length
4547
76929
i.liadm.com/s/ Frame 9B47
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=17514
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:15 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ Frame BC11
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/assets/hk1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pools.comunityhk.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 04:02:08 GMT
x-content-type-options
nosniff
age
526087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 04:02:08 GMT
hk.php
pools.comunityhk.com//master/ Frame BC11
4 KB
1 KB
XHR
General
Full URL
https://pools.comunityhk.com//master/hk.php?_=1704175815801
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d822a1c8566392123f15ab46b3acebbec0470bd634e113de9d42c085298c3f95

Request headers

Accept
text/html, */*; q=0.01
Referer
https://pools.comunityhk.com//master/index_hk.php
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnTN8USJasEdnsDjCYENVpJwDT9JE7E5jHZ%2F4ezQ%2FJY6l5kxd9G%2BB66NhELo9EMfiV1Sn7AUYE5zFKn%2Fvy%2FFaIzAkZ4zoBoRgI0lxylJlRkE399E3xfa6uMRrFjxRaXjoemeC34kOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83f0d6812a9e4de6-MCI
alt-svc
h3=":443"; ma=86400
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ Frame 25B6
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/assets/hk1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pools.comunityhk.com/
Origin
https://pools.comunityhk.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 04:02:08 GMT
x-content-type-options
nosniff
age
526087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 04:02:08 GMT
hk.php
pools.comunityhk.com//master/ Frame 25B6
4 KB
1 KB
XHR
General
Full URL
https://pools.comunityhk.com//master/hk.php?_=1704175815809
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d822a1c8566392123f15ab46b3acebbec0470bd634e113de9d42c085298c3f95

Request headers

Accept
text/html, */*; q=0.01
Referer
https://pools.comunityhk.com//master/index_hk.php
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khUKcWc19BTv92UFibWzEcVHdMLdBIPvCL7P2mdzhMLJ2j9C2eaWiHSnxmnciFBhojqEIYlxMSVUQHwN9%2FQ01vnxKdubPJP4%2FncQ95jZqtnucqR8wn9%2BT8biqHqxpBrgqICmFpSEEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83f0d6813aa74de6-MCI
alt-svc
h3=":443"; ma=86400
0.php
s4.histats.com/stats/ Frame BC11
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Draw%20HK%20%E2%80%93%20Live%20Hongkong%20Pools%206D%20Tercepat%20-%20Live%20Result%20HK&@n0&@ohttps%3A%2F%2Fpools.comunityhk.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-181658714&@b3:1704175816&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
fd1ecc634e73503f6324cdb6a0d2e4d2de9fb606c52579001481c8bde7343857

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ Frame 25B6
439 B
574 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Draw%20HK%20%E2%80%93%20Live%20Hongkong%20Pools%206D%20Tercepat%20-%20Live%20Result%20HK&@n0&@ohttps%3A%2F%2Fpools.comunityhk.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:18235161&@b3:1704175816&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
fd1ecc634e73503f6324cdb6a0d2e4d2de9fb606c52579001481c8bde7343857

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Connection
close
Content-Length
439
Content-Type
text/html;charset=UTF-8
76929
i.liadm.com/s/ Frame 1DB1
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=21480
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
76929
i.liadm.com/s/ Frame 48A7
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=56063
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
sync
thrtle.com/ Frame 330B
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://match.prod.bidr.io/cookie-sync/throtle?
  • https://thrtle.com/sync?vxii_pdid=AAA6J07LJ1IAABM4PAw9Bw&vxii_pid=5037&_t=1704175816.23223
43 B
540 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pdid=AAA6J07LJ1IAABM4PAw9Bw&vxii_pid=5037&_t=1704175816.23223
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 02 Jan 2024 06:10:16 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/sync?vxii_pdid=AAA6J07LJ1IAABM4PAw9Bw&vxii_pid=5037&_t=1704175816.23223
Date
Tue, 02 Jan 2024 06:10:16 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
thrtle.com/ Frame 5DF2
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://match.prod.bidr.io/cookie-sync/throtle?
  • https://thrtle.com/sync?vxii_pdid=AAA6J07LJ1IAABM4PAw9Bw&vxii_pid=5037&_t=1704175816.2946644
  • https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=8ce8c14c-ec60-4a3a-b455-815b2c9ed1b6
  • https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=914C098408F29A75EC340A0515FF3321
43 B
540 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=914C098408F29A75EC340A0515FF3321
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 02 Jan 2024 06:10:16 GMT
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:16 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=914C098408F29A75EC340A0515FF3321
cache-control
max-age=0, no-cache, no-store
cf-ray
83f0d6849c6d23c1-STL
content-length
0
db_sync
px.ads.linkedin.com/ Frame 3314
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=70796&pu=https://master.aimistik.com/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 21F59869DA8B4734BE54F185345CEB24 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Foog026jglR+qi3SQ==
/
e.dtscout.com/e/ Frame BC11
7 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Draw%20HK%20%E2%80%93%20Live%20Hongkong%20Pools%206D%20Tercepat%20-%20Live%20Result%20HK&@n0&@ohttps%3A%2F%2Fpools.comunityhk.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-181658714&@b3:1704175816&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05699461ad93a208b9bfdad5c922cb312c0c114b91384b5560e1d2466e7e1fb0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
0.266
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meqOZWg8GwoXI%2FA8%2B2ANgOrHOWilFjqYbTVNUW3xHvJb6zguULTWlN0%2Bska5c3kyiTEZVtA%2B2NLXncamBlJkEbReW7ExD27LF0Q5iS%2FVJ6vpz2GeBZoMlJs2SiiHTzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6836f866a1e-MCI
expires
Tue, 02 Jan 2024 06:10:15 GMT
/
e.dtscout.com/e/ Frame 25B6
6 KB
3 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4162465&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Draw%20HK%20%E2%80%93%20Live%20Hongkong%20Pools%206D%20Tercepat%20-%20Live%20Result%20HK&@n0&@ohttps%3A%2F%2Fpools.comunityhk.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:18235161&@b3:1704175816&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1940303cab7917f02e0bcfa14cb81e26f160391a1ed531354fa0e132051ed03b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
0.263
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPvP7KGtYrjUMu6axyPNB%2FD6nb%2F9mUzA85lcwslEh2Tuz6ldRVTyemz%2BQQZpzSsk3AnHAknO%2BQYuNq7pGwfYw79eL%2F0FmeuZyvkGSamKkxTBWQNTtJYYHOP3w6xwD6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
83f0d6836f8a6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:15 GMT
logo-hk.png
net.comunityhk.com/master/assets/ Frame BC11
14 KB
15 KB
Image
General
Full URL
https://net.comunityhk.com/master/assets/logo-hk.png
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0c3c1c0901db7a1076e2160993987e9efe89b62ad5fdc8005417fec6eb722

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
cf-cache-status
MISS
last-modified
Sat, 17 Dec 2022 12:02:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3989-639daff0-82e90;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi0M8c7rlGvOU8pQta5RVbO0%2BkHOzYJ4yT0lwrka2WL0hkzZmN7Blopno10CO3GbsHzK0IwczGYU9%2B6FrIRJl3hBorc9TzMMveJG2ACAzqeKll4V5cJC%2BsTnb6e8zUEubLhraY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d683ae614de6-MCI
alt-svc
h3=":443"; ma=86400
content-length
14729
expires
Tue, 09 Jan 2024 06:10:16 GMT
fch.png
net.comunityhk.com/master/assets/ Frame BC11
469 KB
470 KB
Image
General
Full URL
https://net.comunityhk.com/master/assets/fch.png
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f4127dbd19996763ec55ace69d11c721df35853d7603a695b856881f7593ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
cf-cache-status
MISS
last-modified
Tue, 31 Jan 2023 03:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"754cd-63d88f19-82e89;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bxnd%2BfEaTyuDaujHTMYsDUkkIgRBTwcM8N78jL9HAek40ApdPcE2viFyZCEC2KiVfegwmnVWrCqBir3HKMjOFHkT7fAShx1Y8tJERah4EZTNk3t0HG%2BF7TL4wB5oTVAXWej2cU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d683ae634de6-MCI
alt-svc
h3=":443"; ma=86400
content-length
480461
expires
Tue, 09 Jan 2024 06:10:17 GMT
logo-hk.png
net.comunityhk.com/master/assets/ Frame 25B6
14 KB
15 KB
Image
General
Full URL
https://net.comunityhk.com/master/assets/logo-hk.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0c3c1c0901db7a1076e2160993987e9efe89b62ad5fdc8005417fec6eb722

