mothership.sg Open in urlscan Pro
2606:4700:10::6816:227b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mothership.sg/2022/01/ocbc-scam-victims/
Submission: On January 14 via api (January 14th 2022, 1:27:16 pm UTC) from US — Scanned from DE

Summary HTTP 173 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 33 domains to perform 173 HTTP transactions. The main IP is 2606:4700:10::6816:227b, located in United States and belongs to CLOUDFLARENET, US. The main domain is mothership.sg. The Cisco Umbrella rank of the primary domain is 201509.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2021. Valid for: a year.

This is the only time mothership.sg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:10:... 2606:4700:10::6816:227b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700:10:... 2606:4700:10::ac43:2516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4019:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 3	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
5	104.102.30.13 104.102.30.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	52.48.241.99 52.48.241.99	16509 (AMAZON-02) (AMAZON-02)
1	18.168.182.140 18.168.182.140	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:69b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.60.34.167 45.60.34.167	19551 (INCAPSULA) (INCAPSULA)
1 3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	132.145.232.67 132.145.232.67	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
9	52.59.85.35 52.59.85.35	16509 (AMAZON-02) (AMAZON-02)
9	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a04:4e42:54:... 2a04:4e42:54::760	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:5... 2600:1901:0:524d::	15169 (GOOGLE) (GOOGLE)
4	2600:1901:1:5... 2600:1901:1:5ca::	15169 (GOOGLE) (GOOGLE)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1	3.127.253.208 3.127.253.208	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1 1	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4019:805::2001	15169 (GOOGLE) (GOOGLE)
1	119.63.197.150 119.63.197.150	38627 (BAIDUJP B...) (BAIDUJP Baidu)
11	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	54.211.176.244 54.211.176.244	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
173	47

33 2606:4700:10::6816:227b (United States)

ASN13335 (CLOUDFLARENET, US)

mothership.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mothership.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:2516 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4019:80b::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:1:c36:: (United States) 1 redirects

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.30.13 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-30-13.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.241.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.182.140 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-182-140.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:69b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.34.167 (United States)

ASN19551 (INCAPSULA, US)

uid.mediacorp.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.145.232.67 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

mediacorp.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.59.85.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:54::760 (United States)

ASN54113 (FASTLY, US)

open.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.scdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.84.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o22381.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:524d:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

apresolve.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:1:5ca:: (United States)

ASN15169 (GOOGLE, US)

gew1-spclient.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.253.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-253-208.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.150 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

sg.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.211.176.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-176-244.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	mothership.sg mothership.sg — Cisco Umbrella Rank: 201509 static.mothership.sg — Cisco Umbrella Rank: 279303	5 MB
13	popin.cc api.popin.cc — Cisco Umbrella Rank: 20081 sg.popin.cc — Cisco Umbrella Rank: 446330 log.popin.cc — Cisco Umbrella Rank: 22720 r.popin.cc — Cisco Umbrella Rank: 22227 inrecsys.popin.cc — Cisco Umbrella Rank: 22963	126 KB
11	googlesyndication.com 38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127 pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	122 KB
11	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 569 eb2.3lift.com — Cisco Umbrella Rank: 355	3 KB
10	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 351	8 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	157 KB
10	vidy.com static.vidy.com — Cisco Umbrella Rank: 96642 api.vidy.com — Cisco Umbrella Rank: 118289	297 KB
8	spotify.com 1 redirects open.spotify.com — Cisco Umbrella Rank: 3322 apresolve.spotify.com — Cisco Umbrella Rank: 984 gew1-spclient.spotify.com — Cisco Umbrella Rank: 7558	11 KB
7	scdn.co open.scdn.co — Cisco Umbrella Rank: 6345 i.scdn.co — Cisco Umbrella Rank: 1383	700 KB
7	moatads.com z.moatads.com — Cisco Umbrella Rank: 348 mb.moatads.com — Cisco Umbrella Rank: 566 geo.moatads.com — Cisco Umbrella Rank: 608 px.moatads.com — Cisco Umbrella Rank: 393	81 KB
6	teads.tv a.teads.tv — Cisco Umbrella Rank: 1125	1 KB
6	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1395 bcp.crwdcntrl.net — Cisco Umbrella Rank: 538 sync.crwdcntrl.net — Cisco Umbrella Rank: 641	19 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 347	103 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	217 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	1 KB
4	mediacorp.sg uid.mediacorp.sg — Cisco Umbrella Rank: 84027	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 124	2 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3577 collector.brandmetrics.com — Cisco Umbrella Rank: 4068	17 KB
3	gstatic.com fonts.gstatic.com	81 KB
2	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 2991	875 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	529 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	386 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8579	792 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 465	355 B
1	sharethis.com sync.sharethis.com — Cisco Umbrella Rank: 2485	232 B
1	ml314.com ml314.com — Cisco Umbrella Rank: 1202	422 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 402	304 B
1	sentry.io o22381.ingest.sentry.io — Cisco Umbrella Rank: 15195	245 B
1	gscontxt.net mediacorp.gscontxt.net — Cisco Umbrella Rank: 113774	520 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	45 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	87 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
173	33

	Domain	Requested by
20	mothership.sg	mothership.sg
13	static.mothership.sg	mothership.sg
9	ib.adnxs.com	mothership.sg
9	tlx.3lift.com	mothership.sg
8	securepubads.g.doubleclick.net	mothership.sg securepubads.g.doubleclick.net
6	tpc.googlesyndication.com	mothership.sg securepubads.g.doubleclick.net tpc.googlesyndication.com
6	open.scdn.co	open.spotify.com
6	a.teads.tv	mothership.sg
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	api.vidy.com	static.vidy.com
5	api.popin.cc	mothership.sg api.popin.cc
5	connect.facebook.net	mothership.sg connect.facebook.net
5	static.vidy.com	mothership.sg static.vidy.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	px.moatads.com	mothership.sg
4	gew1-spclient.spotify.com	open.scdn.co
4	uid.mediacorp.sg	mothership.sg uid.mediacorp.sg
4	www.google-analytics.com	mothership.sg www.google-analytics.com
3	r.popin.cc	mothership.sg
3	log.popin.cc	mothership.sg
3	www.google.com	1 redirects mothership.sg tpc.googlesyndication.com
3	tags.crwdcntrl.net	mothership.sg tags.crwdcntrl.net
3	sb.scorecardresearch.com	1 redirects mothership.sg
3	open.spotify.com	1 redirects mothership.sg open.scdn.co
3	fonts.gstatic.com	fonts.googleapis.com
2	in.treasuredata.com	api.popin.cc
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	bcp.crwdcntrl.net mothership.sg
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	www.facebook.com	mothership.sg
2	cdn.brandmetrics.com	mothership.sg cdn.brandmetrics.com
1	inrecsys.popin.cc	mothership.sg
1	googleads.g.doubleclick.net	mothership.sg
1	sg.popin.cc	api.popin.cc
1	38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	sync.crwdcntrl.net	bcp.crwdcntrl.net
1	secure.adnxs.com	1 redirects
1	analytics.twitter.com	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	tags.bluekai.com	bcp.crwdcntrl.net
1	apresolve.spotify.com	open.scdn.co
1	o22381.ingest.sentry.io	open.scdn.co
1	i.scdn.co	open.spotify.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	mediacorp.gscontxt.net	mothership.sg
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	z.moatads.com	assets.adobedtm.com
1	www.googletagmanager.com	mothership.sg
1	assets.adobedtm.com	mothership.sg
1	fonts.googleapis.com	mothership.sg
173	55

This site contains links to these domains. Also see Links.

Domain
www.mothership.sg
ge2020.mothership.sg
www.facebook.com
twitter.com
hubs.li
t.me
www.isc2chapter.sg
www.channelnewsasia.com
instagram.com
traffic.popin.cc
a.popin.cc

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
vidy.com Cloudflare Inc ECC CA-3	`2021-06-20` - `2022-06-19`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.spotify.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-03` - `2022-05-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-22` - `2022-06-23`	6 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.scdn.co DigiCert TLS RSA SHA256 2020 CA1	`2021-08-06` - `2022-09-02`	a year	crt.sh
*.ingest.sentry.io R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2021-05-11` - `2022-06-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://mothership.sg/2022/01/ocbc-scam-victims/
Frame ID: 20FDC81B2E99AF4CAC93FD8E6861B812
Requests: 125 HTTP requests in this frame

Frame: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Frame ID: 3D5D711E8224B9B76DA67D71087EC3A7
Requests: 8 HTTP requests in this frame

Frame: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Frame ID: 1A5E07776E8EE2D44A8291082F79314A
Requests: 13 HTTP requests in this frame

Frame: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fmothership.sg
Frame ID: 0C403EAD8887F7D66D40C6A7B429CD79
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=14876
Frame ID: C7E00CA1CDB83EA07D3C016E27B9A5B9
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876
Frame ID: DBDC5FA88647CD71D35CDE0CD65A0630
Requests: 7 HTTP requests in this frame

Frame: https://38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E490F44067AB224FAB912E84C9CA4A67
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 73085A2C87E7155F4BBA7E391C4E39D8
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB82C1C76F52559B52C9A94C1D1A5D31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EEB233662EC99B8AF099BA6C79A92077
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OCBC S'pore scam victims, many who lost life savings, slam bank for underwhelming response - Mothership.SG - News from Singapore, Asia and around the world

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

173
Requests

98 %
HTTPS

44 %
IPv6

33
Domains

55
Subdomains

47
IPs

8
Countries

7314 kB
Transfer

11923 kB
Size

34
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mothership.sg/tag/covid-19
Title: Covid-19

Search URL Search Domain Scan URL

URL: https://ge2020.mothership.sg/
Title: GE2020

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://mothership.sg/2022/01/ocbc-scam-victims/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=OCBC%20S%27pore%20scam%20victims,%20many%20who%20lost%20life%20savings,%20slam%20bank%20for%20underwhelming%20response&url=https://mothership.sg/2022/01/ocbc-scam-victims/

Search URL Search Domain Scan URL

URL: https://hubs.li/Q0106Lhs0
Title: PSB Academy Open House 2022 15 January 2022 - 15 January 2022 Online

Search URL Search Domain Scan URL

URL: https://t.me/mothershipsg
Title: Follow us on Telegram for the latest updates: https://t.me/mothershipsg

Search URL Search Domain Scan URL

URL: https://www.isc2chapter.sg/
Title: ISC2

Search URL Search Domain Scan URL

URL: https://www.channelnewsasia.com/commentary/bank-phishing-scams-ocbc-who-bears-costs-customers-2423556
Title: CNA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MothershipSG
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/mothershipsg
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/MothershipSG
Title: Twitter

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Fsingles-inferno-song-jia%2F

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fwww.lofficielsingapore.com%2Fbeauty-awards-2021%2Flofficiel-beauty-awards-2021-best-hydrating-essence-by-philocali%3Futm_source%3Dbaidu%26utm_medium%3Dserp%26utm_campaign%3DLOBA21&data=eyJjdmlkIjoibHV4dW8uc2ciLCJwYiI6InBvcGluIiwiYyI6IjAuMDUiLCJ0eiI6InNnIiwiZiI6IjIiLCJuaWQiOiI2MWM2OGY5NzlhMTA1MjdlNzAyZjU0YTQiLCJtX2NhdCI6IiIsImNhbXBhaWduIjoiNjFjNDI2MTc5YTEwNTI0YTU0Nzg1ZWQ0IiwibWVkaWEiOiJtb3RoZXJzaGlwLnNnIiwiZGV2aWNlIjoicGMiLCJsX2NhdCI6IklBQjI1LTYiLCJtIjoiMjczNjk0NDcifQ==&token=bb0506997ae8896242bf0dc1306be4b8&t=1642166832359&uid=597c8d3033fc072f66a1642166831332&api_host=sg.popin.cc&logid=25a859db-9191-46e5-b59a-66b1c1113166&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=a00f8386-c4e9-472b-a0af-c326a00cd797

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Frfvtgb.tiparents.com%2Fworldwide%2Fnokor-ta%3Futm_medium%3Doutbrain2%26utm_source%3Doutbrain2%26utm_campaign%3Dpo-tp-nokor-des-si-an-26081&data=eyJjdmlkIjoiQmVhY2hyYWlkZXIiLCJjIjoiMC4wNCIsInR6Ijoic2ciLCJmIjoiMiIsIm5pZCI6IjYxMjc5ZDVkOWExMDUyNGQ1ZDZhNTViMCIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxMjc5Y2Y1OWExMDUyMDU3NjNmOGU3MCIsIm1lZGlhIjoibW90aGVyc2hpcC5zZyIsImRldmljZSI6InBjIiwibF9jYXQiOm51bGwsIm0iOiIyNzM2OTQ0NyJ9&token=1e707c350d64d0c34e119f518e608f24&t=1642166832359&uid=597c8d3033fc072f66a1642166831332&api_host=sg.popin.cc&logid=25a859db-9191-46e5-b59a-66b1c1113166&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=a00f8386-c4e9-472b-a0af-c326a00cd797

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Fcpf-retirement-planning%2F&data=eyJjdmlkIjoibW90aGVyc2hpcCIsImMiOiIxLjAiLCJ0eiI6InNnIiwiZiI6IjEiLCJuaWQiOiI2MWUxMzc3MDBmYzEwYzUxOGE3MjgyNjQiLCJtX2NhdCI6bnVsbCwiY2FtcGFpZ24iOiI2MWUxMzZhODBmYzEwYzA4NzU0YmZiYjQiLCJtZWRpYSI6Im1vdGhlcnNoaXAuc2ciLCJkZXZpY2UiOiJyZXNlcnZlZF9wYyIsImxfY2F0IjpudWxsLCJtIjoiMCJ9&token=cb7fe179c1f025e09b735e72b76b0c85&t=1642166832359&uid=597c8d3033fc072f66a1642166831332&api_host=sg.popin.cc&logid=25a859db-9191-46e5-b59a-66b1c1113166&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=a00f8386-c4e9-472b-a0af-c326a00cd797

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Frfvtgb.tiparents.com%2Fworldwide%2Fcrab-ta%3Futm_medium%3Doutbrain2%26utm_source%3Doutbrain2%26utm_campaign%3Dpo-tp-crab-des-si-an-01091&data=eyJjdmlkIjoiQmVhY2hyYWlkZXIiLCJjIjoiMC4wNCIsInR6Ijoic2ciLCJmIjoiMiIsIm5pZCI6IjYxMmY0ZjEzOWExMDUyMjFlNzM3Njk2ZSIsIm1fY2F0IjpudWxsLCJjYW1wYWlnbiI6IjYxMmY0ZWMzOWExMDUyMjFlNzM3Njk2YyIsIm1lZGlhIjoibW90aGVyc2hpcC5zZyIsImRldmljZSI6InBjIiwibF9jYXQiOm51bGwsIm0iOiIyNzM2OTQ0NyJ9&token=38f6425b7867e7b8158a88575bfa82e6&t=1642166832359&uid=597c8d3033fc072f66a1642166831332&api_host=sg.popin.cc&logid=25a859db-9191-46e5-b59a-66b1c1113166&extra=m_ch_pc&mode=20170420&referer_type=organic&td_client_id=a00f8386-c4e9-472b-a0af-c326a00cd797

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Fang-mo-kio-details-case-murder%2F

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Fsingapore-couples-more-sex-circuit-breaker%2F

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Fang-mo-kio-murder-wife-pregnant%2F

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fmothership.sg%2F2021%2F12%2Fallan-wu-covid-19%2F

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://open.spotify.com/embed/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator HTTP 302
https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator

Request Chain 70

https://sb.scorecardresearch.com/b?c1=2&c2=33485696&ns__t=1642166829827&ns_c=UTF-8&cv=3.5&c8=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&c7=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=33485696&ns__t=1642166829827&ns_c=UTF-8&cv=3.5&c8=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&c7=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&c9=

Request Chain 124

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=765361607%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=765361607/tpid=4467061633932302475/tp=ANXS

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

173 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mothership.sg/2022/01/ocbc-scam-victims/ 60 KB
14 KB 73ms
35ms Document
text/html 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df90e395facda9b171e2669652b307fd3fa5200309236f0a77c41a0f556f2ae6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: text/html
last-modified: Fri, 14 Jan 2022 11:02:39 GMT
cf-cache-status: HIT
age: 832
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6cd733395c7c6957-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 home.js Show response
mothership.sg/assets/js/ 294 KB
89 KB 42ms
41ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/home.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ef35e34b7546f486bceb6132b1e508da72207d6f2e1ed62f323656fe7522ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 723
etag: W/"61003deb-499e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd73339ad416957-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 49ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:700,700i|Libre+Franklin:400,400i,700,700i

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35436da0050b980fc6cb97d8f844a1914730d9d894066cd566bfb1968f58ecd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:27:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:27:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:27:09 GMT

GET
H2 200 embed.min.js Show response
static.vidy.com/ 5 KB
3 KB 62ms
33ms Script
application/javascript 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/embed.min.js

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151585
age: 3177
x-guploader-uploadid: ADPycduucp1E7RaHqI00UwArDe8EfcmSwzdrsFkFYgo4HS71F6jevOr9EHHE9aSkC9nhqPBTW0tiZow7JQ3494_d-IY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:31 GMT
server: cloudflare
etag: W/"b145d7539e78b5b1784435a21008f41b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=6c3BQg==, md5=sUXXU554tbF4RDWiEAj0Gw==
x-goog-generation: 1632151650900589
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,s-maxage=14400,max-age=1800
x-goog-stored-content-length: 4803
cf-ray: 6cd73339db674ac2-FRA
expires: Fri, 14 Jan 2022 16:34:12 GMT

GET
H2 200 launch-e53716caf862.min.js Show response
assets.adobedtm.com/2926360f3839/716a789d2964/ 291 KB
87 KB 32ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2926360f3839/716a789d2964/launch-e53716caf862.min.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4786b07740c16fb85d652560760bbda58f393ae008120b0ea1bc9b3aeda64222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 18:16:42 GMT
server: AkamaiNetStorage
etag: "2ad513feec6e172ad17f3a84b7020b07:1639505802.718644"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://mothership.sg
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 88163
expires: Fri, 14 Jan 2022 14:27:09 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f2f2a419db196519c0a8928d309d98c8408f5dc13ca314b1be6eca17be256e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bJ6zwbQW83gpr4S3Cmuphg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1684
x-fb-rlafr: 0
x-fb-debug: wu3xT3Jnhw7dBUZ0km08nE7DLCRPoYnhNY2n366FIMEzJFou9Oxt388JIW9Dvg4qdIgrxj/yLa385i/KsOCamg==
x-fb-trip-id: 917726464
x-fb-content-md5: 2b58a1836d68733623e0cf1592888342
x-frame-options: DENY
date: Fri, 14 Jan 2022 13:27:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7fbb0dd77e3d30a3228b32c318cadbbd"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Jan 2022 13:39:55 GMT