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
14729
last-modified
Sat, 17 Dec 2022 12:02:56 GMT
server
cloudflare
etag
"3989-639daff0-82e90;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHSgXhRzorPdeM%2FWf26GPm%2FPRdDp6EYzhWLAo1Zz563S1V18Qf%2Fy8dEdLnSfBZ19C%2BRjlGs58kWRvep9rIfmmduxMDi5yDmjuX7Q9UfYr21zriDenwqw8pMp6ObLDr6HiEWnvQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d683be7f4de6-MCI
expires
Tue, 09 Jan 2024 06:10:16 GMT
fch.png
net.comunityhk.com/master/assets/ Frame 25B6
469 KB
470 KB
Image
General
Full URL
https://net.comunityhk.com/master/assets/fch.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f4127dbd19996763ec55ace69d11c721df35853d7603a695b856881f7593ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400
content-length
480461
last-modified
Tue, 31 Jan 2023 03:46:33 GMT
server
cloudflare
etag
"754cd-63d88f19-82e89;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUuyV90tIpNf8HNxKMqjjRDucyLWDfo7MGz2MPlExyGAEoXDPFljMyg%2FEeJCbkstnCZVOiBz6m4Zn7mD6FpLhxHIDIW98ebyZhoQJwhjZ5QGh3nnfPOfQK4stIJ96VG5T7IQBrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
83f0d683be814de6-MCI
expires
Tue, 09 Jan 2024 06:10:17 GMT
76929
i.liadm.com/s/ Frame 416F
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=45707
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
merge
ce.lijit.com/ Frame FC96
Redirect Chain
  • https://um.simpli.fi/lj_match?r=54129
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:16 GMT
db_sync
px.ads.linkedin.com/ Frame 9B47
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=94871&pu=https://data.bolamerah.net/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C9870D4AB52C433B9E4F37BD42A71F83 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8ForhNKDv5vgalm8Ig==
/
t.dtscdn.com/widget/ Frame 25B6
0
448 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&r=https%3A%2F%2Fpools.comunityhk.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
1.34
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GuToLrlVLAEo8zJ4ZFU%2BBDKB2jv9IFGgt%2FgoZ%2FC4%2FZXR6yeuseJwM9GXAQsUR0QG8PWF5wtgvo1yRGvO4uOOra5ucKkFVd0aLAdugi9MF3qmqVFrb%2B%2BQMpeiLheIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
83f0d6845e434e03-MCI
expires
Tue, 02 Jan 2024 05:16:50 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 25B6
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63674
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
d7wF2BP4Em6jO_vdwO7BtSEMkAf1QOLrSarhMYt4kC0euBz9yLFHNQ==
dtscout
pd.sharethis.com/pd/ Frame 25B6
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame 25B6
0
276 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=pools.comunityhk.com&_ss=4ogh3ucwg4&_pv=3&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=4mus&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
0.117
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGxAPmz5WZpvRXDMFXLo3Vwkqa%2BYCrFNJ2NRwIFm2zwWT6kwuY3de0jO8gxXYtYg4olnNe0tPhNC7KZQTvQr3zYJJUkSGOxLM7GabS1CT5uuZFL0XhcooGFOFuk56uY%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d68459026a1e-MCI
expires
Tue, 02 Jan 2024 06:10:15 GMT
/
t.dtscdn.com/widget/ Frame BC11
0
423 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=104017041758038360C2DD43CC8E4CDF&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&r=https%3A%2F%2Fpools.comunityhk.com%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
1.22
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0%2BHegj2SpA%2BjT5GIhYWbpSxkI8st%2FewPbE3%2FLsRkiaJ9LPIwCe1oOJOmQDkYgFixM1JW8nyUoy7g62mPEoSW4%2BxnZVnPsqZgOTx50JNUVHg2p0H2xnbyZxCAGQeSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web2.ny1.dtscdn.com
cf-ray
83f0d6846e694e03-MCI
expires
Tue, 02 Jan 2024 06:13:37 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame BC11
33 KB
11 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
date
Mon, 01 Jan 2024 12:29:02 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
63674
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
dJT-uH4jpCQPFfi4i0FGtt0vXM-YhfUiWtcvqyRX1GO_xdib4n9bRA==
dtscout
pd.sharethis.com/pd/ Frame BC11
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/ Frame BC11
0
275 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=pools.comunityhk.com&_ss=4ogh3ucwg4&_pv=4&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=f5og&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
0.095
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdAUUKXlYTr56QlTW9v6yi37DSBB0AYd6cnChJQXZrz5jVcySPZ%2B9E1sKB8OU%2BJ0ytNp9bjh9Hz%2F9ZnlsiucpyJ7X0BOlBeCCk5U4C4p%2BYmdlRwPdbn%2Fy84GFzbp4FM%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
83f0d684690f6a1e-MCI
expires
Tue, 02 Jan 2024 06:10:15 GMT
/
dtsedge.com/ping/ Frame BC11
0
294 B
Script
General
Full URL
https://dtsedge.com/ping/?t=300&d=pools.comunityhk.com
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpools.comunityhk.com%2F%2Fmaster%2Findex_hk.php&j=https%3A%2F%2Fpools.comunityhk.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.14.49 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-t
0.6
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iC%2Bcz%2FSVi6JTvPFAECy32EiZXPPJhh8X5SkavRt2gxdrFztibXcqgqGKWSunzhhUQYmUVBM5vMAu9a1ytBOH172g7Dsbd%2F5pKwF8Q8mdXsdpg6RkGi5vzrVyIFP2KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
83f0d68468b44de3-MCI
alt-svc
h3=":443"; ma=86400
t.dhj
t.sharethis.com/1/d/ Frame 25B6
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.47453015124980924&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:16 GMT
dtscout
pd.sharethis.com/pd/ Frame 25B6
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fpools.comunityhk.com%2F&event_source=dtscout&rnd=0.47453015124980924&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t.dhj
t.sharethis.com/1/d/ Frame BC11
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5544255414193147&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1365
Expires
Tue, 02 Jan 2024 07:10:16 GMT
dtscout
pd.sharethis.com/pd/ Frame BC11
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fpools.comunityhk.com%2F&event_source=dtscout&rnd=0.5544255414193147&exptid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D&fcmp=false
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.118.251.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-118-251-87.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 25B6
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1282
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
pkKOy5zaXUsjsUFPoGHlRgNiZ0cz2uoX5Ff990EiVTuNVQKgTefmiQ==
dataBeacons.min.js
data-beacons.s-onetag.com/ Frame BC11
5 KB
2 KB
Script
General
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-87.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding
gzip
via
1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
date
Tue, 02 Jan 2024 05:48:55 GMT
last-modified
Wed, 04 Oct 2023 13:49:44 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
1282
etag
W/"934c7ce138a53a973baa02a2dbd8c23a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
jxkt9AAEGpnxPNbX6zSJDWcnXizYFMUc0GGqLMOIvpduf4uHTjExmw==
sync
thrtle.com/ Frame 4F69
0
466 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"
db_sync
px.ads.linkedin.com/ Frame 1DB1
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=91374&pu=https://master.aimistik.com/
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6E6477ADA6FA4774B7351A3385C1BEE0 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FouG0jXtsEQNLNvlQ==
t_.htm
t.sharethis.com/a/ Frame 08E0
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.47453015124980924&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:16 GMT
Expires
Tue, 09 Jan 2024 06:10:16 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 91CA
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5544255414193147&stid=ZHwACWWTqLsAAAAKTQ0FAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:16 GMT
Expires
Tue, 09 Jan 2024 06:10:16 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
v2
ap.lijit.com/readerinfo/ Frame 25B6
171 B
589 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5a24246aa191e1fa0be249ef51a63e7ece904e1ddaaaa4788bf4e7a1ea93b73e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pools.comunityhk.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
181
v2
ap.lijit.com/readerinfo/ Frame BC11
171 B
589 B
Fetch
General
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5a24246aa191e1fa0be249ef51a63e7ece904e1ddaaaa4788bf4e7a1ea93b73e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://pools.comunityhk.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
181
db_sync
px.ads.linkedin.com/ Frame 48A7
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=58178&pu=https://master.aimistik.com/
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F8ABABA683BE4032AB94372B62F0296B Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FowBBLGNeLTthjgVw==
merge
ce.lijit.com/ Frame 3314
Redirect Chain
  • https://um.simpli.fi/lj_match?r=91544
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:16 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 2B10
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:16 GMT
t_.js
t.sharethis.com/1.1268.23366/a/US/ Frame 08D5
19 KB
9 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8535
Expires
Tue, 09 Jan 2024 06:10:16 GMT
db_sync
px.ads.linkedin.com/ Frame 416F
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=1654&pu=https://data.bolamerah.net/
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:16 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 11A56508165F45EBBD758356E03DFE87 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8Fo0VqAF6NVWynpw5A==
57333
i.liadm.com/s/ Frame FC96
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=26985
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:16 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
5
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame F940
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://data.bolamerah.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853716
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
OJv8Ia3ntOr-GrO_zUAjVYic16C45QDlgz3otGierm9ua2FM-2Fj6w==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
merge
ce.lijit.com/ Frame 9B47
Redirect Chain
  • https://um.simpli.fi/lj_match?r=51223
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:17 GMT
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame F940
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770638
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
IUWOxuEWZVLbF1vxTGj8OmWWAhSStKQjx0ONiqN5luUZQQO6D_e0CA==
merge
ce.lijit.com/ Frame 1DB1
Redirect Chain
  • https://um.simpli.fi/lj_match?r=31350
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:17 GMT
a.gif
t.sharethis.com/d/ Frame 2B10
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175816562&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=pools.comunityhk.com&pn=%2F&qs=na&cc=US&cont=NA&evid=yF1yIzYA9r9OSzYZu7Ta&urls=&rnd=1704175817078&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=227&bcnLcy=62
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:17 GMT
a.gif
t.sharethis.com/d/ Frame 08D5
0
289 B
Image
General
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHwACWWTqLsAAAAKTQ0FAw%253D%253D&tt=t.dhj&dhjLcy=1704175816567&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=pools.comunityhk.com&pn=%2F&qs=na&cc=US&cont=NA&evid=8F1yIzYApH4IC2LdN-CX&urls=&rnd=1704175817094&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=210&bcnLcy=62
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.185 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Tue, 02 Jan 2024 06:10:17 GMT
merge
ce.lijit.com/ Frame 48A7
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1626
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:17 GMT
metrics
connect-metrics-collector.s-onetag.com/ Frame 1668
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://master.aimistik.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:17 GMT
content-length
0
vary
Origin
57333
i.liadm.com/s/ Frame 3314
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=90857
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:17 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame C41A
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853717
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
7oJ7NCbGZ4AdpG4wmkuosOyZKA-IEg3Ctfv7Q1ovVRR-sP7Io7YDrg==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame C41A
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770638
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
rculGmNuuhDlIp_6c2HmVeH2BMI5NQs_d6gto9WefqmhHpie7f0EHQ==
1540_03681
track2.securedvisit.com/sync/ Frame BC11
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:17 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
1540_03681
track2.securedvisit.com/sync/ Frame 25B6
43 B
177 B
Script
General
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.239.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-239-57.compute-1.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:17 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.24.0
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 416F
Redirect Chain
  • https://um.simpli.fi/lj_match?r=48380
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:17 GMT
57333
i.liadm.com/s/ Frame 9B47
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=9459
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:17 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 28CA
85 B
481 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853717
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
tP-HIV-grcR7zz41Hn6opD6GinMfQ4sIld1gk0qzqI-rgH8kk0VDmg==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
57333
i.liadm.com/s/ Frame 1DB1
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=65323
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:17 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame FE1B
85 B
483 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853717
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
znEZdXhgrJdFWH7rB5q8W2hP5VEgpIlp42eQpO8UUxRnu3Gk4S_j8w==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
57333
i.liadm.com/s/ Frame 48A7
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=23598
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:17 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame B2FC
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853717
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
tGsseDW40r2ZEvSedKBe3sl2HlrTxMdN9ByYxZUdtNhTsRL6MaKnEQ==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
sync
thrtle.com/ Frame FC96
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=8ce8c14c-ec60-4a3a-b455-815b2c9ed1b6
  • https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=79363d6d-3dc6-42db-a1a9-d035557bb78e
43 B
543 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=79363d6d-3dc6-42db-a1a9-d035557bb78e
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://data.bolamerah.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 02 Jan 2024 06:10:18 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=79363d6d-3dc6-42db-a1a9-d035557bb78e
date
Tue, 02 Jan 2024 06:10:17 GMT
server
Kestrel
content-length
199
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 28CA
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770638
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
Q9JrEoovg_eahT0nEH6h4HqBQ6pP2eDsF8XANLIxVMDz3RZMzJq5DA==
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame FE1B
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770638
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
eQ-m_NjbHD-Sipt2eOT7PBbUPnpnDntQYR4X_wf-uDUAum2zEshxaA==
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame B2FC
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770638
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
V_sZvLQl21fWGnYBshLwOV70H2EaZS4Z5fVRMplTHxJXQgZVWyIr4Q==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 0C03
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=74484
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:17 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
e9CnskToBXMRPQ7JN4c5OynuFS-HNiX6vBsxNkh9xH8ZmhQLvdOVpw==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame EF00
0
0
Document
General
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=24888
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Tue, 02 Jan 2024 06:10:18 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
x-amz-cf-id
V6VWukXtZB96DtkSGYOY6p5eYogmCoryPS7WFJS38nS69yIn3W3S4g==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
57333
i.liadm.com/s/ Frame 416F
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=97074
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:18 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 92AD
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://net.itupaito.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853718
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
mx3-M78QAEDb20j0iyIsDbUiHSHjCAswlF05Kk7nmeVvcHONJGhHQA==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
sync
thrtle.com/ Frame 3314
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://cms.analytics.yahoo.com/cms?partner_id=THROTLE
  • https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
  • https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-iMzmmPpE2oS9ycbXMs65xLhWIpy1kGSKc4H2YQ--~A
43 B
543 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-iMzmmPpE2oS9ycbXMs65xLhWIpy1kGSKc4H2YQ--~A
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 02 Jan 2024 06:10:18 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-iMzmmPpE2oS9ycbXMs65xLhWIpy1kGSKc4H2YQ--~A
date
Tue, 02 Jan 2024 06:10:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 92AD
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770639
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
ZP61PX6TDMkOzGFbPw67EGjqB4CxfFWkcZpNTCAGaEtOk1tQNzR8dA==
76929
i.liadm.com/s/ Frame BC11
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=45471
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:18 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
sync
thrtle.com/ Frame 9B47
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D13%26_t%3D1704175818%26_reach%3D1
  • https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
0
469 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:18 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
thrtle.com/ Frame 1DB1
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D13%26_t%3D1704175818%26_reach%3D1
  • https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
0
469 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:18 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&vxii_ts=13&_t=1704175818&_reach=1
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
metrics
connect-metrics-collector.s-onetag.com/ Frame 9E9F
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://master.aijos.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:18 GMT
content-length
0
vary
Origin
76929
i.liadm.com/s/ Frame 25B6
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=59637
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:18 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
sync
thrtle.com/ Frame 48A7
0
469 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
Requested by
Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"
sync
thrtle.com/ Frame 416F
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D15%26_t%3D1704175818%26_rea...
  • https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=79da43ccf13077612bbc33c1eda67811&vxii_ts=15&_t=1704175818&_reach=1
0
469 B
Image
General
Full URL
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=79da43ccf13077612bbc33c1eda67811&vxii_ts=15&_t=1704175818&_reach=1
Requested by
Host: master.aimistik.com
URL: https://master.aimistik.com/
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://net.itupaito.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=79da43ccf13077612bbc33c1eda67811&vxii_ts=15&_t=1704175818&_reach=1
cache-control
no-cache
x-server
10.40.11.188
content-length
0
expires
0
db_sync
px.ads.linkedin.com/ Frame BC11
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=25050&pu=https://pools.comunityhk.com/
Requested by
Host: pools.comunityhk.com
URL: https://pools.comunityhk.com//master/index_hk.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:18 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B9D843FFC6614DF8AE36E585208809B6 Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FpSz3IttE5d0bK+Eg==
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame 1668
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://master.aimistik.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
public, max-age=86400
x-amz-cf-id
i449OLr4eiI_E-pQneMz5DL7zf8Nd4RRWBKg5Z4Lpxxi98yLEw2qCA==
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame 9E9F
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://master.aijos.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
public, max-age=86400
x-amz-cf-id
C7mYgE0oSvai6VUO3fgDLyMc4ZQR3gzU_8c1TlnF5kpl_y1Ty96gMQ==
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer
https://medz.forumituct.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
content-encoding
gzip
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:23:53 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
public, max-age=86400
x-amz-cf-id
xQAFxXBo3I8YHc8AmN9S6cif7_Jt9nbdI7jVXEx-Yhx1eZJRlu_Gzg==
db_sync
px.ads.linkedin.com/ Frame 25B6
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7CyjSZHio99Iu_wQ8e-eYFF&rand=2707&pu=https://pools.comunityhk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FA259A2D55234F8988EA0FB8F41108BA Ref B: CHI30EDGE0310 Ref C: 2024-01-02T06:10:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN8FpVb5XCzZoH8mTTgg==
beacon
ce.lijit.com/ Frame DD98
4 KB
2 KB
Document
General
Full URL
https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1e8f3671b895855d015da09115d3e69a7358797385c3dd793a60ea8cf5ebee2