GET
H3 200 mothership-logo-white.svg
mothership.sg/assets/images/icons/svg/ 4 KB
2 KB 37ms
34ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/mothership-logo-white.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4e1b22fd62cd393a6580759320787df48bcda73d7d7f3a53ccff067ffd6f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1295
etag: W/"5e88dae6-1076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a4ff86946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 menu-hamburger-white.svg
mothership.sg/assets/images/icons/svg/ 728 B
659 B 28ms
26ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/menu-hamburger-white.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c8edf1a4cdd964344cc09b1900cd75c417ef3061824b99bf207b08c9f3fca21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1294
etag: W/"5e88dae6-2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a4ff96946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 menu-cross-white.svg
mothership.sg/assets/images/icons/svg/ 707 B
695 B 21ms
19ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/menu-cross-white.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96791f722a5d1c3c2694bbcedafadf586f91556c31f1e99fd8d0833fda1e5613

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1294
etag: W/"5e88dae6-2c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a4ffa6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 search-red.svg
mothership.sg/assets/images/icons/svg/ 742 B
747 B 27ms
24ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/search-red.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2a08268923ca4068957cf5579968dd41f183ae21ebafc93b3b160a2bd8c584

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1294
etag: W/"5e88dae6-2e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a4ffc6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 search-white.svg
mothership.sg/assets/images/icons/svg/ 742 B
744 B 26ms
23ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/search-white.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59245319e38294aa2feca919e6eef4b161614f3f636f4adb5500f592e535d4df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1294
etag: W/"5e88dae6-2e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a4ffd6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 clock.png
mothership.sg/assets/images/icons/ 485 B
813 B 685ms
683ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/clock.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8113e8fdcaee4f6dc7689a678b6bbeac27755d9ca1432ad9183985bd324ef951

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
etag: "5e88dae6-1f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: origSize=498
accept-ranges: bytes
cf-ray: 6cd7333a48006946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 485
cf-bgj: imgq:100,h2pri

GET
H3 200 fb-icon.svg
mothership.sg/assets/images/icons/svg/ 607 B
679 B 28ms
26ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/fb-icon.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d2406d482b6c598f52171113ad618df9dc29d80e7570460917277f58bd2798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1206
etag: W/"5e88dae6-25f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a48026946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 tw-icon.svg
mothership.sg/assets/images/icons/svg/ 944 B
855 B 35ms
33ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/tw-icon.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10255440caeddf522a022a21978298f01fbfb1a5517116e02a0dc416a342c9bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1206
etag: W/"5e88dae6-3b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a48036946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 whats-icon.svg
mothership.sg/assets/images/icons/svg/ 2 KB
1 KB 25ms
23ms Image
image/svg+xml 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/svg/whats-icon.svg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4c7d10a95d4363e4449aa20329a4631da99765280be202bfb1703276156415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1206
etag: W/"5e88dae6-63a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 6cd7333a48046946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ocbc-scam-victims.png
static.mothership.sg/1/2022/01/ 469 KB
470 KB 46ms
30ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/ocbc-scam-victims.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b3aa37d9aa0ddf4dc2e04a7662825694153d86b62687ee4781ac51b1ce9812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 917
cf-polished: origSize=489791
x-guploader-uploadid: ADPycdtFYHC4D7EfH-7H65TZFMn3qtx2YO7EW6t4uBgIbMCIyQ_JFq14B38PE-84XrDd9V2rZTKr5768ZRev4v8J7AU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 480168
last-modified: Tue, 11 Jan 2022 10:48:32 GMT
server: cloudflare
etag: "853a9635210e4e1650668a0491a4c78b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=qp0UCA==, md5=hTqWNSEOThZQZooEkaTHiw==
x-goog-generation: 1641898112099774
content-type: image/png
expires: Fri, 14 Jan 2022 14:11:52 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 489791
accept-ranges: bytes
cf-ray: 6cd7333a6ee56957-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 drop-pin.png
mothership.sg/assets/images/icons/ 346 B
672 B 24ms
22ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/drop-pin.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182f87d868c1b00718d602b14224500b4e12dd5d339816371a3f5a546a7526a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 1294
etag: "5e88dae6-168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: origSize=360
accept-ranges: bytes
cf-ray: 6cd7333a48066946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 346
cf-bgj: imgq:100,h2pri

GET
H3 200 libs.js Show response
mothership.sg/assets/js/ 223 KB
58 KB 33ms
33ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/libs.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a84b41e68c31d56afcfacf8787e03347384db1ba7349a9d0df000490c3506baa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 723
etag: W/"61003deb-37dcf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd7333a0f816946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H3 200 iframe_parent.js Show response
mothership.sg/assets/js/ 14 KB
6 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/iframe_parent.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 121cfa4f0e30c7442decddd155313a22156983a74917d3f2dc4db3989affd92d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 723
etag: W/"61003deb-384f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd7333a1f846946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H3 200 iframe_resizer.js Show response
mothership.sg/assets/js/ 1 KB
876 B 36ms
35ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/iframe_resizer.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ef7e7ab7ca51e873806ca864cb1afe12028c39920c65844abb87c0387aa5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 723
etag: W/"61003deb-489"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd7333a4ff56946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 62ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

b346f636e2c30bada02356586ecd98fb9bab00005aad2af343e6771c4b889f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26923
x-xss-protection: 0
server: sffe
etag: "1101 / 863 of 1000 / last-modified: 1642162303"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jan 2022 13:27:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 63ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLGD58H

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c75be222ae4f60c9747cac277a113283a566581a68890a29adfee03eeb67507b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45139
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:27:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 27ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: TZpuBWRMZnyia2S7it8jbR08vntp8B9/WAKPHiy563Ecz3EeiIjFeVctmDiVA9GxdtG7+93Qm79udUhdrOtTZg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 14 Jan 2022 13:27:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 579ms
120ms Script
text/javascript 2a00:1450:4019:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 322
date: Fri, 14 Jan 2022 13:21:47 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 15:21:47 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/ 27 KB
27 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:700,700i|Libre+Franklin:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mothership.sg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:21:59 GMT
x-content-type-options: nosniff
age: 310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27240
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:06:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 14 Jan 2023 13:21:59 GMT

GET
H3 200 / Show response
mothership.sg/2021/12/ocbc-phishing-scam/embed/ Frame 3D5D 26 KB
7 KB 745ms
745ms Document
text/html 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe4c07499e8bc5bac3e9545dcaf59da106673c26c26cdbc0d267045ef52f9c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2022/01/ocbc-scam-victims/

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: text/html
last-modified: Fri, 31 Dec 2021 06:45:53 GMT
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6cd7333a683d6946-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

29a9bAzGveHWr5dVhxXy3P Show response
open.spotify.com/embed-podcast/episode/ Frame 1A5E
Redirect Chain

https://open.spotify.com/embed/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator

39 KB
10 KB

215ms
215ms

Document
text/html

2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

9c028c6838a7b886899809715eb0bd6a1d645f0dff2c93381d3d1399758d63de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
spotify-request-id: 2ad1b40c-e91c-4958-89d9-877a71582b9d
content-encoding: br
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: d27ff5b7760b86f4
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

Redirect headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: text/html
location: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: 60efcd5c39f124ac
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 moatheader.js Show response
z.moatads.com/mediacorpheader458604908711/ 226 KB
79 KB 209ms
75ms Script
application/x-javascript 104.102.30.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2926360f3839/716a789d2964/launch-e53716caf862.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-30-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c4a4999dc560a76ca454dca198d1627dea899539da85f958dbfa21c9741fdf03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:32:50 GMT
server: AmazonS3
x-amz-request-id: QEJYRDYSMFNPA4M2
etag: "f9d1ab8ee70111f5ca7039ca809c2697"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=9938
accept-ranges: bytes
content-length: 80383
x-amz-id-2: G0zXH5FU/DNfV6/aXLz3bvx2qmA209Z4jtcp8LOc0bKvK26m7GSrWvp9e26qkkRN7yDWMcclZAo=

GET
H2 200 Mothership_Event-Listing_1000x525.jpg
static.mothership.sg/1/2022/01/ 327 KB
327 KB 66ms
66ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/Mothership_Event-Listing_1000x525.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9768dd0b6bf35053e6699648f67d414986b804262f7b349124c50757f497545b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 3468
cf-polished: origSize=342732
x-guploader-uploadid: ADPycdtCxP6aow9hl0NbkhSgpP5E229jM9zwdlwwBReRksKoE3SrBlbZUttjy7tHog_qfCAThtWGYcN2SRxsWxWimf8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 334353
last-modified: Fri, 07 Jan 2022 07:02:28 GMT
server: cloudflare
etag: "bcc9520a405820798313b48961cc6bc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=+Ur0cg==, md5=vMlSCkBYIHmDE7SJYcxrxQ==
x-goog-generation: 1641538948037801
content-type: image/jpeg
expires: Fri, 14 Jan 2022 13:29:21 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 342732
accept-ranges: bytes
cf-ray: 6cd7333a8f2d6957-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 razer-n95-mask-1.png
static.mothership.sg/1/2022/01/ 566 KB
567 KB 90ms
87ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/razer-n95-mask-1.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc657335972f2e38c33a4b71d0cb15c2c16b0f2b61e772fdb0203372accb15bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 3013
cf-polished: origSize=674404
x-guploader-uploadid: ADPycdtVwFlPsU9vgSE_PK4EkvhEQtD4iDyYizcYDzVTFWREox3EDmCwAULG7CMLzcYz-E4pc-GPd3wfWsMahcDShLhqngZRXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 580033
last-modified: Fri, 14 Jan 2022 04:55:34 GMT
server: cloudflare
etag: "55e0d024f3f67fe5d26d73e7cc8c004b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=APlCpg==, md5=VeDQJPP2f+XSbXPnzIwASw==
x-goog-generation: 1642136134650412
content-type: image/png
expires: Fri, 14 Jan 2022 13:20:28 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 674404
accept-ranges: bytes
cf-ray: 6cd7333a8f426957-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 New-Project-58.jpg
static.mothership.sg/1/2022/01/ 449 KB
450 KB 123ms
121ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/New-Project-58.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f923d08eb1c4d655836c69a4c8e82c4195a980ecf65f06ce9ff9fec801b0366e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 3013
cf-polished: origSize=512138
x-guploader-uploadid: ADPycdtM0Md0w7VKamfpAQu_fGiQV0XZXqZ9GVOGcGaxS-_WlgHj81PLzyOPsksrYU0GnhdSfK1QJGJwuY0dMTFEx5uhOWp3Sg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 460064
last-modified: Fri, 14 Jan 2022 05:14:17 GMT
server: cloudflare
etag: "ae20afa368663ed204ee2c6e1ea86387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=NCRuUg==, md5=riCvo2hmPtIE7ixuHqhjhw==
x-goog-generation: 1642137257504771
content-type: image/jpeg
expires: Fri, 14 Jan 2022 13:20:28 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 512138
accept-ranges: bytes
cf-ray: 6cd7333abfd26957-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 loh-kean-yew-q-finals-india-open.jpg
static.mothership.sg/1/2022/01/ 97 KB
97 KB 116ms
114ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/loh-kean-yew-q-finals-india-open.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceedda6e95f40f4853692b7a532c3d79aba9e2e10ba5ac6fe69026773565414c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 290
cf-polished: origSize=102532
x-guploader-uploadid: ADPycdtMlVVaEQoz5Sa-Xdo8UpNGUFdhzg3guKgfRXslTjnjpq1rX4k92GHXLiD4F0ESaDqx1Vv9v4Dot84lMjs5CvUAM0z2Fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 98995
last-modified: Fri, 14 Jan 2022 09:04:03 GMT
server: cloudflare
etag: "448f87371e4c724f4904046ddd9fc808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=NOg24g==, md5=RI+HNx5Mck9JBARt3Z/ICA==
x-goog-generation: 1642151043623847
content-type: image/jpeg
expires: Fri, 14 Jan 2022 14:22:19 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 102532
accept-ranges: bytes
cf-ray: 6cd7333abfd56957-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 foodpanda-rider.png
static.mothership.sg/1/2022/01/ 621 KB
622 KB 164ms
162ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/foodpanda-rider.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a55ac6fd4b4a84edb42080dbdd8c4113dc1430f76905ed6d5648c5b351d4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 290
cf-polished: origSize=738474
x-guploader-uploadid: ADPycdsj-xeG_Ik0ZGoQaxYqBTFKnTWyRGLoNRdI5NiPQApo4P1GAw2sNrCHSUwTWAjSMS3Vjvv-wm5P_WnNrVP8xhI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 635516
last-modified: Fri, 14 Jan 2022 05:35:45 GMT
server: cloudflare
etag: "31950ab24fe50697775e564dc3678587"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4JqIEQ==, md5=MZUKsk/lBpd3XlZNw2eFhw==
x-goog-generation: 1642138545173687
content-type: image/png
expires: Fri, 14 Jan 2022 14:22:19 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 738474
accept-ranges: bytes
cf-ray: 6cd7333b08776957-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Untitled-design-2022-01-14T152758.665.png
static.mothership.sg/1/2022/01/ 773 KB
774 KB 510ms
509ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/Untitled-design-2022-01-14T152758.665.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3fcaafa893b3294c93ae0b9e6415232218ad7a66135b94954e1a6d2de8dbc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 290
cf-polished: origSize=909728
x-guploader-uploadid: ADPycdv74WzCkW_tuhhxB53lEuHCRagWxpWSjvmeSkq8P5KFOlhgGqz2AgUJEmv-SvFBt4KLgY0VqVSn_NE185juU_XS_GtqxA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 791693
last-modified: Fri, 14 Jan 2022 07:28:26 GMT
server: cloudflare
etag: "f8fd349ed896d1752cba67d00f5f123d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=SDiG0g==, md5=+P00ntiW0XUsumfQD18SPQ==
x-goog-generation: 1642145306870195
content-type: image/png
expires: Fri, 14 Jan 2022 14:22:19 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 909728
accept-ranges: bytes
cf-ray: 6cd7333ab8fb6946-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Keong-Saik-cyclists.jpg
static.mothership.sg/1/2022/01/ 49 KB
50 KB 532ms
531ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/Keong-Saik-cyclists.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4be0593eeae286bdfc879e853e32c2a707867f90bc52477bbdd7a887c97b2be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 3013
cf-polished: origSize=52010
x-guploader-uploadid: ADPycdt6UA_rhBLP8Diaa9SrA0rSKXxsrKMbRsMxlrajFV6jbsE-eZ-5HjLDefRlQXPJbQ1MrTP5jQbnF-UL5g7uiGFFLnFN2A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50279
last-modified: Fri, 14 Jan 2022 05:16:54 GMT
server: cloudflare
etag: "f5286d2cf5705fad58ebd6e7723b9125"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ROXeIQ==, md5=9ShtLPVwX61Y69bncjuRJQ==
x-goog-generation: 1642137414721054
content-type: image/jpeg
expires: Fri, 14 Jan 2022 12:45:18 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 52010
accept-ranges: bytes
cf-ray: 6cd7333ab8fd6946-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 K-Shan-on-elderly-man.jpg
static.mothership.sg/1/2022/01/ 77 KB
77 KB 626ms
626ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/K-Shan-on-elderly-man.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82cde5dd2d961e9f154314e8c2b0b4ae0618b0de9cb0fd3192169f376df55b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 863
cf-polished: origSize=80128
x-guploader-uploadid: ADPycdtAmhaARw_yV0qiFuWlDulHSXm8IHlZ-4kcAuGmz7U_Ou4cgiRnz-IscutS81yZH7v5ejr5C3SuijM92Pr-Yr0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78518
last-modified: Fri, 14 Jan 2022 05:15:24 GMT
server: cloudflare
etag: "50afab227de6cd02757094c284821931"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Zt6hkw==, md5=UK+rIn3mzQJ1cJTChIIZMQ==
x-goog-generation: 1642137324781982
content-type: image/jpeg
expires: Fri, 14 Jan 2022 14:12:46 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 80128
accept-ranges: bytes
cf-ray: 6cd7333ab9016946-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 Screen-Shot-2022-01-14-at-2.15.42-PM.png
static.mothership.sg/1/2022/01/ 1 MB
1 MB 140ms
139ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/Screen-Shot-2022-01-14-at-2.15.42-PM.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6903ce7fb79571c3c3c4173da244ead866b0975a74df97fe32277f0366e9f3b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 2852
cf-polished: origSize=1468526
x-guploader-uploadid: ADPycdtt_smGotJToJYEBy1pCBa0u3dZ-Bd0sp0AOUfHw41KwvKb9v8ph_qRc1IG3H9MLWm9eben_G-8rD6b3yxMXhI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1181775
last-modified: Fri, 14 Jan 2022 06:16:05 GMT
server: cloudflare
etag: "20c907c0623826a80f44f2981b93ff54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=GtqRnQ==, md5=IMkHwGI4JqgPRPKYG5P/VA==
x-goog-generation: 1642140965820684
content-type: image/png
expires: Fri, 14 Jan 2022 13:39:37 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 1468526
accept-ranges: bytes
cf-ray: 6cd7333ab9026946-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 ikhsan-bgpu.jpg
static.mothership.sg/1/2022/01/ 149 KB
149 KB 746ms
745ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/ikhsan-bgpu.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e825397d595b2a9d4568bb2005f9c235231c97f78670e76c70eaebe1f9a6ce5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 863
cf-polished: origSize=165390
x-guploader-uploadid: ADPycdsmm7jbcorMonMN3-E649IfPKZWtRxSrhiy_5YJl_jLLSWHZQDf0wsJeeihqMxcnAMPn-7UmJsPlgFynktoOr1DNRJcww
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 152186
last-modified: Fri, 14 Jan 2022 05:27:55 GMT
server: cloudflare
etag: "9a336d31e60021a1fd92763466d3ff57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=l1CGRg==, md5=mjNtMeYAIaH9knY0ZtP/Vw==
x-goog-generation: 1642138075466029
content-type: image/jpeg
expires: Fri, 14 Jan 2022 14:12:46 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 165390
accept-ranges: bytes
cf-ray: 6cd7333ab9046946-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 face-mask-more-attractive-men.jpg
static.mothership.sg/1/2022/01/ 68 KB
69 KB 82ms
81ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2022/01/face-mask-more-attractive-men.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80cea66525af03430f52ef9e86a9f0194edc39e4a9b078ea8d28b2d7282ec7bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cf-cache-status: HIT
age: 863
cf-polished: origSize=72728
x-guploader-uploadid: ADPycduVzEKtEm08vTJL7TlLYKi_KUM8OSIuUdZohCp46PTuI8i4EdXvrkn2Z5Z93ZoDplD5Qy75d0HtflBfzygD5WxFFF9Bdg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69563
last-modified: Fri, 14 Jan 2022 05:48:43 GMT
server: cloudflare
etag: "22df00c5bc66309e1c8461c4308b0699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=kH7hFg==, md5=It8AxbxmMJ4chGHEMIsGmQ==
x-goog-generation: 1642139323570812
content-type: image/jpeg
expires: Fri, 14 Jan 2022 14:12:46 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 72728
accept-ranges: bytes
cf-ray: 6cd7333ab9066946-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v7/ 30 KB
30 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:700,700i|Libre+Franklin:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bfa93165e5e460e37883ea167cdf8b99b7c618f45019b43b00fa102474ab74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mothership.sg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 14:08:22 GMT
x-content-type-options: nosniff
age: 256727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30536
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:05:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 14:08:22 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:700,700i|Libre+Franklin:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mothership.sg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 08:01:19 GMT
x-content-type-options: nosniff
age: 278750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 08:01:19 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 126ms
64ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=74c14ed0e4fb3104ab12ed7be4c3e3fb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