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1070
Content-Type
text/html
Date
Tue, 02 Jan 2024 06:10:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1dca1
iu3
s.amazon-adsystem.com/ Frame DD98
Redirect Chain
  • https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PHRNC83YXZVVD169M21P
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=LWHc5OTZZDfW&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=49&3pid=LWHc5OTZZDfW&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=LWHc5OTZZDfW&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-m42w2
expires
-1
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=vdEaviZiPjqeQ9os8hJ0seztxHyoK8xT6w5BxLUZDGE&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=86&3pid=vdEaviZiPjqeQ9os8hJ0seztxHyoK8xT6w5BxLUZDGE&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=vdEaviZiPjqeQ9os8hJ0seztxHyoK8xT6w5BxLUZDGE&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT, Tue, 02 Jan 2024 06:10:19 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
de7ce10e57c2d3dc3202d108c71b2d20.gif
cs.krushmedia.com/ Frame DD98
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/universal/v1?supply_id=7yx5VOUe
  • https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=a7a0daf7-bdbf-4648-8ab3-f066fbde44ff
9 B
450 B
Image
General
Full URL
https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=a7a0daf7-bdbf-4648-8ab3-f066fbde44ff
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
8.2.110.134 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Redirect headers

location
https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=a7a0daf7-bdbf-4648-8ab3-f066fbde44ff
date
Tue, 02 Jan 2024 06:10:19 GMT
content-length
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=27&3pid=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=27&3pid=79363d6d-3dc6-42db-a1a9-d035557bb78e&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 06:10:19 GMT
server
Kestrel
content-length
223
pixel
cm.g.doubleclick.net/ Frame DD98
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDdDeWpTWkhpbzk5SXVfd1E4ZS1lWUZG&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDdDeWpTWkhpbzk5SXVfd1E4ZS1lWUZG&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H3
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 02 Jan 2024 06:10:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SDdDeWpTWkhpbzk5SXVfd1E4ZS1lWUZG&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=d34031d1-f367-4787-8f0c-fc240fba8816
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=87&3pid=d34031d1-f367-4787-8f0c-fc240fba8816
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=d34031d1-f367-4787-8f0c-fc240fba8816
date
Tue, 02 Jan 2024 06:10:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=AAA6J07LJ1IAABM4PAw9Bw&pid=85&gdpr=0
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?3pid=AAA6J07LJ1IAABM4PAw9Bw&pid=85&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?3pid=AAA6J07LJ1IAABM4PAw9Bw&pid=85&gdpr=0
Date
Tue, 02 Jan 2024 06:10:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=9119299034427209259&gdpr=0&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=92&3pid=9119299034427209259&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
an-x-request-uuid
2dee500e-85d5-4c2e-b8b8-56a0501f2aa0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ce.lijit.com/merge?pid=92&3pid=9119299034427209259&gdpr=0&gdpr_consent=
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1704175819469
  • https://ad.turn.com/r/cs?pid=45&rndcb=6295638291
  • https://sync.1rx.io/usersync/turn/4315834540528319297?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005
43 B
4 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005
date
Tue, 02 Jan 2024 06:10:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXafd4aea664444640b241b0b8aefc9f1b005
content-type
text/html
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LQVYA6C2-P-979V&gdpr=0
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LQVYA6C2-P-979V&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LQVYA6C2-P-979V&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D49c20a...
  • https://ce.lijit.com/merge?pid=16&3pid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&gdpr=0&gdpr_consent=
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=16&3pid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ce.lijit.com/merge?pid=16&3pid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPUc580a43e08b64a23b53a91ac1b105b12&gdpr=0&gdpr_consent=&pid=103
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?3pid=OPUc580a43e08b64a23b53a91ac1b105b12&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPUc580a43e08b64a23b53a91ac1b105b12&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=DYFZL1qMA34WjFQkD9FNJQPQUS0WjAMuWNA1HPqK
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=DYFZL1qMA34WjFQkD9FNJQPQUS0WjAMuWNA1HPqK
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=DYFZL1qMA34WjFQkD9FNJQPQUS0WjAMuWNA1HPqK
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
dot.gif
s0.2mdn.net/ Frame DD98
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=SDdDeWpTWkhpbzk5SXVfd1E4ZS1lWUZG&gdpr=0
  • https://s0.2mdn.net/dot.gif?gdpr=0
43 B
489 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Server
142.251.32.102 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:20:44 GMT
x-content-type-options
nosniff
age
6576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Jan 2024 04:20:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LQVYA66D-1C-G459&gdpr=0
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQVYA66D-1C-G459&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQVYA66D-1C-G459&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=H7CyjSZHio99Iu_wQ8e-eYFF&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=ZZOozAu5GZ6pX6O__KUV8TID
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=84&3pid=ZZOozAu5GZ6pX6O__KUV8TID
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:20 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=ZZOozAu5GZ6pX6O__KUV8TID
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c71a6e46d04c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame DD98
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://sync2.resetdigital.co/csync/bs?type=d&bidswitch_ssp_id=fmx&gdpr=0&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=0000012629C73700&expires=15&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&us_privacy=
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=26&3pid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 02 Jan 2024 06:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame DD98
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2342
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157361
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 02 Jan 2024 06:10:19 GMT
expires
Thu, 04 Jan 2024 01:53:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F34
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157361
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 02 Jan 2024 06:10:19 GMT
expires
Thu, 04 Jan 2024 01:53:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 8E41
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
988 B
621 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f2b411a9869c49218697496b622af3dac5f781207506b14159fdf7569c483978

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
602
content-type
text/html
date
Tue, 02 Jan 2024 06:10:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 02 Jan 2024 06:10:19 GMT
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
data
bcp.crwdcntrl.net/6/
317 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
67cf42c4f76cf4a7ba9ea00aa101e2fffc3797949948b086ed795d8623787c9d

Request headers

Referer
https://medz.forumituct.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://medz.forumituct.com
cache-control
no-cache
x-server
10.40.62.72
access-control-allow-credentials
true
content-length
317
expires
0
data
bcp.crwdcntrl.net/6/ Frame 9E9F
305 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bfe0177916853c62de841be3cf164f710d5259e1218a8f7a4f3bf1975bbdba8b

Request headers

Referer
https://master.aijos.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://master.aijos.info
cache-control
no-cache
x-server
10.40.51.92
access-control-allow-credentials
true
content-length
305
expires
0
data
bcp.crwdcntrl.net/6/ Frame 1668
326 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b14591025cb1e1d8a630d746c326af8c9008608253259bc34c702ace3e0119cb

Request headers

Referer
https://master.aimistik.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://master.aimistik.com
cache-control
no-cache
x-server
10.40.5.198
access-control-allow-credentials
true
content-length
326
expires
0
merge
ce.lijit.com/ Frame BC11
Redirect Chain
  • https://um.simpli.fi/lj_match?r=60639
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:19 GMT
a
a.dtssrv.com/
0
427 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=104017041758038360C2DD43CC8E4CDF&k=lotpano&v=119afebdc1a94c196787731e586da9fb927aa9f0bf94b9a920e908f50be480a2
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmedz.forumituct.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.146 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medz.forumituct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgGfDbJ7Pw99FROgVMTifwaZSN4D4XlbfSGvleuD7cA6VUMhJxiSYPrTVwLDWnA4EQyM54xpRmrZA%2FIj0NzZqxC8UfL9rxubbfF%2FPgpRe8z5DznwTstKPp63blNd3Rg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83f0d698acf34deb-MCI
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 4E86
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://medz.forumituct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
82397
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 01 Jan 2024 07:17:03 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-id
wU46Sm-fvrF8h-FTktsmV0vBI4jZCkYQ4QXRS5PBi-C6NSEGEjU8Dw==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
a
a.dtssrv.com/ Frame 1668
0
265 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=104017041758038360C2DD43CC8E4CDF&k=lotpano&v=119afebdc1a94c196787731e586da9fb927aa9f0bf94b9a920e908f50be480a2
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aimistik.com%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.146 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aimistik.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byUMgAgLhGnrBulldJnlgs0WXE5agHe%2BG6dQgfPHmKuUu4N58Yv3PkXIUo85pQrP9KkdQU0XypWfBQrHRCQWVCOuRhj1qMBnnGAP92FIrV818%2F5Z%2F6kZmG0tVBZotjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83f0d698ad014deb-MCI
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 1480
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://master.aimistik.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
82397
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 01 Jan 2024 07:17:03 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-id
it6zZFdn_m9JEZGIp3WaR3Ap9zCYEdqOhgBqKlDaYR_otWWCjoJw0g==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
a
a.dtssrv.com/ Frame 9E9F
0
264 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=104017041758038360C2DD43CC8E4CDF&k=lotpano&v=119afebdc1a94c196787731e586da9fb927aa9f0bf94b9a920e908f50be480a2
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmaster.aijos.info%2F&j=https%3A%2F%2Fmedz.forumituct.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.146 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://master.aijos.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cb6PSVnXAp3wy6HsniexMG6GObfGvC4aZ5ENmQ3Aou6ivhnOz8TdjkUEUAbuBC%2FAmYwLPUDJe0j9%2FLdBS4618aLS2Shb0i6rk4TJoO5mkyqd9ETtKpOK%2BgXmmTFol4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
83f0d698ad054deb-MCI
alt-svc
h3=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 18FD
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-34.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://master.aijos.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
82397
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 01 Jan 2024 07:17:03 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-id
MStP20kR944-LFMPdIRop5RyOGGxolj5b96acsDfVpqduz_iNNtEaA==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
merge
ce.lijit.com/ Frame 25B6
Redirect Chain
  • https://um.simpli.fi/lj_match?r=39997
  • https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=FB097C7B5FAD4B3B9099C94593517DB2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 06:10:19 GMT
merge
ce.lijit.com/ Frame 8E41
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=76&3pid=e6269e41-39f5-081d-0ea9-535441334e4d&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8E41
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZOowAALd3uKdQBH
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZOowAALd3uKdQBH
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-stl760065-STL
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704175820.631680,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZOowAALd3uKdQBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
1e0f26c5-43ed-a059-78c2-f307c6d5bc56
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8E41
0
0

dcm
s.amazon-adsystem.com/ Frame 8E41
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d21e3cfc-cfeb-89ea-891b-676551b1baff
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F40T2VXCZ6F8KW2ZY1FZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8E41
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=8ac84081-d341-3210-4915-e5f23982711f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=79363d6d-3dc6-42db-a1a9-d035557bb78e&ttd_puid=8ac84081-d341-3210-4915-e5f23982711f&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=79363d6d-3dc6-42db-a1a9-d035557bb78e&ttd_puid=8ac84081-d341-3210-4915-e5f23982711f&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=79363d6d-3dc6-42db-a1a9-d035557bb78e&ttd_puid=8ac84081-d341-3210-4915-e5f23982711f&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 06:10:19 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 8E41
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTZhNzkzNGItMWEzNi02Y2I0LTVjZjUtYmY0YmYzNjBiZjdm
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8E41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmhlYU5dLAJ7RIjNK_jFSM&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmhlYU5dLAJ7RIjNK_jFSM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOmhlYU5dLAJ7RIjNK_jFSM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixels
bcp.crwdcntrl.net/ Frame 144B
4 KB
4 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0f1db60ef59372063a852c38c181edcb69f2ea224a3dcda1278ade694e32be95

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
4242
content-type
text/html
date
Tue, 02 Jan 2024 06:10:19 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.48.10
PugMaster
image6.pubmatic.com/AdServer/ Frame 2342
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67578342&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:19 GMT
content-length
0
m
cm.mgid.com/ Frame 144B
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=79da43ccf13077612bbc33c1eda67811
  • https://cm.mgid.com/m?c=79da43ccf13077612bbc33c1eda67811&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
43 B
158 B
Image
General
Full URL
https://cm.mgid.com/m?c=79da43ccf13077612bbc33c1eda67811&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
104.19.129.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83f0d69dab8a77bd-STL
alt-svc
h3=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https://cm.mgid.com/m?c=79da43ccf13077612bbc33c1eda67811&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
83f0d69d1aee77bd-STL
alt-svc
h3=":443"; ma=86400
content-length
43
generic
sync.ipredictive.com/d/sync/cookie/ Frame 144B
0
0

/
wt.rqtrk.eu/ Frame 144B
43 B
234 B
Image
General
Full URL
https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=832084940&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.103 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-002.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Tue, 02 Jan 2024 06:10:19 GMT
getuid
sync.smartadserver.com/ Frame 144B
0
0

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 144B
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 02 Jan 2024 06:10:19 GMT
content-length
0
content-type
text/html; charset=UTF-8
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=79363d6d-3dc6-42db-a1a9-d035557bb78e/gdpr=0/ Frame 144B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=79363d6d-3dc6-42db-a1a9-d035557bb78e/gdpr=0/gdpr_consent=
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=79363d6d-3dc6-42db-a1a9-d035557bb78e/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.191
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=79363d6d-3dc6-42db-a1a9-d035557bb78e/gdpr=0/gdpr_consent=
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Kestrel
content-length
249
tpid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 144B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=79da43ccf13077612bbc33c1eda67811&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=62221526355076880713237290817115184386&pt=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c%2Chttps%253A%252F%252Fsync.crwdcntrl.net%25...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.97
content-length
49
expires
0

Redirect headers

date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8dbf7924-9026-4fb4-bbcd-688b5a24fb5c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 144B
0
0

/
loadus.exelator.com/load/ Frame 144B
0
600 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=79da43ccf13077612bbc33c1eda67811&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ibs:dpid=121998&dpuuid=79da43ccf13077612bbc33c1eda67811&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame 144B
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=79da43ccf13077612bbc33c1eda67811&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.234.228.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-234-228-147.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-usw2-2-v050-03d916573.edge-usw2.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
VBp9md2nReA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame 144B
0
543 B
Image
General
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
40.71.11.141 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:19 GMT
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Arr-Disable-Session-Affinity
true
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
lotame
sync.sharethis.com/ Frame 144B
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/lotame?uid=79da43ccf13077612bbc33c1eda67811&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-26-161.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHwACWWTqLsAAAAKTQ0FAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
cm
us-u.openx.net/w/1.0/ Frame 144B
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=79da43ccf13077612bbc33c1eda67811
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=ZZOozIi4_HFE0QtKWbP_J4M7&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
  • https://d.agkn.com/pixel/10751/?che=1704175820436&ip=185.172.52.56&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D212750604749002769588
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=212750604749002769588
  • https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=WlpPb3pJaTRfSEZFMFF0S1diUF9KNE03
  • https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEHrGJ2T-_D2gh_UTvkNH4hE&google_cver=1
  • https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
43 B
75 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 06:10:20 GMT
server
Aorta/20231219.0f0182a99
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
location
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
c71a6e46d04c
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
image.sbxx
global.ib-ibi.com/ Frame 144B
0
0

qmap
sync.crwdcntrl.net/ Frame 144B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=0&gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.49.56
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-6b9c194b-1160-55d5-6700-109e3bb639f8$ip$185.172.52.56&gdpr=0&gdpr_consent=
Date
Tue, 02 Jan 2024 06:10:20 GMT
Connection
keep-alive
Content-Length
167
Content-Type
text/html; charset=utf-8
qmap
sync.crwdcntrl.net/ Frame 144B
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-c9sxI7FE2pz3eKe.Duvp9fo1abyFGznOPDU-~A&gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-c9sxI7FE2pz3eKe.Duvp9fo1abyFGznOPDU-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.56.175
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-c9sxI7FE2pz3eKe.Duvp9fo1abyFGznOPDU-~A&gdpr=0
date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553/ Frame 144B
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553/gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.55.244
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 144B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NzlkYTQzY2NmMTMwNzc2MTJiYmMzM2MxZWRhNjc4MTE&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 144B
62 B
306 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=ccf49cad3189a39259be3933a5c5a64b
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-216-137-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 06:10:20 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 144B
124 B
741 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-50.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
8148226bec5b67649a9ac129a4cd57ee1f446057dd773eaf72e8851d950fc0d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
124
x-amz-cf-id
hG0y5jkyV2dc1ldmCGgu5t-bTWxqku5AVe83r78rffxcODLUl8PO8A==
expires
0
pixel
cm.g.doubleclick.net/ Frame 144B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=NzlkYTQzY2NmMTMwNzc2MTJiYmMzM2MxZWRhNjc4MTE&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4315834540528319297/ Frame 144B
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/79da43ccf13077612bbc33c1eda67811/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4315834540528319297/gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4315834540528319297/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.58.70
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4315834540528319297/gdpr=0
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=586257841
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/ Frame 144B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=586257841
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=586257841
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=586257841
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.140
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
an-x-request-uuid
20e9cb30-a6e0-41cd-80b4-7be6b0ef5aa4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=586257841
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixels
bcp.crwdcntrl.net/ Frame 0A8E
3 KB
3 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c51607069a5b76b470244c7e380714aff441e04a3d3df5acd4cc8d6900876763

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
2965
content-type
text/html
date
Tue, 02 Jan 2024 06:10:20 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.1.215
pixels
bcp.crwdcntrl.net/ Frame AA79
2 KB
2 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
deff2b9138367ad71a62077911774dd79c69569834b90bb991f396fbbddc22cf

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
2004
content-type
text/html
date
Tue, 02 Jan 2024 06:10:20 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.54.160
57333
i.liadm.com/s/ Frame BC11
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=29918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:20 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
3
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 4838
85 B
483 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853720
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
OlYhvn-8OHWSX0UjvycdLqGU5IDN1pX-QOXX8kdi7kqxdB-AHl8cNQ==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
57333
i.liadm.com/s/ Frame 25B6
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7CyjSZHio99Iu_wQ8e-eYFF&rnd=67720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:20 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 0C7A
85 B
482 B
Document
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://pools.comunityhk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
853720
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Sat, 23 Dec 2023 09:01:41 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
x9Feg2LpiDi2DKVFktpyWg-8h9EUwThl1tuYZW0XE7Xu1k57xexEBg==
x-amz-cf-pop
JFK52-P4
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
gdpr=0
sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=212750604749002769588/ Frame 144B
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=212750604749002769588/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=155%2C154%2C150%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C81%2C79%2C78%2C54%2C41%2C33%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.53.21
content-length
49
expires
0
/
partner.mediawallahscript.com/ Frame 0A8E
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=79da43ccf13077612bbc33c1eda67811&custom=&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=79da43ccf13077612bbc33c1eda67811&custom=&tag_format=img&tag_action=sync&final=true&reqid=9bab7510-a935-11ee-bb57-e3b342511...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=9119299034427209259&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=9bb89471-a935-11ee-9a14-09a46abdd79a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=79da43ccf13077612bbc33c1eda67811&tag_format=img&tag_action=sync&cb=345278124
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=79363d6d-3dc6-42db-a1a9-d035557bb78e&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=9bb89471-a935-11ee-9a14-09a46abdd79a&cb=1704175821058&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=88deb437-0e30-4411-8bdc-455b8d1e91be&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704175821058
0
406 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=88deb437-0e30-4411-8bdc-455b8d1e91be&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704175821058
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.200.110.248 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Tue, 02 Jan 2024 06:10:21 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:21 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=88deb437-0e30-4411-8bdc-455b8d1e91be&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704175821058
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Tue, 02 Jan 2024 06:10:20 GMT
cookie-sync
sync.outbrain.com/ Frame 0A8E
Redirect Chain
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0
  • https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc=
  • https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=T2Vjd1VCSGlUS0dFSTJNd0Z1MWtSQT09&sm_p=dc&sm_r=lotame,lotame,bds,smt,rbc,tl
  • https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,bds,smt,rbc,tl
  • https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=39e73050-11e2-4ca1-8423-633016ed6444&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Cbds%2Csmt%2Crbc%2Ctl
  • https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,bds,smt,rbc,tl
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=39e73050-11e2-4ca1-8423-633016ed6444&expires=10
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
287 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
70.42.32.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:22 GMT
Cache-Control
no-cache
X-TraceId
498bf42a839ceebe59fccdbd23cea49c
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Tue, 02 Jan 2024 06:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame 0A8E
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S36DJYKEW9G76YFYGSNQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
lotame
ad.mrtnsvr.com/sync/ Frame 0A8E
0
0

gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5964995709526982727/gdpr=/ Frame 0A8E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1040
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5964995709526982727/gdpr=/gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5964995709526982727/gdpr=/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.9.246
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5964995709526982727/gdpr=/gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 0A8E
Redirect Chain
  • https://spl.zeotap.com/?zdid=637&env=mWeb&eventType=pageview&gdpr=0
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=5e51f5c2-7804-4fee-69c8-d7929ef0ce15?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_...
  • https://mwzeom.zeotap.com/mw?pid=79da43ccf13077612bbc33c1eda67811&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=e71c8d99-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=79da43ccf13077612bbc33c1eda67811&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=e71c8d99-7cb6-483f-692b-0d5b47be429e&zdid=637
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
172.67.40.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://bcp.crwdcntrl.net
access-control-allow-credentials
true
cf-ray
83f0d69f2d1f1463-STL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=79da43ccf13077612bbc33c1eda67811&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=5e51f5c2-7804-4fee-69c8-d7929ef0ce15&reqId=e71c8d99-7cb6-483f-692b-0d5b47be429e&zdid=637
cache-control
no-cache
x-server
10.40.9.166
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 0A8E
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=79da43ccf13077612bbc33c1eda67811&gdpr=0
  • https://id5-sync.com/c/19/19/9/1.gif?puid=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/19/2/8/2.gif?puid=9119299034427209259&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
0
0

insync
thrtle.com/ Frame 0A8E
43 B
298 B
Image
General
Full URL
https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 02 Jan 2024 06:10:20 GMT
content-length
43
content-type
image/gif
41715
i.liadm.com/s/ Frame 0A8E
43 B
715 B
Image
General
Full URL
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.90.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-90-211-105.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:20 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif
ltm
audex.userreport.com/sync/put/ Frame 0A8E
43 B
433 B
Image
General
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:20 GMT
Via
1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
JFK50-P3
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
GezS7I12g8G8A_-1Zw2qC-IXtVFJjDwXZg2iEhcL7H6mYybvHWi3fg==
partner
sync.search.spotxchange.com/ Frame 0A8E
0
0

cm
trc.taboola.com/sg/lotame/1/ Frame 0A8E
43 B
405 B
Image
General
Full URL
https://trc.taboola.com/sg/lotame/1/cm
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Tue, 02 Jan 2024 06:10:21 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
6780
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-stl760062-STL
pragma
no-cache
server
nginx
x-timer
S1704175822.511204,VS0,VE8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
qmap
sync.crwdcntrl.net/ Frame 0A8E
Redirect Chain
  • https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd5d2a6f-9cd2-4114-bfbd-f44d88022079&gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd5d2a6f-9cd2-4114-bfbd-f44d88022079&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.59.213
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=bd5d2a6f-9cd2-4114-bfbd-f44d88022079&gdpr=0
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
7
sync.search.spotxchange.com/audience_sync/ Frame 0A8E
0
0

tpid=89cb7409-019b-4b73-8fa4-8aacae72094d
bcp.crwdcntrl.net/map/c=10737/tp=AMBO/ Frame 0A8E
Redirect Chain
  • https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79
  • https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79
  • https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=89cb7409-019b-4b73-8fa4-8aacae72094d
49 B
263 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=89cb7409-019b-4b73-8fa4-8aacae72094d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.3.2
content-length
49
expires
0

Redirect headers

location
//bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=89cb7409-019b-4b73-8fa4-8aacae72094d
date
Tue, 02 Jan 2024 06:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
pixel.onaudience.com/ Frame 0A8E
35 B
247 B
Image
General
Full URL
https://pixel.onaudience.com/?mapped=79da43ccf13077612bbc33c1eda67811&partner=104&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.94.170.64 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-eu-7.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-length
35
content-type
image/gif
qmap
sync.crwdcntrl.net/ Frame 0A8E
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=212750604749002769588&gdpr=0&gdpr_consent=
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=212750604749002769588&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.156
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
via
1.1 a0baca8f5dcda9f46c3f17957eeb39aa.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=212750604749002769588&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
7N-5it0dRPMl8CKRHOEZlC_FRdAzcNQZoPsApBpw-h2ORixNYuvnsQ==
expires
0
utsync.ashx
ml314.com/ Frame 0A8E
43 B
60 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=79da43ccf13077612bbc33c1eda67811&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0,Wed, 03 Jan 2024 06:10:20 GMT
match
ps.eyeota.net/ Frame 0A8E
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=51mdg9u&uid=79da43ccf13077612bbc33c1eda67811&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Date
Tue, 02 Jan 2024 06:10:20 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
token
token.rubiconproject.com/ Frame 0A8E
0
535 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=7&puid=79da43ccf13077612bbc33c1eda67811&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZOowAALd3uKdQBH/ Frame 0A8E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZOowAALd3uKdQBH/gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZOowAALd3uKdQBH/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.8.167
content-length
49
expires
0

Redirect headers

x-served-by
cache-stl760065-STL
pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704175820.332581,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZOowAALd3uKdQBH/gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
382416.gif
idsync.rlcdn.com/ Frame 0A8E
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=79da43ccf13077612bbc33c1eda67811&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rand=67457836
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/ Frame 0A8E
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=67457836
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=67457836
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=67457836
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C159%2C153%2C146%2C145%2C139%2C135%2C125%2C122%2C115%2C113%2C108%2C105%2C103%2C101%2C89%2C65%2C61%2C49%2C31%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.219
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
an-x-request-uuid
a6ec7835-749c-4b24-baf3-12c7e052f588
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=67457836
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 4838
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770641
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
Xm5VEkjUbByOBybRubaZmOjhmBwYdNXJRYabf9VHQs4zef72QHmgSA==
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 0C7A
766 B
1 KB
Script
General
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-22.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Sun, 24 Dec 2023 08:06:20 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
770641
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
k9wMtUYUcF7OYKAH5v6i1eqWqWn99_T82FFkb7S3-T2jCTGh3rBhGQ==
qmap
sync.crwdcntrl.net/ Frame AA79
Redirect Chain
  • https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.54.54
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=da1570b0-c1cf-4bc6-9218-2052f4462aa2&gdpr=0
Date
Tue, 02 Jan 2024 06:10:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
tag.crsspxl.com/ Frame AA79
Redirect Chain
  • https://tag.crsspxl.com/c.gif?t=57603&gdpr=0
  • https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
43 B
142 B
Image
General
Full URL
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
34.232.140.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 06:10:20 GMT
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Date
Tue, 02 Jan 2024 06:10:20 GMT
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
66.png
geo-um.btrll.com/v1/map_pixel/partner/ Frame AA79
0
0

gdpr=0
sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=8befcf8f-66f5-474e-aaea-bdfe95dabb45/ Frame AA79
Redirect Chain
  • https://jadserve.postrelease.com/dmp/5?vk=79da43ccf13077612bbc33c1eda67811/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=8befcf8f-66f5-474e-aaea-bdfe95dabb45/gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=8befcf8f-66f5-474e-aaea-bdfe95dabb45/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.198
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=8befcf8f-66f5-474e-aaea-bdfe95dabb45/gdpr=0
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame AA79
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=79da43ccf13077612bbc33c1eda67811
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.243.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-243-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n021-ash-prod.krxd.net
date
Tue, 02 Jan 2024 06:10:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=76 t=1704175820
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
getUID
synchroscript.deliveryengine.adswizz.com/ Frame AA79
0
0