876111e43bc1872a38177788e7a9dfe704045b3ea042b8f9d49d2e8ae684218a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mothership.sg/
Origin: https://mothership.sg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UldIKi8jxwEEw/6ggzZkfg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83514
x-fb-rlafr: 0
x-fb-debug: bzJLs4tduGnHcseqRAW0nOAeYefxEUI3ujT5c/oyj4fS3sTqzcBchLzTdUr1ARE/bXCmQ7ErAFQPdUML+a4nqQ==
x-fb-content-md5: a8a34c2268601473af012487f77f1121
x-frame-options: DENY
date: Fri, 14 Jan 2022 13:27:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "32378a2b10c43d5c4a10d88c35e3fc74"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 11:36:24 GMT

GET
H2 200 index.js Show response
static.vidy.com/0.38.5/ 767 KB
246 KB 279ms
146ms Script
application/javascript 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/index.js

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mothership.sg/
Origin: https://mothership.sg
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151626
age: 800224
x-guploader-uploadid: ADPycdu5E_c7jzcWNKSa_pQBulKu2MSMm0lGuSfDgvv9FGwpAGn2ch5KYBaHH7UZrLYW5dqk1fgBlym4b3o-D15CBVD2h6KWyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"adb6bb0bddb9236e076354be09c1d8df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=vk2y4g==, md5=rba7C925I24HY1S+CcHY3w==
x-goog-generation: 1632151645319398
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 785503
cf-ray: 6cd7333c1dc84ec7-FRA
expires: Thu, 05 Jan 2023 07:09:04 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 122ms
63ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: KQ/uESJzOKHNqzyAqOakMI2I+Qfn5A0Z/TUSJlb0B7wFe9uv/4nx63XP5eOxjxILF2TRHatPUQ3hrHtSEhgeug==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 Jan 2022 13:27:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 112356165937356 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 183ms
124ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/112356165937356?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6b43988dae810ce0b53031d8298bf6b9fc942f6553066c9faaa05ff83b5425e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: CWOfaUioNqfTCQGmvNpy3u8FBXUMh6BYsdy8w+B4Gyc/LZMCnZ9un3rCMJ9gpqA4qqkXrBsJ+fE+WDdye5QDUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 Jan 2022 13:27:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2022010407.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 124ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120967
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:13:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Jan 2023 13:03:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
117 B 130ms
62ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mothership.sg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c32574c48f75bc03a04b170cb445f8f538aafb3de0a50c3b9c1a73d98dbb2ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Fri, 14 Jan 2022 13:27:09 GMT

GET
H/1.1 200
OK mothership_sg.js Show response
api.popin.cc/searchbox/ 109 KB
31 KB 1453ms
529ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/mothership_sg.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: acd00d24d0e20a356a0c4e1663dd370aedf26093a413c7a4080284396e9ea300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jan 2022 09:42:46 GMT
Server: nginx
ETag: W/"32e40e918171e296469fa7867e7102dd"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: YflzuHKX7GGqYeb1_vQU3Rg5KeAoJfNK
Expires: Fri, 14 Jan 2022 14:27:10 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 405 B
580 B 1672ms
1515ms Script
text/html 52.48.241.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCfHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-RA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&pcode=mediacorpheader458604908711&rx=341312421026&callback=MoatNadoAllJsonpRequest_98350337
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.241.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-241-99.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: e206b5d2281adbfc85ded5e77956214f42bb6a4da3eb1b9d9b7def91b5ddf76a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:11 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "f95f7e9b8a5f461bdf5e0132efb26b21a7a1a557"
content-length: 405
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 83 B
257 B 193ms
36ms Script
text/html 18.168.182.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCfHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-RA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&pcode=mediacorpheader458604908711&rx=341312421026&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=MEDIACORP_HEADER1&hp=1&wf=1&pxm=&sgs=3&vb=-1&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1642166829572&de=304730954813&m=0&ar=cc97a930ec1-clean&iw=14bb004&q=1&cb=0&cu=1642166829572&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mediacorpheader458604908711&fd=1&ac=1&it=500&pe=1%3A218%3A218%3A0%3A331&fs=195926&na=498482367&cs=0&callback=MoatDataJsonpRequest_98350337
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/mediacorpheader458604908711/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.182.140 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-182-140.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: f268e612c8b65f1f92e087a71d858c5af21b26f91633c59b2e9a6ce79a8a9fb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "054ecede36bfa886609ea980050ff6938d3d6b6c"
content-length: 83
content-type: text/html; charset=UTF-8

GET
H2 200 892e4e3af99a4036ad3d04bfbe77ebaa.js Show response
cdn.brandmetrics.com/survey/script/ 10 KB
4 KB 106ms
31ms Script
text/javascript 2606:4700:20::681a:69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/survey/script/892e4e3af99a4036ad3d04bfbe77ebaa.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1e5342ab3028d2fc44b5d337bd1a7a7388254fe8751da0a327f3c91dd5da02f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 12:39:39 GMT
server: cloudflare
age: 2850
cf-polished: origSize=10885
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2tdYpxlUHQe1JmZec3P%2B8PPJp3d0yb9mM0J62iBzNmJdAXyv77FV0kxHrLjYmItOCZSqFN%2BK4G3LbPoaXM66phyozYlA%2FtdF7EguSZeYMLrrChUFs2LuMC2oW%2BI8yMpEXwXLlZa9Y8Y7%2FJ2WCw5CbjC"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cd7333dfe738bd5-FRA
cf-bgj: minify

GET
H2 200 meid_partners.js Show response
uid.mediacorp.sg/api/scripts/ 2 KB
2 KB 652ms
558ms Script
text/javascript 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://uid.mediacorp.sg/api/scripts/meid_partners.js?network=mothership

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.1 / Express

Resource Hash

f0f90af8b6fdbc33779edac30424a46393c539562d7f8133683e5b083a4694e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
etag: W/"965-qe9sbeN1gT3GqkUpctdDZAa4bes"
server: nginx/1.20.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 3-9645564-9645565 NNNN CT(165 166 0) RT(1642166829526 0) q(0 0 3 0) r(5 5) U5
cache-control: public, max-age=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 74ms
14ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 01:15:58 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 122313
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: bPImx_y2ZM_U00wB3MJlk2O7y0BBJl7mt-c2dSeoLmfuHTh8NQDQVg==

GET
H/1.1 200
OK channels-json.cgi Show response
mediacorp.gscontxt.net/main/ 551 B
520 B 83ms
8ms Fetch
application/json 132.145.232.67
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacorp.gscontxt.net/main/channels-json.cgi?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 132.145.232.67 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 270722e31c5706e03fd2c88e98342de0ec3b66c0df27e72fade9dcb348a745b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
AMP-Access-Control-Allow-Source-Origin: *
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/14876/ 44 KB
14 KB 76ms
14ms Script
text/javascript 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/14876/lt.min.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82758cd4aa0b9fc7c0c258c532978f94234ad37b66712ae66868c42bb2ce48eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:47:40 GMT
content-encoding: gzip
etag: W/"affbe2d630687960c593046ef66e3066"
last-modified: Tue, 23 Nov 2021 20:08:08 GMT
server: AmazonS3
age: 77970
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: yMqcO6HhbPuC22IzadLxgD3kFepFVz561sQgwR4RYDkbm2aNOw9iAQ==

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
262 B 159ms
102ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 60ms
14ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:09 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b3b3804a-ad2c-4141-a409-77b375aa15e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 179ms
125ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 570ms
526ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bb6674d9220e78dea9fb7fcc96207fe52a249f0d09212b5555b486c50c136ee7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:10 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dafe576b-638a-4845-a347-0650159cad40
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 58ms
15ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:09 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 80c8140f-bc96-4b4b-a006-09ee2c92b9a8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 171ms
119ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
246 B 136ms
51ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mothership.sg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 14 Jan 2022 13:27:09 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 212ms
164ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 52ms
14ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:09 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 856eb61e-5c54-4a9d-aaee-89c67c060879
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 34ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=112356165937356&ev=PageView&dl=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&rl=&if=false&ts=1642166829746&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642166829744.161498970&it=1642166829339&coo=false&rqm=GET

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 14 Jan 2022 13:27:09 GMT

GET
H/1.1 200
OK CircularSpUIv3T-Bold.8d0a45cc.woff2
open.scdn.co/cdn/fonts/ Frame 1A5E 71 KB
72 KB 152ms
57ms Font
application/octet-stream 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Bold.8d0a45cc.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:09 GMT
Last-Modified: Fri, 30 Jul 2021 18:41:03 GMT
Age: 14481856
ETag: "c147cc237b8b07e0a8875dfbbe857b29"
X-Served-By: cache-ord1720-ORD, cache-mrs10570-MRS
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 72840
X-Cache-Hits: 4, 42669