0.gif
x01.aidata.io/ Frame AA79
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=79da43ccf13077612bbc33c1eda67811&gdpr=0
  • https://x01.aidata.io/0.gif?pid=LOTAME&id=79da43ccf13077612bbc33c1eda67811&gdpr=0&bounce=1
0
433 B
Image
General
Full URL
https://x01.aidata.io/0.gif?pid=LOTAME&id=79da43ccf13077612bbc33c1eda67811&gdpr=0&bounce=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
89.108.120.68 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:22 GMT
last-modified
Tue, 02 Jan 2024 06:10:21 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Tue, 02 Jan 2024 06:10:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:21 GMT
last-modified
Tue, 02 Jan 2024 06:10:20 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=LOTAME&id=79da43ccf13077612bbc33c1eda67811&gdpr=0&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Tue, 02 Jan 2024 06:10:20 GMT
qmap
sync.crwdcntrl.net/ Frame AA79
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAA6J07LJ1IAABM4PAw9Bw&gdpr=0
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAA6J07LJ1IAABM4PAw9Bw&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.101
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAA6J07LJ1IAABM4PAw9Bw&gdpr=0
Date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
engine
fei.pro-market.net/ Frame AA79
Redirect Chain
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=79da43ccf13077612bbc33c1eda67811
  • https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=79da43ccf13077612bbc33c1eda67811&sr
43 B
286 B
Image
General
Full URL
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=79da43ccf13077612bbc33c1eda67811&sr
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
107.178.240.89 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp3.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp8.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=79da43ccf13077612bbc33c1eda67811&sr
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
MAP.d
map.sddan.com/ Frame AA79
Redirect Chain
  • https://map.cookieless-data.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=
  • https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=
  • https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=&bounce=1
42 B
862 B
Image
General
Full URL
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=&bounce=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Server
51.158.29.13 -, , ASN (),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:22 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
42
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:22 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Location
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=79da43ccf13077612bbc33c1eda67811&gdpr=0&gdpr_consent=&bounce=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
rand=498594604
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/ Frame AA79
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=498594604
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=498594604
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=498594604
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
35.169.211.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-211-189.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.20
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:20 GMT
an-x-request-uuid
d34ff2c7-38de-453c-bcb7-50714efc45a6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=9119299034427209259/gdpr=0/rand=498594604
x-proxy-origin
185.172.52.56; 185.172.52.56; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tpid=F09CC1D9EA8FDF20
bcp.crwdcntrl.net/map/c=12526/tp=SEMA/ Frame AA79
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=12526?https%3A%2F%2Fuipus.semasio.net%2Flotame%2F1%2Fget%3FsType%3Dsync%26sExtCookieId%3D%24%7Bprofile_id%7D%26sInitiator%3Dexternal%26_url%3Dhttps%3A%2F%2Fbcp.crwdc...
  • https://uipus.semasio.net/lotame/1/get?sType=sync&sExtCookieId=79da43ccf13077612bbc33c1eda67811&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()}
  • https://uipus.semasio.net/lotame/1/get2?sType=sync&sExtCookieId=79da43ccf13077612bbc33c1eda67811&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()}
  • https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=F09CC1D9EA8FDF20
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=F09CC1D9EA8FDF20
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.72.21.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 06:10:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.189
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 06:10:21 GMT
Frontend-ID
15
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=F09CC1D9EA8FDF20
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
/
dmp.adform.net/dmp/profile/ Frame AA79
35 B
230 B
Image
General
Full URL
https://dmp.adform.net/dmp/profile/?pid=10131&sg=44470
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C156%2C40%2C86%2C80%2C132%2C76%2C121%2C142%2C140%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
image/gif
sync
nlsn.thrtle.com/ Frame BC11
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
  • https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
0
469 B
Image
General
Full URL
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:22 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
date
Tue, 02 Jan 2024 06:10:22 GMT
cross-origin-resource-policy
cross-origin
content-length
0
sync
nlsn.thrtle.com/ Frame 25B6
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7CyjSZHio99Iu_wQ8e-eYFF
  • https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
  • https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
0
469 B
Image
General
Full URL
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
Protocol
H2
Server
18.214.231.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-231-102.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pools.comunityhk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:10:22 GMT
p3p
CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=955aa2d0-a935-11ee-b1c0-fb99d766ebb3
date
Tue, 02 Jan 2024 06:10:22 GMT
cross-origin-resource-policy
cross-origin
content-length
0
metrics
connect-metrics-collector.s-onetag.com/ Frame 5DF2
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://net.itupaito.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:21 GMT
content-length
0
vary
Origin
metrics
connect-metrics-collector.s-onetag.com/ Frame C5B6
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://master.aijos.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:21 GMT
content-length
0
vary
Origin
metrics
connect-metrics-collector.s-onetag.com/ Frame 330B
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://master.aimistik.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:22 GMT
content-length
0
vary
Origin
metrics
connect-metrics-collector.s-onetag.com/ Frame 4F69
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://data.bolamerah.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:22 GMT
content-length
0
vary
Origin
metrics
connect-metrics-collector.s-onetag.com/ Frame FC96
0
72 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://data.bolamerah.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 06:10:24 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
net.forumituct.com
URL
https://net.forumituct.com/
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
net.itupaito.com
URL
https://net.itupaito.com/wp-content/uploads/2023/11/cropped-itupaito-2-32x32.png
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/openx/1e0f26c5-43ed-a059-78c2-f307c6d5bc56?gdpr=0
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
Domain
dmp.truoptik.com
URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=79da43ccf13077612bbc33c1eda67811
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=lotame
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Domain
geo-um.btrll.com
URL
https://geo-um.btrll.com/v1/map_pixel/partner/66.png
Domain
synchroscript.deliveryengine.adswizz.com
URL
https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_604_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_604 function| histats_canvascounters_base.js object| a object| cv object| Tynt object| _dtspv object| lotame_3825 number| char object| _33Across function| __uspapi object| __connect function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_na object| lt3825_oa object| lt3825_Oa object| lt3825_Ya object| lt3825_Za object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_la function| lt3825_ka function| lt3825_o function| lt3825_p function| lt3825_ma function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_sa function| lt3825_pa function| lt3825_qa function| lt3825_w function| lt3825_ra function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_v function| lt3825_B function| lt3825_C function| lt3825_ta function| lt3825_D function| lt3825_E function| lt3825_ua function| lt3825_F function| lt3825_G function| lt3825_va function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_wa function| lt3825_L function| lt3825_M function| lt3825_K function| lt3825_xa function| lt3825_ya function| lt3825_N function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_Ja function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ka function| lt3825_Ma function| lt3825_La function| lt3825_Na function| lt3825_O function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_P function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_Q function| lt3825_R function| lt3825_2a function| lt3825_S function| lt3825_T function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_6a function| lt3825_9a function| lt3825_8a function| lt3825_7a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825_ab function| lt3825_cb function| lt3825_bb function| lt3825_eb function| lt3825_db function| lt3825_2 function| lt3825_gb function| lt3825_ib function| lt3825_hb function| lt3825_3 function| lt3825_$a function| lt3825_fb function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_5 function| lt3825_6 function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_qb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_8 function| lt3825_zb function| lt3825_Ab function| lt3825_yb function| lt3825_xb function| lt3825_Cb function| lt3825_Bb function| lt3825_Eb function| lt3825_Db function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Lb function| lt3825_Sb function| lt3825_Nb function| lt3825_Qb function| lt3825_Ub function| lt3825_Tb function| lt3825_Vb function| lt3825_Rb function| lt3825_Wb function| lt3825_Xb function| lt3825_Yb function| lt3825_9 function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_1b function| lt3825_2b function| lt3825_$ function| lt3825_3b function| lt3825_4b function| lt3825_5b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_$b function| lt3825_bc function| lt3825_cc function| lt3825_dc function| lt3825_ac object| ujiPopups function| show_uji_popup function| popups_count function| open_lightbox function| popups_close object| twemoji object| wp object| __underground object| s object| sovrn string| currentTagSRC