GET
H/1.1 200
OK spoticon_regular_2.d319d911.woff2
open.scdn.co/cdn/fonts/ Frame 1A5E 56 KB
56 KB 124ms
28ms Font
application/octet-stream 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/spoticon_regular_2.d319d911.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:09 GMT
Last-Modified: Sat, 21 Aug 2021 00:37:20 GMT
Age: 12549615
ETag: "3b7bbfac9ed3e75d426728e900579aa9"
X-Served-By: cache-ord1741-ORD, cache-mrs10557-MRS
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 56996
X-Cache-Hits: 3, 158611

GET
H/1.1 200
OK embed-podcast.5deeee5f.css
open.scdn.co/cdn/build/embed-podcast/ Frame 1A5E 9 KB
2 KB 122ms
27ms Stylesheet
text/css 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed-podcast/embed-podcast.5deeee5f.css
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddf42245fe4d2966e95db9c2d44a908a37bbe952453aa148c6261444b5ca8ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 16:26:02 GMT
Age: 3790690
ETag: "9bd43cd27083fa50e9894a1ef7cf88ef"
X-Served-By: cache-ord1738-ORD, cache-mrs10556-MRS
X-Cache: HIT, HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1207
X-Cache-Hits: 2, 150778

GET
H/1.1 200
OK vendor~embed-podcast.6f31ead8.js Show response
open.scdn.co/cdn/build/embed-podcast/ Frame 1A5E 1 MB
285 KB 96ms
29ms Script
application/javascript 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.6f31ead8.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 661d91e5fdd4a8de24a4424e73063ae137d2946cfbbae50195cb0857356fffba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 12:40:57 GMT
Age: 866546
ETag: "709cbd5275a98a69a70d6a739114345c"
X-Served-By: cache-ord1732-ORD, cache-mrs10579-MRS
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 291136
X-Cache-Hits: 5, 45824

GET
H/1.1 200
OK embed-podcast.abebc1ef.js Show response
open.scdn.co/cdn/build/embed-podcast/ Frame 1A5E 803 KB
182 KB 95ms
29ms Script
application/javascript 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed-podcast/embed-podcast.abebc1ef.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 671be9acebc685fd620cca845b6e81d474f49ad5b812ee3108a9ab4f819866f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jan 2022 13:05:43 GMT
Age: 1048
ETag: "05862d49eac6548d4f3d9ea2e04eb371"
X-Served-By: cache-ord1730-ORD, cache-mrs10567-MRS
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 186236
X-Cache-Hits: 3, 66

GET
H2 200 settings Show response
api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/ 393 B
402 B 50ms
29ms XHR
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/settings

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9cdad08c9e7f3a473b3753e3c787360cd3e23209b291e45b13847ed2377007a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray: 6cd7333e6ac24ec7-FRA
date: Fri, 14 Jan 2022 13:27:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 13:22:12 GMT
server: cloudflare
age: 297
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=300
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=33485696&ns__t=1642166829827&ns_c=UTF-8&cv=3.5&c8=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underw...
https://sb.scorecardresearch.com/b2?c1=2&c2=33485696&ns__t=1642166829827&ns_c=UTF-8&cv=3.5&c8=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20under...

0
224 B

29ms
29ms

Image
text/plain

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=33485696&ns__t=1642166829827&ns_c=UTF-8&cv=3.5&c8=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&c7=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&c9=
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: l9XJob2FDO7AbpaEpGPZyqIxSkDkL10lcKVclEBwdmC_3GA5JDuODw==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 14 Jan 2022 13:27:09 GMT
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=33485696&ns__t=1642166829827&ns_c=UTF-8&cv=3.5&c8=OCBC%20S'pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&c7=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&c9=
content-length: 395
x-amz-cf-id: Z3zHTo0ywZE2kEkAQBWiSNyRmm2gWvHTtgo5Po5d3OKOIY_bD4qfXw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 112ms
33ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43110072-1&cid=682205852.1642166830&jid=633076242&gjid=1683185651&_gid=479891663.1642166830&_u=IGBAgAABAAAAAE~&z=1918816103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: text/plain
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 503ms
255ms XHR
text/plain 2a00:1450:4019:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=945350936&t=pageview&_s=1&dl=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&ul=en-us&de=UTF-8&dt=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=228630863&gjid=859186636&cid=682205852.1642166830&tid=UA-43110072-1&_gid=479891663.1642166830&_r=1&gtm=2wg1c0PLGD58H&cd1=LowJiaYingwindow.onload%3Dfunction(e)%7Bif(typeofwindow.ga%3D%3D%3D%22function%22)%7Bga(%27send%27%2C%7BhitType%3A%27event%27%2CeventCategory%3A%27author_pageview%27%2CeventAction%3A%27author_pageview_viewed%27%2CeventLabel%3A%27LowJiaYing%27%7D)%3B%7D%7D&z=167731303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 387ms
140ms Image
image/gif 2a00:1450:4019:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=945350936&t=pageview&_s=1&dl=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&ul=en-us&de=UTF-8&dt=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=633076242&gjid=1683185651&cid=682205852.1642166830&tid=UA-43110072-1&_gid=479891663.1642166830&z=1363912462

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 02:54:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37937
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 575 B
1 KB 224ms
107ms XHR
application/json 52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/14876/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8dfc41774767ecf99edb1a5c08b838abe4e64c1a0f7328e3c58e0d8f68e54502

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mothership.sg
cache-control: no-cache
x-server: 10.45.18.135
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 575
expires: 0

GET
H2 200 69833023.js Show response
cdn.brandmetrics.com/scripts/bundle/ 40 KB
13 KB 47ms
46ms Script
text/javascript 2606:4700:20::681a:69b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/69833023.js
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/survey/script/892e4e3af99a4036ad3d04bfbe77ebaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:69b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893c8288e0c808f5ee65a15f20a3d02672fc2cf630a4eb3c453da01c077fec5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 12:38:25 GMT
server: cloudflare
age: 2924
cf-polished: origSize=41366
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BG7NUinHEatlOBIWe%2BpVvD2BhsBNkJPL6XafGTyjU53gzcgpCPCn6eyKdDeItcLEhC4pNvDU55GNNBffi%2FBpTOj%2FV50f9GndrpJDokUvH9okXudzXYt2X4vynvE2OKKdjCuWQg34QeEvyRMPS0O67tac"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cd7333e984a8bd5-FRA
cf-bgj: minify

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
246 B 72ms
70ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mothership.sg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 14 Jan 2022 13:27:09 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 110ms
109ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 21ms
20ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:09 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a8fb2eb3-5bef-4816-847a-936af278474a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 710322 Show response
api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/content/ 11 B
154 B 254ms
249ms XHR
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/content/710322

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 14 Jan 2022 12:45:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=1800
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6cd7333ebb744ec7-FRA
content-length: 11

GET
H2 200 iframe.html Show response
static.vidy.com/0.38.5/ Frame 0C40 170 B
439 B 37ms
36ms Document
text/html 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fmothership.sg

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-type: text/html
x-guploader-uploadid: ADPycduBUxdaOF3ZnDUQC1QO1OASN4tZxgTnxdLYUYtrQgT8O4Rmr4561KBdFw5B2jejGp1udOt_Ml_a3DGfhnK_MvU
expires: Thu, 05 Jan 2023 07:10:05 GMT
last-modified: Mon, 20 Sep 2021 15:27:28 GMT
x-goog-generation: 1632151648524711
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170
x-goog-hash: crc32c=L2PN0Q== md5=30+26Rimyfs6gQOLghFtrQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type,*
cache-control: public,max-age=31536000,immutable
age: 800224
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6cd7333ebd104ac2-FRA
content-encoding: gzip

GET
H2 200 embed.min.css
static.vidy.com/0.38.5/ 159 KB
36 KB 42ms
41ms Stylesheet
text/css 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.min.css

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 634449
x-guploader-uploadid: ADPycdvtasyy8whgyYar7Q5eGVBaAhZG5Sp14GY7FBpjYTrnJ6V5-50cDsxuZcAU8G8ggkgGFtslhUG3-2sg69N870aPacvJ8w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:27 GMT
server: cloudflare
etag: W/"d625cd0dcb9328385d986851871fcde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=LJbN1g==, md5=1iXNDcuTKDhdmGhRhx/N4w==
x-goog-generation: 1632151646968836
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type,*
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 163315
cf-ray: 6cd7333ebd194ac2-FRA
expires: Sat, 07 Jan 2023 05:12:59 GMT

GET
H2 200 alive Show response
api.vidy.com/ 2 B
95 B 42ms
42ms XHR
text/plain 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/alive

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 12:49:55 GMT
server: cloudflare
age: 2234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6cd7333ecb8d4ec7-FRA
content-length: 2

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
246 B 112ms
111ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mothership.sg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 14 Jan 2022 13:27:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 89ms
88ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 33ms
33ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:09 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 89c04e2f-d97b-4c12-9805-d1dd867174a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 258ms
258ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
246 B 107ms
107ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mothership.sg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 14 Jan 2022 13:27:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 27ms
27ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:09 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1ca69e12-d79b-429c-820f-a4fff3b8f7a3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ab67656300005f1fccaef2c960a815b8430f7c34
i.scdn.co/image/ Frame 1A5E 36 KB
36 KB 105ms
25ms Image
image/jpeg 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1fccaef2c960a815b8430f7c34
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b5c860680a251df7ca5792bcae4d24f24636293def0b6c9138f46fa6ecd8b67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:10 GMT
Last-Modified: Wed, 06 Oct 2021 09:20:32 GMT
Age: 875191
ETag: "c273714d901f79ecd67db9c1bb2e7535"
X-Served-By: cache-ord1742-ORD, cache-mrs10582-MRS
X-Cache: HIT, HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 36670
X-Cache-Hits: 9, 1