196 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
i.liadm.com/s Name: _li_ss
Value: Cn0KBQgKEPAWCgYIpAEQ8BYKBgjdARDwFgoFCAYQ8BYKBQgJEPAWCgYI4QEQ8BYKBgiBARDwFgoFCAwQ-hYKBgiiARDwFgoJCP____8HEPoWCgUICxDwFgoGCIsBEPAWCgYIiQEQ8BYKBgilARDwFgoGCNIBEPAWCgUIfhDwFg
medz.forumituct.com/ Name: HstCfa4502232
Value: 1704175803034
medz.forumituct.com/ Name: HstCmu4502232
Value: 1704175803034
medz.forumituct.com/ Name: HstCnv4502232
Value: 1
medz.forumituct.com/ Name: HstCns4502232
Value: 1
medz.forumituct.com/ Name: HstCla4502232
Value: 1704175803039
medz.forumituct.com/ Name: HstPn4502232
Value: 2
medz.forumituct.com/ Name: HstPt4502232
Value: 2
.dtscout.com/ Name: df
Value: 1704175803
.dtscout.com/ Name: l
Value: 104017041758038360C2DD43CC8E4CDF
.forumituct.com/ Name: __dtsu
Value: 104017041758038360C2DD43CC8E4CDF
.sharethis.com/ Name: __stid
Value: ZHwACWWTqLsAAAAKTQ0FAw==
.sharethis.com/ Name: __stidv
Value: 2
.tynt.com/ Name: uid
Value: CoIKR2WTqLsbi082J6a3Ag==
.33across.com/ Name: 33x_ps
Value: u%3D212404484791541%3As1%3D1704175804003%3Ats%3D1704175804003
.linkedin.com/ Name: li_sugr
Value: 7de83740-adc6-40d6-8a85-c66d7a1608a4
.linkedin.com/ Name: bcookie
Value: "v=2&61fb9ee2-0c9e-47a8-85e7-8bfeb8c9db6d"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2669:u=1:x=1:i=1704175804:t=1704262204:v=2:sig=AQG_vtD31O2DrAXrpYQsrh0AUvYHuuOg"
.go.affec.tv/ Name: ck
Value: 6593a8bcbc6e410001987099
.go.affec.tv/ Name: oo
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1704175804039
.tapad.com/ Name: TapAd_DID
Value: 8dbf7924-9026-4fb4-bbcd-688b5a24fb5c
.onaudience.com/ Name: cookie
Value: c468d473b42b84af
.onaudience.com/ Name: done_redirects161
Value: 1
.eyeota.net/ Name: mako_uid
Value: 18cc8cb1ef6-9330000010a4f07
.adnxs.com/ Name: uuid2
Value: 9119299034427209259
.rezync.com/ Name: zync-uuid
Value: d6e6d72d-237d-4cb0-86aa-eafd2c02a13e:1704175804.1508296
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Il`iK46V!]tbP6j2F-XstGt!@DgY$o?9l
.bluekai.com/ Name: bku
Value: +rQ99n0GAtPqd+yQ
.eyeota.net/ Name: SERVERID
Value: 20231~DM
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTUxNzUxMjMysxDiM9RNq3DNyKs0zatyTSwHAO9tAP4lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDQ2Nzc0NTUxNzUxMjMysxDiM9RNq3DNyKs0zatyTSwHAO9tAP4lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4AAhgHaDOSwklWd3XwFvRyhIR4BsfUzpVdT1QxdryehXgk1iJtstk1MfP11PMJI6AAAA
.pippio.com/ Name: didts
Value: 1704175804
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLzRzqwGEgYIgr0rEAA=
.pippio.com/ Name: did
Value: pAPcBmV8SDTLGWhp
.onaudience.com/ Name: done_redirects104
Value: 1
.dtscdn.com/ Name: uid
Value: 104017041758038360C2DD43CC8E4CDF
.simpli.fi/ Name: suid
Value: FB097C7B5FAD4B3B9099C94593517DB2
.exelator.com/ Name: EE
Value: "329fedbeb8b5a7adac2f0569ca6dd42b"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHYyDItNSUpNckiyTTRPDElMdkozcDUzDI50SwlxcQoaXFZatGCpaXFQDWHllTklOQ0rS6LD3WMd3P09fSJXOacUZSfm7oCLBTmGrTY0MhgSX5RZvqi0ODFRSlpDItKik8FH0tJAwAF4itb"
.yahoo.com/ Name: A3
Value: d=AQABBL2ok2UCEKcQXHDCQkP9LANL8Iaw9l4FEgEBAQH6lGWdZdxA0iMA_eMAAA&S=AQAAAm1nYTu-jr3z5NEymIn5cy4
.doubleclick.net/ Name: IDE
Value: AHWqTUl-RJpGbfDPUmdPymbsBCF0rCgwoTfCPVHNTYQet0Xx4VgozIbEQQoVv8BH8bg
.adsrvr.org/ Name: TDID
Value: 79363d6d-3dc6-42db-a1a9-d035557bb78e
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcwNDE3NTgwNCwiaWQiOiI5MTE5Mjk5MDM0NDI3MjA5MjU5IiwibHMiOjE3MDQxNzU4MDR9LCJ0dCI6eyJkdCI6MTcwNDE3NTgwNCwiaWQiOiJDb0lLUjJXVHFMc2JpMDgySjZhM0FnPT0iLCJscyI6MTcwNDE3NTgwNH0sInRkIjp7ImR0IjoxNzA0MTc1ODA1LCJpZCI6Ijc1NTZlMWYzLWZkNWEtNDgwZC05NGMxLWFiYWI2YjE4MDUwMCIsImxzIjoxNzA0MTc1ODA1fSwidiI6MH0=|1704175805|ff1f3d608f84a2d0067a21fed17afdfaf8a10343
.liadm.com/ Name: lidid
Value: 4ca3c4fc-5eaf-4f51-9417-fc3dc277eaba
.ml314.com/ Name: pi
Value: 3641061050048577552
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 79da43ccf13077612bbc33c1eda67811
.onaudience.com/ Name: done_redirects147
Value: 1
.krxd.net/ Name: _kuid_
Value: QAte4YZk
.lijit.com/ Name: ljt_reader
Value: H7CyjSZHio99Iu_wQ8e-eYFF
.onaudience.com/ Name: done_redirects219
Value: 1
.media6degrees.com/ Name: clid
Value: 2s6megv011714h1248r8v6f70000000102010101101
.media6degrees.com/ Name: acs
Value: 012020k1s6megvxzt10
.agkn.com/ Name: ab
Value: 0001%3AH7lPf1CeR9Mc%2BArLSJi5%2FV69YfkNh9MU
.zeotap.com/ Name: zc
Value: 5e51f5c2-7804-4fee-69c8-d7929ef0ce15
.intentiq.com/ Name: IQver
Value: 1.9
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZOowAALd3uKdQBH
.turn.com/ Name: uid
Value: 4315834540528319297
.dtscout.com/ Name: m
Value: 5
.dtscout.com/ Name: oa
Value: 5
.demdex.net/ Name: demdex
Value: 62221526355076880713237290817115184386
.onaudience.com/ Name: done_redirects68
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 62221526355076880713237290817115184386
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%220c1ae001bf%22%2C%22f%22%3A7%2C%22ts%22%3A1704175809273%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A8%2C%22ts%22%3A1704175809273%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A8%2C%22ts%22%3A1704175809273%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A1%2C%22ts%22%3A1704175803849%7D%5D
.addthis.com/ Name: na_id
Value: 2024010206100900013643376135
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6593a8c1c02a6f08
.addthis.com/ Name: ouid
Value: 6593a8c1000150327fe96e8f92ef06346fc695e0bf00257da239
.adform.net/ Name: C
Value: 1
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.adform.net/ Name: uid
Value: 5964995709526982727
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOwiAMANC79HsYWqBlXGZBqAnRoRnzx2V3d58veQcsH93W3LXvkPbtqxOUV7s0IB0w2m_VJyRAmdGJYAhegicmjnBOMHSM9u5Lq9eprFyFqiEn1fhytyZyzkbzo1KxlNFpQrEeJUTrbxhspJnh_APNrSZR.ZZOowQ.PCS_lpbcoU8obrxRAeGF7YFTGHI
.onaudience.com/ Name: done_redirects282
Value: 1
.bluekai.com/ Name: bkdc
Value: phx
.reson8.com/ Name: RCID2
Value: 914C098408F29A75EC340A0515FF3321
.criteo.com/ Name: uid
Value: eb72e2ce-4ffc-4320-a8d3-71e1933f373a
.rlcdn.com/ Name: pxrc
Value: CLzRzqwGEgUI6EcQABIFCNtOEAESBgiw6gEQBBIGCLbqARAEEgYIuuoBEAASBgjB6gEQBRIGCPLqARAFEgYIuOsBEAA=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6b9c194b-1160-55d5-6700-109e3bb639f8.KlC22yGm%2FlQa4BI8nBN4Fftq9U1CZZ4jKse4thAWOjI
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6b9c194b-1160-55d5-6700-109e3bb639f8.KlC22yGm%2FlQa4BI8nBN4Fftq9U1CZZ4jKse4thAWOjI
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aa5wZSxFgVdVnABCeO7Y5-LmsNDg.uxkICyERkkwW6CigKEedwNBRkP8DRaaOcJvsRL4fO6E
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aa5wZSxFgVdVnABCeO7Y5-LmsNDg.uxkICyERkkwW6CigKEedwNBRkP8DRaaOcJvsRL4fO6E
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPm1JmOR0iBAdxBY1RprZKE9DthdTzChD7URag3XVILAEHwYBCDB0c6sBjABOgT90vuTQgSvLVmj.HQLaq9u36tMR65Kx2YyZuF20X%2FYl4r3bl6%2FA8BPdLOY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPm1JmOR0iBAdxBY1RprZKE9DthdTzChD7URag3XVILAEHwYBCDB0c6sBjABOgT90vuTQgSvLVmj.HQLaq9u36tMR65Kx2YyZuF20X%2FYl4r3bl6%2FA8BPdLOY
.bidr.io/ Name: bito
Value: AAA6J07LJ1IAABM4PAw9Bw
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_2
Value: FB097C7B5FAD4B3B9099C94593517DB2
.imrworldwide.com/ Name: IMRID
Value: 955aa2d0-a935-11ee-b1c0-fb99d766ebb3
.lijit.com/ Name: _ljtrtb_5001
Value: 79da43ccf13077612bbc33c1eda67811
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_96d757c0-a935-11ee-b312-12a7adfcdbeb
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMqxGAQAwAUYNFUUeYfC6XQDfhchSERFIW1aBgBrni7T2MZFjI1EnU_Jgsa69pnMBiCaVtCF4joMee3JCDpK8vwjKTovNSz-k7obvK9W99AOWQaO9qAAAA
.bidswitch.net/ Name: tuuid
Value: da1570b0-c1cf-4bc6-9218-2052f4462aa2
.bidswitch.net/ Name: c
Value: 1704175813
.bidswitch.net/ Name: tuuid_lu
Value: 1704175813
.w55c.net/ Name: wfivefivec
Value: WInt1Sei1RkxYG5
.rkdms.com/ Name: sc
Value: 13%3A113976
.rkdms.com/ Name: sessionid
Value: h-48fa5402f3b940dcaf8988bcda20df86_t-1704175814