GET
H/1.1 200
OK CircularSpUIv3T-Book.3466e0ec.woff2
open.scdn.co/cdn/fonts/ Frame 1A5E 67 KB
68 KB 26ms
26ms Font
application/octet-stream 2a04:4e42:54::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Book.3466e0ec.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:54::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:10 GMT
Last-Modified: Fri, 29 Oct 2021 14:09:02 GMT
Age: 6548170
ETag: "6ff898ba447ac00bc6e457d25bcb0be8"
X-Served-By: cache-ord1732-ORD, cache-mrs10570-MRS
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 68852
X-Cache-Hits: 1, 24952

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
246 B 45ms
45ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mothership.sg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 14 Jan 2022 13:27:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
697 B 13ms
13ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:10 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8d871c2f-7602-48a7-b5b4-62febae88734
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 109ms
109ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 / Show response
o22381.ingest.sentry.io/api/1409086/envelope/ Frame 1A5E 2 B
245 B 136ms
17ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.6f31ead8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 / Show response
apresolve.spotify.com/ Frame 1A5E 273 B
268 B 155ms
40ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.6f31ead8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 6576c9c9dc3dade94d0b10e71df05a4b28220b94722d2825fc17fde08882d83c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108
via: 1.1 google

GET
H2 200 embed.iframe.js Show response
static.vidy.com/0.38.5/ Frame 0C40 23 KB
11 KB 20ms
20ms Script
application/javascript 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.iframe.js

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fmothership.sg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fmothership.sg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151636
age: 6881453
x-guploader-uploadid: ADPycdsieNvTfLTv2th0GS1JRje4uRsesRAm8Ux6ROmhhZm6I9ZQGB-f2BpIrOkE2tjXvZckTNakEQHJRw75ujxDEB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"45a6ee3245fe51114660172b9c7f7876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=yhA8bg==, md5=RabuMkX+URFGYBcrnH94dg==
x-goog-generation: 1632151645266389
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 23957
cf-ray: 6cd7334129834ac2-FRA
expires: Wed, 26 Oct 2022 21:56:17 GMT

GET
H3 200 embed.js Show response
mothership.sg/assets/js/ Frame 3D5D 177 KB
49 KB 50ms
50ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/embed.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b734a9f46c1436954f35b9bb200f41d0a27f5c0f20bde5e5d20b32aa026cc3b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 1100
etag: W/"61003deb-2c3b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd7334128856946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H3 200 OCBC.jpg
static.mothership.sg/1/2021/12/ Frame 3D5D 142 KB
142 KB 36ms
35ms Image
image/jpeg 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mothership.sg/1/2021/12/OCBC.jpg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80b0cf14353742976174367945abcfe323a05d9c3746b18be104e41935bd6d5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
cf-cache-status: HIT
age: 827
cf-polished: origSize=168545
x-guploader-uploadid: ADPycdt9lLzUWBWVL2WPB1ZVRb4p2QDjIIjtaPMNZwB6sprFWOQ0WpuAMvGHZcz2-FrTLMwkRnKwMlHmISfIh0QK7gA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 145166
last-modified: Fri, 31 Dec 2021 05:38:27 GMT
server: cloudflare
etag: "69740280c62cd28e5d868d503e7f56bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=u46nfA==, md5=aXQCgMYs0o5dho1QPn9Wuw==
x-goog-generation: 1640929107009852
content-type: image/jpeg
expires: Fri, 14 Jan 2022 14:13:23 GMT
cache-control: public, max-age=3600
x-goog-stored-content-length: 168545
accept-ranges: bytes
cf-ray: 6cd7334128916946-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 mothership-logo.png
mothership.sg/assets/images/icons/ Frame 3D5D 17 KB
17 KB 31ms
31ms Image
image/png 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mothership.sg/assets/images/icons/mothership-logo.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf5dcd0b7590c55b825746246972cf528fdb5ae029f861e3efd1357feddd9cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 19:07:18 GMT
server: cloudflare
age: 541
etag: "5e88dae6-42f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: origSize=17144
accept-ranges: bytes
cf-ray: 6cd73341da426946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17053
cf-bgj: imgq:100,h2pri

GET
H3 200 iframe_child.js Show response
mothership.sg/assets/js/ Frame 3D5D 14 KB
6 KB 29ms
28ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/iframe_child.js
Requested by: Host: mothership.sg
URL: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 473eb83e47d5c97563498dfb4e6f51f3fb39cb5309f0f890b8a0387100b4a730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 1100
etag: W/"61003deb-3798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd73341ba0a6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
261 B 81ms
81ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.4.0&referrer=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&tmax=3000

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
852 B 26ms
26ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:10 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8cf66f9d-21be-4904-a980-d3fdcdac728e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://mothership.sg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
246 B 47ms
47ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://mothership.sg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 14 Jan 2022 13:27:10 GMT

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame C7E0 2 KB
1 KB 7ms
7ms Document
text/html 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=14876
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/14876/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 14 Jan 2022 07:27:55 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: o8tZIqFdhANNe3HJ_kHhCHqa4L8V_rop_iIDZwnOZpmDsQYPiHmZUw==
age: 21556

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 24ms
14ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=112356165937356&ev=Microdata&dl=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&rl=&if=false&ts=1642166830312&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world%22%2C%22meta%3Adescription%22%3A%22Among%20other%20grievances%2C%20victims%20were%20angered%20by%20OCBC%E2%80%99s%20perceived%20nonchalance%20and%20ineptitude%20when%20they%20approached%20the%20bank%20for%20help.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%22%2C%22og%3Adescription%22%3A%22Among%20other%20grievances%2C%20victims%20were%20angered%20by%20OCBC%E2%80%99s%20perceived%20nonchalance%20and%20ineptitude%20when%20they%20approached%20the%20bank%20for%20help.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.mothership.sg%2F1%2F2022%2F01%2Focbc-scam-victims.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642166829744.161498970&it=1642166829339&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 14 Jan 2022 13:27:10 GMT

GET
H3 200 emojis.js Show response
mothership.sg/assets/js/ Frame 3D5D 15 KB
5 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mothership.sg/assets/js/emojis.js?ver=5.3.2
Requested by: Host: mothership.sg
URL: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47fc63fc8e9fd2e4b33c0d13e3339020b8759171727f3c2375727ea86fb851be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/2021/12/ocbc-phishing-scam/embed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 17:10:03 GMT
server: cloudflare
age: 1099
etag: W/"61003deb-3ac3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6cd73341ea7d6946-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H2 200 meid_sync.js Show response
uid.mediacorp.sg/api/scripts/ 81 B
633 B 179ms
177ms Script
text/javascript 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://uid.mediacorp.sg/api/scripts/meid_sync.js?MeID=e6f16775-e94d-4349-86cc-2f8cf3ae497f&meid_callback=SuccessUID_callback_1642166830361

Requested by

Host: uid.mediacorp.sg
URL: https://uid.mediacorp.sg/api/scripts/meid_partners.js?network=mothership

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.1 / Express

Resource Hash

c238b42f0ce1161dc46091650fce0f16b87ddadf19e615bbad1dd8b47ef8c42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
etag: W/"51-8vKTU/Tfsspo82CBJYp6Kg5ru8I"
server: nginx/1.20.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 3-9645603-9645565 PNYN RT(1642166830128 0) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

GET
H2 200 meid_seg.js Show response
uid.mediacorp.sg/api/scripts/ 55 B
383 B 506ms
505ms Script
text/javascript 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://uid.mediacorp.sg/api/scripts/meid_seg.js?MeID=e6f16775-e94d-4349-86cc-2f8cf3ae497f&meid_callback=SuccessMeIDSeg_callback_1642166830362

Requested by

Host: uid.mediacorp.sg
URL: https://uid.mediacorp.sg/api/scripts/meid_partners.js?network=mothership

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.1 / Express

Resource Hash

ecdadd5b09af320c848daec70013e1b0a29b74a8f19cdb2cec262306c85a3f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
etag: W/"37-luWz8CB07J+i4C34GUclwOA2NqU"
server: nginx/1.20.1
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 3-9645604-9645605 NNYN CT(162 166 0) RT(1642166830130 0) q(0 0 3 -1) r(5 5) U5
cache-control: public, max-age=0
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

GET
H2 200 mepixel.gif
uid.mediacorp.sg/api/ 43 B
376 B 516ms
515ms Image
image/gif 45.60.34.167
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uid.mediacorp.sg/api/mepixel.gif?action=trackPage&uid=e6f16775-e94d-4349-86cc-2f8cf3ae497f&network=mothership&eventType=trackPage&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&referrer=&title=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&date=1642166830362

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.167 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx/1.20.1 / Express

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
last-modified: Fri, 14 Feb 2020 03:53:43 GMT
server: nginx/1.20.1
x-powered-by: Express
etag: W/"2b-17041d4b452"
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 3-9645606-9645607 NNNN CT(171 165 0) RT(1642166830131 0) q(0 0 3 -1) r(5 5) U5
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 43
x-cdn: Imperva
request-context: appId=cid-v1:62ee76e9-6088-4876-9abf-cdb95945e737

POST
H2 201 events
api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/content/710322/ 0
0 1440ms
1439ms Ping
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/content/710322/events?uid=6o3zbtv3m.fgtszw7l
Requested by: Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3D5D 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 texthash Show response
api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/content/710322/ 39 B
132 B 79ms
79ms XHR
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/46a2ccb7-e878-4540-a74c-0ac73d751f12/content/710322/texthash

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ba2c6453256d9bb70ffc006a44ba75eaa4de2e026eb7f4c932d837f3232601

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 14 Jan 2022 13:13:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6cd733421a984ec7-FRA
content-length: 39