.w55c.net/ Name: matchbidswitch
Value: 5
.mathtag.com/ Name: uuid
Value: 91d86593-a8c7-4300-9d8a-a76ca150713b
.zemanta.com/ Name: zuid
Value: ZQGbn9t8Muf-Nkc2oDQC
.sitescout.com/ Name: ssi
Value: 49c20ad0-5022-4d02-b013-270e37ee8728#1704175815646
.dtscout.com/ Name: st
Value: 11
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 28_0_1704175804108
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 74
.lijit.com/ Name: ljtrtbexp
Value: eJxdkLkRwEAIA3u52AFwvG7N4949viFB4YpHgmdVrJuDbKcp17WYZArB2LCnoMDhhzWS%2FOeq9lBxkVYSlvrkJPAoqINnKrABw37BefiCZSfmotPvwAE3wtNq5Hk%2FqbJGsA%3D%3D
.amazon-adsystem.com/ Name: ad-id
Value: A35bUFBS4klFrC-PnJTOW-Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: _ljtrtb_92
Value: 9119299034427209259
.lijit.com/ Name: _ljtrtb_85
Value: AAA6J07LJ1IAABM4PAw9Bw
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInbziNJCCAHYGBq4ZYOaiVhDJqDUbQs0CUXzuDmDew3oQxa%2BzH0gCACvsCLc%3D"
.forumituct.com/ Name: _cc_id
Value: 79da43ccf13077612bbc33c1eda67811
.forumituct.com/ Name: panoramaId_expiry
Value: 1704262219363
.forumituct.com/ Name: panoramaId
Value: 119afebdc1a94c196787731e586da9fb927aa9f0bf94b9a920e908f50be480a2
.forumituct.com/ Name: panoramaIdType
Value: panoDevice
.lijit.com/ Name: _ljtrtb_27
Value: 79363d6d-3dc6-42db-a1a9-d035557bb78e
.openx.net/ Name: i
Value: 59647fd8-7ac6-0de7-13c3-2d1a5da542e2|1704175819
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLdMSTQxTk5OMzQ2MDc3MzRKSko2Nk42TE1JNDO3MDRkAILUyStOf%2Fr%2F%2Fz8%2FiAMGfGufn9FlPMvI8J%2BRkeH6%2BgcycPbhViPmPVog8Y%2ByIHJ7PVjN2bVPubGJnzt6iBmb%2BM%2BNU1iwiV869YgNm%2FjufZcFsIl%2FaLgvwITsHobDi%2BdgNfntR0tsBrxbgl15w39NbMqfdmlhEwYAo656KA%3D%3D"
.contextweb.com/ Name: V
Value: LWHc5OTZZDfW
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ow1|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b05950087f9c6fa3
.mfadsrvr.com/ Name: tuuid
Value: d34031d1-f367-4787-8f0c-fc240fba8816
.mfadsrvr.com/ Name: c
Value: 1704175819
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704175819
.krushmedia.com/ Name: krm_usr
Value: 8b10e9d6-d13b-5e54-8dcd-c62fcd1be1ab
.quantserve.com/ Name: d
Value: EGYBDQHnKt-owQA
.quantserve.com/ Name: mc
Value: 6593a8cb-8484e-98d11-8c2cd
.lijit.com/ Name: _ljtrtb_49
Value: LWHc5OTZZDfW
.lijit.com/ Name: _ljtrtb_16
Value: 49c20ad0-5022-4d02-b013-270e37ee8728-6593a8c7-5553
.openx.net/ Name: pd
Value: v2|1704175819|vMgavPkWgyiK
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1704175819
.lijit.com/ Name: _ljtrtb_43
Value: DYFZL1qMA34WjFQkD9FNJQPQUS0WjAMuWNA1HPqK
.lijit.com/ Name: _ljtrtb_87
Value: d34031d1-f367-4787-8f0c-fc240fba8816
.lijit.com/ Name: _ljtrtb_76
Value: e6269e41-39f5-081d-0ea9-535441334e4d
.creativecdn.com/ Name: u
Value: 8eXBtiwCoDSKtYe3EyAC
.creativecdn.com/ Name: g
Value: 8eXBtiwCoDSKtYe3EyAC_1704175819671
.creativecdn.com/ Name: ts
Value: 1704175819
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: a7a0daf7-bdbf-4648-8ab3-f066fbde44ff
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: _ljtrtb_80
Value: LQVYA66D-1C-G459
.adx.opera.com/ Name: UID
Value: OPUc580a43e08b64a23b53a91ac1b105b12
.krushmedia.com/ Name: krm_r
Value: 572|undefined
.lijit.com/ Name: _ljtrtb_103
Value: OPUc580a43e08b64a23b53a91ac1b105b12
.rubiconproject.com/ Name: khaos
Value: LQVYA6C2-P-979V
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|79363d6d-3dc6-42db-a1a9-d035557bb78e|1704175819824887
.lijit.com/ Name: _ljtrtb_86
Value: vdEaviZiPjqeQ9os8hJ0seztxHyoK8xT6w5BxLUZDGE
.lijit.com/ Name: _ljtrtb_83
Value: LQVYA6C2-P-979V
.sitescout.com/ Name: _ssuma
Value: eyI1OCI6MTcwNDE3NTgxODU0NCwiNDgiOjE3MDQxNzU4MTkyOTEsIjQ5IjoxNzA0MTc1ODE1NzQ3LCIzOSI6MTcwNDE3NTgxOTI5MSwiNyI6MTcwNDE3NTgyMDEyNn0
.rqtrk.eu/ Name: browser_id
Value: 88deb437-0e30-4411-8bdc-455b8d1e91be
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cl~2fy6:19cg~2fy6:19bn~2fy6:19ab~2fy6:19bk~2fy6"
.resetdigital.co/ Name: ckbk
Value: 0000012629C73700
.clickagy.com/ Name: cb
Value: ZZOozIi4_HFE0QtKWbP_J4M7
.mgid.com/ Name: muidn
Value: o01kkSkaw1am
.mgid.com/ Name: __cf_bm
Value: eTXB6Yyg.7sX0ect7kBTa4sItdct5n_gOAj_rmaMtDo-1704175820-1-AWKSpOuLMG9ea8Q1a0qz3+j45ONFJFtx/Z1cxEAYPrTuapkKOcJ0BBYUJWEWbCO9If3n7tP+D22pRtEgCzqCETM=
.c.cintnetworks.com/ Name: TiPMix
Value: 56.13823941035232
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
.rlcdn.com/ Name: rlas3
Value: ZXDf3oQm6QCwZBBraK41eTF8qITSox0S2GXq86SZLmk=
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!54-2!54-3!54
.zeotap.com/ Name: zsc
Value: %3E%CB%FA%8F%E3%D0%E2%7F%8D%AC%A3%24C%C9n%8E%FDA%13%9E%3E%C8Fn%FEgQ%9Bj%98%CF%18t%40%83%E7%98%23%10%F1%08%90zK6%2C%16%D07%F0%D4%C50a%BE%24%40%EC%D1%1B%83%21%07%F9%1B%3C%13%60%8F%24%18%B3%D2U%17%D2AQ%AD%F7J%FB%98%AE-%DC%D8C%2B%92%C4oi_
cm.mgid.com/ Name: mg_sync
Value: {}
.lijit.com/ Name: _ljtrtb_26
Value: da1570b0-c1cf-4bc6-9218-2052f4462aa2
.lijit.com/ Name: _ljtrtb_84
Value: ZZOozAu5GZ6pX6O__KUV8TID
.shareaholic.com/ Name: c_id
Value: bd5d2a6f-9cd2-4114-bfbd-f44d88022079
.agkn.com/ Name: u
Value: C|0CAAAAAAALSZlTAAAAAABAQEWAAAAAA
.mediawallahscript.com/ Name: mCookie
Value: 9bb89471-a935-11ee-9a14-09a46abdd79a
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
aorta.clickagy.com/ Name: chs
Value: [{"ch":"120","t":"2024-01-02 06:10:20"},{"ch":"128","t":"2024-01-02 06:10:20"},{"ch":"8","t":"2024-01-02 06:10:20"}]
.postrelease.com/ Name: visitor
Value: 8befcf8f-66f5-474e-aaea-bdfe95dabb45
.postrelease.com/ Name: status
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|SuXSJ8qf5j32OiSsEu61T3tILjz457iVgB3Cdtbx4lksHWR5Str/3dsMXV0fKkkEQE9wUtFMHL9CqQ3+tQhlLHMDvubSxZCG6XkpxWjLVqA2lbIZpOyshevdGJvCae5zoxw3IrM1QdF01qAbJMnMkb36B19O7vOZ3sp+uxZOeRk6MWqnocaYWw==
.crsspxl.com/ Name: uid
Value: 253187952623074748
.crsspxl.com/ Name: uuid
Value: e3aafd66-1647-46be-ab60-c21c21da3105
.semasio.net/ Name: SEUNCY
Value: F09CC1D9EA8FDF20
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005%22%2C%22nxtrdr%22%3Afalse%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIbGl2ZXJhbXASCwiOgYSN8NjFPBAFEhYKB2JsdWVrYWkSCwiIjruU8NjFPBAFEhkKCmxpdmVpbnRlbnQSCwiI4NWt8NjFPBAFGAEgASgCMgsImoydtIfZxTwQBTgBWgd2eHNydjNpYAI.
.thrtle.com/ Name: mc
Value: eyJpZCI6IjhjZThjMTRjLWVjNjAtNGEzYS1iNDU1LTgxNWIyYzllZDFiNiIsImwiOjE3MDQxNzU4MjEwNDEsInQiOjE4fQ==
.thrtle.com/ Name: sc
Value: eyJpIjoiOGNlOGMxNGMtZWM2MC00YTNhLWI0NTUtODE1YjJjOWVkMWI2Iiwic2lkIjoic2lkLTlhYmI4MmM3LWE5MzUtMTFlZS1iZDMzLTAyNDIwYWZmMDExNCIsIm1zIjoxLCJ0cyI6MSwicHMiOjksInNwIjo1MDM2LCJwcCI6OSwidHNlIjo5LCJpciI6dHJ1ZSwibHRzZSI6MTcwNDE3NTgyMTA0Mn0=
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024
Value: %7B%227bYSR%22%3A1%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005%22%7D
.lijit.com/ Name: ljtrtb
Value: eJw9kklzGjEQhf8L56iqW62tc5thDJjFQIUlnotL21RMDoRybByn8t8tcci13%2Ff0nlr6O9IAOPo6spy8ohgHJLDWoAwhEkXMyRvrEEdfRtIULnnUFgKIiHEQKkQjWKITErQclDLSe1lYrKziKMEnEBqkFCqBFAGQhLSQyebsrHTCaCbvohVaaypOxcW5PM6iXu%2F6vhuONdneGpKhZJKgVEKVTEF49CwSULHaEKzLlS3opAW2Y9vqSdOplloG5jGrkqTRdu2tIFAB15t91A7KzTO4YJSXFDR5Rh8xIOiAlXVQK20Pj40xncCxmJajypxrFiOyZAZSSloJLG%2BSo%2F%2BWsRQbwZYPdazKuO%2FX54%2FmVU978%2Bu7WT89LfYHt7vvqq6L3jSNmYNdzvG%2BadqV2jRXbq9VrUt9S3f%2B7bl%2F3pwuecvnF%2FdjDi%2F54%2Ff77M954d535qrb9%2BW%2B76Z3dZu1R%2Fc46Zd4WTWkjqfJ9mfHk4f5drPdf4PjqVm9Hh8anG0ui8LbGpGNNJwVCuJBC3CYBOSyaU1aKSRSWaVap75KIgWECcVAxgplnRVugCiGKBUMwTtXvsK%2FTx9TmUU%3D
.lijit.com/ Name: _ljtrtb_97
Value: RX-afd4aea6-6444-4640-b241-b0b8aefc9f1b-005
.blismedia.com/ Name: b
Value: 6593A8CD2A2D4DEABD145670BLIS
.smadex.com/ Name: smxtrack
Value: 39e73050-11e2-4ca1-8423-633016ed6444
.smadex.com/ Name: smxdc
Value: 1
.smadex.com/ Name: smxltm
Value: 1
pool.admedo.com/ Name: tuuid
Value: 89cb7409-019b-4b73-8fa4-8aacae72094d
pool.admedo.com/ Name: c
Value: 1704175821
pool.admedo.com/ Name: tuuid_lu
Value: 1704175821
.smadex.com/ Name: smxbds
Value: 1
.aidata.io/ Name: __upin
Value: q3BGeCNEfdNu0fqjGeCfGw
.aidata.io/ Name: __upints
Value: 1704175821

24 Console Messages

Source Level URL
Text
network error URL: https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://medz.forumituct.com/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://master.aimistik.com/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
network error URL: https://master.aijos.info/url(https:/fonts.googleapis.com/css2?family=Fira+Sans+Condensed:wght@300&display=swap%27
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://master.aijos.info/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
network error URL: https://bolamerahhk.com/wp-content/uploads/2023/01/cropped-pngwing.com_.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bolamerahhk.com/wp-content/uploads/2023/01/cropped-pngwing.com_.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://master.aijos.info/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://master.aimistik.com/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://net.itupaito.com/paito-harian-hk/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://data.bolamerah.net/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://data.bolamerah.net/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://net.itupaito.com/paito-harian-hk/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://net.itupaito.com/paito-harian-hk/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://pools.comunityhk.com/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://pools.comunityhk.com/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://net.itupaito.com/paito-harian-hk/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://pools.comunityhk.com//master/index_hk.php
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
security error URL: https://pools.comunityhk.com//master/index_hk.php
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7CyjSZHio99Iu_wQ8e-eYFF' because its MIME type ('image/gif') is not executable.
network error URL: https://cs.krushmedia.com/de7ce10e57c2d3dc3202d108c71b2d20.gif?puid=a7a0daf7-bdbf-4648-8ab3-f066fbde44ff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.search.spotxchange.com/partner?source=lotame
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
a.dtssrv.com
aa.agkn.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ajax.googleapis.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
audex.userreport.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
blog.itupaito.com
blogger.googleusercontent.com
bolamerah.net
bolamerahhk.com
c.cintnetworks.com
c1.adform.net
cdn-tc.33across.com
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cm.smadex.com
cms.analytics.yahoo.com
cms.quantserve.com
connect-metrics-collector.s-onetag.com
creativecdn.com
cs.krushmedia.com
d.agkn.com
d.turn.com
data-beacons.s-onetag.com
data.adsrvr.org
data.bolamerah.net
de.tynt.com
dis.criteo.com
dmp.adform.net
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dtsedge.com
e.dtscout.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
geo-um.btrll.com
get.s-onetag.com
gistcdn.githack.com
global.ib-ibi.com
gum.criteo.com
i.liadm.com
i.simpli.fi
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idpix.media6degrees.com
idsync.reson8.com
idsync.rlcdn.com
image6.pubmatic.com
jadserve.postrelease.com
live.rezync.com
livedraw.pro
load77.exelator.com
loada.exelator.com
loadm.exelator.com
loadus.exelator.com
map.cookieless-data.com
map.go.affec.tv
map.sddan.com
master.aijos.info
master.aimistik.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
medz.forumituct.com
mid.rkdms.com
ml314.com
mwzeom.zeotap.com
net.comunityhk.com
net.forumituct.com
net.itupaito.com
nlsn.thrtle.com
onetag-geo.s-onetag.com
p.rfihub.com
partner.mediawallahscript.com
pd.sharethis.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.onaudience.com
pixel.shareaholic.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pools.comunityhk.com
pphtbms.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
px.ads.linkedin.com
rc.rlcdn.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-gl.imrworldwide.com
secure.adnxs.com
sniperbom.files.wordpress.com
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync2.resetdigital.co
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tag.crsspxl.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
thrtl.redinuid.imrworldwide.com
thrtle.com
token.rubiconproject.com
tr.blismedia.com
track2.securedvisit.com
trc.taboola.com
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
ws.rqtrk.eu
wt.rqtrk.eu
x.bidswitch.net
x.dlx.addthis.com
x01.aidata.io
ad.mrtnsvr.com
dmp.truoptik.com
geo-um.btrll.com
global.ib-ibi.com
match.adsrvr.org
net.forumituct.com
net.itupaito.com
pr-bh.ybp.yahoo.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.smartadserver.com
synchroscript.deliveryengine.adswizz.com
104.17.24.14
104.18.21.134
104.18.35.167
104.18.36.18
104.19.129.76
104.20.80.99
104.21.14.49
104.21.234.231
104.21.3.233
104.21.49.157
104.21.5.167
104.21.62.111
104.21.83.228
104.26.13.60
104.36.115.113
107.178.240.89
107.178.254.65
107.21.239.57
108.138.106.126
108.138.106.5
108.138.128.34
108.139.29.87
13.107.42.14
13.225.214.50
13.225.214.96
13.225.63.20
13.226.34.120
141.101.120.10
141.94.170.64
142.250.176.202
142.250.64.97
142.250.65.193
142.250.65.194
142.251.32.102
142.251.40.131
142.251.40.170
15.235.42.103
151.101.129.44
151.101.130.49
156.146.36.24
158.69.254.144
172.64.153.173
172.67.129.70
172.67.136.7
172.67.163.146
172.67.185.11
172.67.40.173
178.128.53.131
18.118.251.87
18.173.132.61
18.210.253.180
18.214.231.102
18.232.255.36
18.238.55.16
18.238.55.22
185.167.164.39
185.184.8.90
192.0.72.19
192.184.68.215
198.148.27.131
199.38.167.130
207.198.113.87
212.83.160.162
213.19.162.90
23.196.3.185
23.216.137.114
23.22.70.171
23.51.57.13
23.7.64.229
3.130.26.161
3.223.167.169
3.33.220.150
3.90.211.105
34.111.113.62
34.117.77.79
34.171.234.26
34.171.47.125
34.193.243.45
34.197.192.192
34.200.65.202
34.206.6.177
34.232.140.51
34.232.56.123
34.96.105.8
34.98.64.218
35.169.211.189
35.207.24.140
35.210.53.219
35.211.178.172
35.244.154.8
40.71.11.141
44.234.228.147
50.116.194.21
50.116.194.23
50.16.197.56
50.31.142.127
50.57.31.206
51.158.29.13
51.222.105.60
52.200.110.248
52.46.155.104
52.72.21.140
52.73.244.49
52.86.139.62
54.156.159.24
54.236.155.124
54.88.205.204
54.89.198.103
63.251.86.49
63.251.86.51
67.202.105.22
67.202.105.23
67.202.105.24
67.202.105.34
68.67.160.186
69.173.151.100
69.194.240.13
70.42.32.95
72.44.44.12
74.119.119.139
74.119.119.150
74.121.140.211
8.2.110.134
82.145.213.8
89.108.120.68
99.83.181.31
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0194ee909858ac0b6352d882746272548157bf88b91771c08ddaf11642b513b8
01d50cf1fef1db2e325c6ef1875bb76d16dde50eac69f6b9d864ff5b6c2b0527
034044087a544b54d334f392e09ea98f3612ca8e99ef74afb0998a83f09868ff
04f603e8ca70ab2fe4e27345b6ed4777e0d4229e10158318d2d56188737e3c6d
05699461ad93a208b9bfdad5c922cb312c0c114b91384b5560e1d2466e7e1fb0
05e0c3c1c0901db7a1076e2160993987e9efe89b62ad5fdc8005417fec6eb722
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
06f4127dbd19996763ec55ace69d11c721df35853d7603a695b856881f7593ce
073ec469082f98b81bf0038021090404b1f7533ab236c6633f58df8463d4542b
076c04e6c66c61eb8da2aa5495c3596cd9aa45dfbb40d517c21793cba0fd6a9a
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d57a235d8207f4b1585df7930ec30f2a4a51b90a66cbf51ed7f3366d17ed341
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e402015dcd22393c0f75f6f1c5e51279a3d0cc15563ae0e538b90d829c440c4
0f1db60ef59372063a852c38c181edcb69f2ea224a3dcda1278ade694e32be95
0f69fdf64c28eb48dc46dd9bbc2ae7be055050137a752256fb3df9e49bf5e71c
10525d6414fd7e4bfded204f858a0b7d5e0c84670f945efe5f582400c1bbae3b
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
138e7f355c55bbf2b7b3bbed2b52f37ed4b733dc7715eb10aa2c2bcda7d23a35
170fc8ce076be1d4541eef1e0ee47854425c22cfd95e7e65db1eb3cb2b664730
1940303cab7917f02e0bcfa14cb81e26f160391a1ed531354fa0e132051ed03b
1b91e4c9ac872cb9fca0f2b2b2a0b972ec7fd74b7357cdd8a2ac4b4f145ea3e0
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1d23cde62ca806c8ad79f619f41e522a1f5f4b5b5f5f0f90602748b0e1dfe04c
1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
216b156ebf8735a24e403b2130b74e361d1b30d30e437ccb30902552aa75d6ba
241f9d845bddbf879723715f7652c2d58b61c763de58267df15a12cd6bd04433
247659832ca7c683f871af98b615ae4a20dc7e870a3ecd269d34ccc1119016e0
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
297d7650aba640555e25d8ddd3367b007f9e4d752637eb4a153a58fadb9bcc78
29950dfa94fac7f25463ea7a1708a6601334bc7006a4813ece81367608f66f58
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2c0e53255b1a1aafc6f831eab888822b06856a1513d8d50061a4e6f1544f7b32
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
2c74a002af7345dd47e894013261ef8393751ae80f16a08170fe4ea8a89aa47a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32b98d72d997cb3f5c346c1a25a5317cde74d32c5cb790437f1015f9e7d62fc6
3415e5f8a37fa5015a3d73d41543396403f0ddfe053e493f21508d07e0100188
38c94145b4069f06159391d6043446b680da7c5c24497c0ba7129804ec4f87ae
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3a0208d5d07f003699897a82865d87e3fa4c01c52eb9a29bc39568ff8c2998b4
3a0acea784f672f8c25d8f759234ef48bc72070b0d70aa7173f4d540069b4e87
3a4fa44201d7d99bcd15b4675c64e6bf9015cf220d3298dc5f43c3263d905fa2
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e7514c70c53f04a3fb9e3988b373bdf352a4a9240e9d90e406a22d0bd67daf9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44771277bf2cef6b0321f4192961868dadd627f659698da5fdc8f3d5924a9af4
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
477468e76819f7ffa50820bbe501cf8232c00249e84b64305c2536f867358f1e
483b812d41d94b9639b344476909c7f5d884f24872d20e59ddf11794f9cb30f6
48b9d06d698b8e0488480551dd957a0003c349be64c947120eb9e6e4db80dac2
4939ec43504b049baac11915f63710ffabf7bbacdc5ec97b3e67ba5bba60aedd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be767e656e1835ac64fe3653974acd312d2d4ea0ac0f66136cd123bb7ec79a4
4cfbf48309fef9ae9fb4d65f299faddea25f08186b6cb7cce05e40c6b8cd52c3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f795705bc67bc00b8f39980b7d44da8c00d604eb6086f089def237313b7baaa
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f8f7957caf90c874f7ea8f31a719daebd3bd1ea56f4ee0e5a3e5620a96fda1f
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
514b74e42d0167f0bbb35d799b14dea829ff58dbd628b6dc7f8c68a9f8fa4319
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ca2354d933350abd9fa1d1b028e14fdc5beb63fcbb94e0d5b56698a30eaa4
58d2279604129dedca746d0bf78c79a34e4359175e0450787308bcdaf924c387
5a24246aa191e1fa0be249ef51a63e7ece904e1ddaaaa4788bf4e7a1ea93b73e
5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3
5d2e1e9dbe00654990b0267935736cc647258544813e4478e9075f9d97943b1b
5d6ac37e2140b047c57dda8c1d8aa405afbaa6f248f21604e8c80b03f6a56a88
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
61c8a7e7fb9f931484a0f4f1ad9fffd134f92497ebd2fb11671bca96e5cd2553
6211ea4e1bd6ada3e9fc7ef0f07e50cda377df99dc20f5d8c9b6de885777b71b
623bab1883fecbb704a437b8c7ce60842820e32258bc27fbc9c49d8825742927
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
64f9ae246e391e369535df89981e49fff12a6bfa8408d1e169541b063aed5989
65ff71b69e1b131836cba65761d020f91e023fda6d2c2ce79cdc800c5c66e3d5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66fb4fd7897a98f57e23dd541e9106050a1c80fbe81e0bb01e65416ff794d21a
67cf42c4f76cf4a7ba9ea00aa101e2fffc3797949948b086ed795d8623787c9d
67f8c323cf8ce73b3139aab841ffb866c209800ef34769a361a58fd6357bb762
683d7de5939523b97d66ef8945811e7c816b5ce3510a4db59ecdc56ca6458ff1
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c158fc34ce6e00abdf272ff1a351568663bfe26125adb374bbf03cac6a1d410
6c2f40ba4590255297cc23447e062fbeecec35999ee078d26139ab076c2b1d4a
6c3fdc90f6c337dbd1f59985c1ba07df9558feb81e3273fd0285f879234e8b0e
6df13adf99c436212c241c7e8d9885acc483698ca07e2e7b5931e407bda9d21f
6f0289f02df0945a734b56cbe3d9219df261c030f5a08410a2dee5dfd79a25bd
6fc490ec6a9b3acd4ab42676d2be07d89f943b43c5fcfa814ff1a2240d8adafc
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
7148ff49f3150dd13414edad5cb6af017309cfe5e41aca15d5488c101d3b5429
71f82d49139d3790f2c8bd623dfd92939466b2b647c4359c55cab63b4ad4a995
734c14e84ff8761bc051ed5aaaf859e6405762c676239af86a63243231e01173
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
77178130cd8b95c698e128d522d3458c97241da87fe0498a3b440ae3eb68c7bc
79fd518534c7a5da85d4c1e31b84ef8492a73bfc195a59983579ebcdf97004f2
7a04f03a828f90b362b543933da7443803c7effd1d245e1171678558f8500458
7be8fc032b83c0cd2db1a584d5ef0f0450177d216a2104e19d4b20488a2a6398
7cda70e9848b04b3f0336c837846a04f5c71678c34b13e4c6d2378e74aceb57e
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7dd00f3d41a2866479e75a4a57e111e73d81d88525ed77e0b28ff94d58484c08
7e959f8e37d374f666e40d8fb752f240d66fd4ff6bf39f6fa786d5918ccb6c0b
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8148226bec5b67649a9ac129a4cd57ee1f446057dd773eaf72e8851d950fc0d2
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83711b52d1b6fd6c53c26e983bfb403fdc7bd55ce8190b70de29603fd3f87a88
8392dc30ec53d2430d32e019ff90e7d333969029db96f3d35ac30f62dbce051e
83e7227e04393bb6223ffc5ea952a7ae9f332cdb78207b178048a53f84e8918f
83eeeea912a5dd2c852e32ff5d37161f3c3e8146eadd605ed41be0a91a8f2150
850b6991ab57d86f8bb778ab6c208cd635ed85e9822c22a52cf755e719ac25eb
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8967c0995fbc07c6c4d30e5ca9b33604973de29f542d3710e6bbbcc1f7112022
8b99b55b444d1835b4222ab6335c7b8e863bd3c88650c667860939bfd14f22f1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
976e961524a9ca9d6a85aec8f727412829024095c2653c89ae7596e7dbdefda7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9c80887521a6a1366158ce77c2a3d88b9e2ddfa38ea667541d4660cab8249dfe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a123aa32f894c542eff1092ab2d6b533873240a2bffeb2cfba8940f5d0c32c14
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a62e208fb0cc12e4d0386a3fef7446e32389d1a3337a154801f6d85fd590ac04
a67172f9e581cf260753e871cb3e95578bb7ae68e5c3568a08dc30b1579051ad
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a96f5c5d8591da4219b0a43e92b9701d211ad30c11520d9ab677f6710715a99f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab63016140afc419d1550363e2abe5ecc1604d7c0eb64017006f9a2966a17d1d
ae7b0ccd124e3bca4c5508df205d3adfe27bf369af79e75e7b065873f2a26afb
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af9cc708ea9ac724a2f399afe8807324aa9ca7dcfd8659a2c912514aab065032
afc8ec27017051865f6411f798ef57415d2de6d19e687052719a2c6f46059eef
b00653f5ecbbaecc1a215636c3cc04936bb15e4fd74eb2eaae0a478473f5ce9f
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14591025cb1e1d8a630d746c326af8c9008608253259bc34c702ace3e0119cb
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
b1e8f3671b895855d015da09115d3e69a7358797385c3dd793a60ea8cf5ebee2
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b6ef23fa189bac70741ce7db369292ea3241388fc72ba2a5784f3a2f685eb1ce
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
b962771e91582a7dc95cbf9c6caa71c0ec9aa7ff0570c7924846947659dbdc4b
b9989bc0de26c565d6d1a1f0428738c0a8d4f81e9414a488a5414bf8e9775027
be94d0e3dc5a19a564e445be20558efee2eeb851b453faaaedf82f9e0db68f6d
bf7bcd84ded85142aa345266ee639e682d779af3796661f6cd582e28064e0397
bfc280b741345015c121cb4ccc1dcba510a3dadc5a146fbe9ed50f11f8c853a0
bfe0177916853c62de841be3cf164f710d5259e1218a8f7a4f3bf1975bbdba8b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c51607069a5b76b470244c7e380714aff441e04a3d3df5acd4cc8d6900876763
c549eca6d723d2d78691f886ce702f3df04cb59ed4848d778d2d4d68451eab4e
c5a63f739a50d01fd97bbde57f263cdfbec0421551f7d08e893cca85d537f398
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c89d8c559b9a191a9dfe87c831fa2872cc0be7403ce5fd79f16e4155645ac923
c9137cb0faccfda645b458e6ecfbd55fcc4bdbfdbf211c3dd974681398c86165
ca9e911ea400f2b634ff3f0318f7a6cc7d41bd63f631c61725dd496ae94af9a9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc01f8ebee210af194ddbd432dac60807a361bbc33e5dbfa0df41f13cbaf0a7c
cebdb9b0a3bc24cdd7dd1e20dcd35a6b9894e1e2681b2919b0d7b9da5c3f33e7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ffc024ebb4229f56b9caf73b5335cc2ff5df8b1ea2d9a5277ab71458864daa
d2338e35d5c5c90960a186e47f64438a3157fee1e9fe36d50b6729396b900df6
d2f8ddf56e742d7775fa43b3bb72580d7a2a4bc689ebf2cf3b82b40822e4e43e
d588a6e2995fd37bb8f00e20b3da3dbdfb0426e4f11943762c6573ca1f5fe801
d5baed18f367df463d3e539f2e14dec8c14d7b0c3a92ca6fafa720910fcf0f04
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb
d822a1c8566392123f15ab46b3acebbec0470bd634e113de9d42c085298c3f95
d8601e105167d22f226886e486ca4351330b5255350b853ee1b5fb7943c8750d
d956aa50ec0bd6f35d0b33b97793d5dd25e5c3a554517caec2d60ce0ae44055b
dc0ca217e0af034252bb6fdb87097b34c4b87f6d7b5c81b4b699a0341d48460a
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589
ddda443cdf4571845d1355643305b77436bea8dadade37744eac1ce86c4bbcb8
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deff2b9138367ad71a62077911774dd79c69569834b90bb991f396fbbddc22cf
df4bc03f643eaee45ba846c8fb5f8d29918e2dffac8f4e052ef94e665a7867e6
e1688533b1bb11d75812e5afc6b7844471b159688a7f5223f97a32eea9ee14c8
e29eec787b47f80e9c88f284711a9960b7234312cdee191b60b8a791110402b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9f802941f7b2b8ebf038a47cf739bda5a32cf0829d48408a25de7f4ebc5de
e78037d5acd790fbc3ffbf9c424d49913ea33a6520101833863027528a9e013a
e9399bf7570eb0eafa3574c3b8f9a54e9e25dafae4354f1add9375f8e78dc778
e9729ec8eca7b720fa6280807817ed3cc0dd55ab05c90233bf8d4acfee9aa6bc
ea21799355668ba49b22455718fdd784c76a0787e6473f28cae3d0ad66cf4955
ebc4a28d28ca4aeda6c0091aa3f29289d7db2def86b2eeca06672c73719dec42
ebd6573326882892ed88414467a25bb6c0f05266418e67816dbd8779c22b6be1
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ee1cd4858d434df63f0e26765fd551e0efbc2d40f3fab35f965c9b0b08794235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5320cab8ec82ec933f0e147b99b9fe1442f42af8ebe232838904ea9dd049d1
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
f2148e4d782585cf051fc1e4260e1aac881e9b3d7016a5a88f709ac8667124f1
f2b411a9869c49218697496b622af3dac5f781207506b14159fdf7569c483978
f36c99bb1cb6d812cadc4689f516bec97252dbfc1fa45e031899d649ef927850
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f54446d7bcb59ffd58248331f57266965d83171c98f39467e7efaa010d7ab20c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f8a6839c25c2aa44015b47181b2f49246e097e6aa4b3bbb28bc06f25021b3a7b
f8fc099809f261ede1e3d1b673e565c7a030820c6dbcc66ad91a01377931997b
fb6e3d718ec50be14d2eb7fb0feaa27a40f1f010c39ba51a3623d4373ac04e29
fbc30fd5841951aa57b44c605c577c1d73d3d37c8fdc733ac76bae922c8f257f
fc1a3050157d2ae962e88cbeed2f23f34567d5cbe210e775ee61342c9e8f3015
fd1ecc634e73503f6324cdb6a0d2e4d2de9fb606c52579001481c8bde7343857
fe8611e2797a0caf3c8b630735086b562db83b61278f5087cbd11cfb842b8f57