GET
DATA 200
OK truncated
/ Frame 3D5D 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 get_access_token Show response
open.spotify.com/ Frame 1A5E 188 B
438 B 41ms
41ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/get_access_token?reason=transport&productType=embed_podcast

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.6f31ead8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

19b1a24897be99c28c88c62e3b8f6162f84fe94d6333d740b5ec811df6f0ede8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

sp-trace-id: f6d83faf31351bb5
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
spotify-request-id: 59e93cc9-33b9-4c39-b4d3-6fbd9273db24
vary: Accept-Encoding,Accept-Encoding
content-type: application/json; charset=utf-8
via: HTTP/2 edgeproxy, 1.1 google
strict-transport-security: max-age=31536000
alt-svc: clear
server: envoy
x-join-the-band: https://www.spotify.com/jobs/

POST
H2 200 events Show response
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 1A5E 13 B
139 B 124ms
123ms Fetch
application/json 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.6f31ead8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Fri, 14 Jan 2022 13:27:10 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H2 200 events
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 55ms
19ms Preflight 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 14 Jan 2022 13:27:10 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame DBDC 769 B
962 B 37ms
37ms Document
text/html 52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=14876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c613db07ade8edb27b44a7ad6dfe3f64f16cefd6e6498a031f39611d16c58d2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-type: text/html
content-length: 769
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.6.177
server: Jetty(9.4.38.v20210224)

POST
H2 200 events Show response
gew1-spclient.spotify.com/gabo-receiver-service/v3/ Frame 1A5E 13 B
106 B 155ms
155ms Fetch
application/json 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed-podcast/vendor~embed-podcast.6f31ead8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
authorization: Bearer BQD35MCiJtXuBzXi6R4XCUO2X3dM9cxhKmykn5_CvKZdOdg_H81GVTZGk4v98Zpgg6kn_AK2TzuiRrGWZ_Y
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Fri, 14 Jan 2022 13:27:10 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H2 200 events
gew1-spclient.spotify.com/gabo-receiver-service/v3/ Frame 0
0 17ms
17ms Preflight 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 14 Jan 2022 13:27:10 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame DBDC 62 B
304 B 210ms
148ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=b106a290bbe2c40c4d57333a12e28c21
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:10 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame DBDC 43 B
422 B 143ms
29ms Image
image/gif 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=1cf159006c069907253b0acc8e584d2&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:10 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sat, 15 Jan 2022 08:27:10 GMT

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame DBDC 42 B
232 B 87ms
12ms Image
image/gif 3.127.253.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=1cf159006c069907253b0acc8e584d2&gdpr=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.253.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-253-208.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:10 GMT
Connection: keep-alive
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H2 200 adsct
analytics.twitter.com/i/ Frame DBDC 43 B
355 B 141ms
116ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=1cf159006c069907253b0acc8e584d2&p_id=63258

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 108
date: Fri, 14 Jan 2022 13:27:09 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: f2be150ef35f48ee234bb20037cc45850c8e46e5a5be612e25f2cf51f84283b1
content-length: 43

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=765361607/tpid=4467061633932302475/ Frame DBDC
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=765361607%2Ftpid%3D%24UID%2Ftp%3DANXS
https://sync.crwdcntrl.net/map/c=281/rand=765361607/tpid=4467061633932302475/tp=ANXS

49 B
264 B

48ms
35ms

Image
image/gif

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=765361607/tpid=4467061633932302475/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.7
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:27:10 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5f4f8662-7db9-4fdf-8938-271ef8a85d79
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=765361607/tpid=4467061633932302475/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DBDC 70 B
265 B 109ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=12%2C61%2C81%2C27%2C2%2C116&c=14876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
72 B 123ms
17ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=892e4e3a-f99a-4036-ad3d-04bfbe77ebaa&toploc=mothership.sg&rnd=7000717
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/69833023.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:09 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 46ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mothership.sg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
18ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mothership.sg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
267 B 133ms
133ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=46904311314398&correlator=1467532585303410&output=ldjh&impl=fifs&eid=31061814&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=80832119%2Cmediacorp_imu_feb2020&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x100%7C300x600%7C300x250&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26gs_cat%3Dgt_negative%252Cgs_tech%252Cneg_mbv_mcdonalds2%252Cgv_crime%252Cneg_mbv_mcdonalds%252Cgs_tech_computing%252Cgt_negative_dislike%252Cgs_finance%252Cneg_mbv_bmw4%252Cgt_negative_fear%252Cneg_mbv_singtel%252Cgs_finance_banking%252Cgt_negative_sadness%252Cneg_mss_block%252Cneg_mss_block_sustainability%252Cneg_mbv_bmw5%252Cneg_esso_fuelsfp2%252Cgt_negative_anger%252Cmbc_singtel%252Cgs_business%26meid%3De6f16775-e94d-4349-86cc-2f8cf3ae497f%26meid_seg%3D%26UID%3D1cf159006c069907253b0acc8e584d2%26lotameid%3Dall%26c_id%3D710322%26c_title%3DOCBC%2520S%27pore%2520scam%2520victims%252C%2520many%2520who%2520lost%2520life%2520savings%252C%2520slam%2520bank%2520for%2520underwhelming%2520response%2520-%2520Mothership.SG%2520-%2520News%2520from%2520Singapore%252C%2520Asia%2520and%2520around%2520the%2520world&cookie_enabled=1&bc=31&abxe=1&lmt=1642158159&dt=1642166830543&dlt=1642166829045&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=506958932&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=682205852.1642166830&ga_sid=1642166831&ga_hid=945350936&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8ab901cedf3a1cfb5b31ddd7033eaab205068c1a800eed7e5fb04063ffe7b5de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 903 B
295 B 304ms
302ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=46904311314398&correlator=1467532585303410&output=ldjh&impl=fifs&eid=31061814&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=4654%2Cmothership_desktop%2Carticle%2Cna%2Cleaderboard1%2Cout_of_page&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F3%2F5&prev_iu_szs=970x250%7C970x90%7C728x90%2C1x1&ists=1&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26gs_cat%3Dgt_negative%252Cgs_tech%252Cneg_mbv_mcdonalds2%252Cgv_crime%252Cneg_mbv_mcdonalds%252Cgs_tech_computing%252Cgt_negative_dislike%252Cgs_finance%252Cneg_mbv_bmw4%252Cgt_negative_fear%252Cneg_mbv_singtel%252Cgs_finance_banking%252Cgt_negative_sadness%252Cneg_mss_block%252Cneg_mss_block_sustainability%252Cneg_mbv_bmw5%252Cneg_esso_fuelsfp2%252Cgt_negative_anger%252Cmbc_singtel%252Cgs_business%26meid%3De6f16775-e94d-4349-86cc-2f8cf3ae497f%26meid_seg%3D%26UID%3D1cf159006c069907253b0acc8e584d2%26lotameid%3Dall%26c_id%3D710322%26c_title%3DOCBC%2520S%27pore%2520scam%2520victims%252C%2520many%2520who%2520lost%2520life%2520savings%252C%2520slam%2520bank%2520for%2520underwhelming%2520response%2520-%2520Mothership.SG%2520-%2520News%2520from%2520Singapore%252C%2520Asia%2520and%2520around%2520the%2520world&cookie_enabled=1&bc=31&abxe=1&lmt=1642158159&dt=1642166830548&dlt=1642166829045&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=300%2C300&adys=100%2C74&adks=108742879%2C39827649&ucis=2%7C3&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&vis=1&scr_x=0&scr_y=0&psz=1000x784%7C1000x784&msz=970x0%7C1000x0&ga_vid=682205852.1642166830&ga_sid=1642166831&ga_hid=945350936&ga_fc=true&fws=128%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

458970ef33e2255fcdda0ee02b351dfaaa34ff59533675b3cd817d1528d05499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 446 B
264 B 561ms
560ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=46904311314398&correlator=1467532585303410&output=ldjh&impl=fifs&eid=31061814&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=4654%2Cmothership_desktop%2Carticle%2Cna%2Cimu1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4&prev_iu_szs=300x600%7C300x250&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26gs_cat%3Dgt_negative%252Cgs_tech%252Cneg_mbv_mcdonalds2%252Cgv_crime%252Cneg_mbv_mcdonalds%252Cgs_tech_computing%252Cgt_negative_dislike%252Cgs_finance%252Cneg_mbv_bmw4%252Cgt_negative_fear%252Cneg_mbv_singtel%252Cgs_finance_banking%252Cgt_negative_sadness%252Cneg_mss_block%252Cneg_mss_block_sustainability%252Cneg_mbv_bmw5%252Cneg_esso_fuelsfp2%252Cgt_negative_anger%252Cmbc_singtel%252Cgs_business%26meid%3De6f16775-e94d-4349-86cc-2f8cf3ae497f%26meid_seg%3D%26UID%3D1cf159006c069907253b0acc8e584d2%26lotameid%3Dall%26c_id%3D710322%26c_title%3DOCBC%2520S%27pore%2520scam%2520victims%252C%2520many%2520who%2520lost%2520life%2520savings%252C%2520slam%2520bank%2520for%2520underwhelming%2520response%2520-%2520Mothership.SG%2520-%2520News%2520from%2520Singapore%252C%2520Asia%2520and%2520around%2520the%2520world&cookie_enabled=1&bc=31&abxe=1&lmt=1642158159&dt=1642166830555&dlt=1642166829045&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=1000&adys=930&adks=4042468666&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=682205852.1642166830&ga_sid=1642166831&ga_hid=945350936&ga_fc=true&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

162cb84f65eb28597d2040c25f34947543ceb42825959ca44598d74b9b68c79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mothership.sg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 851ms
851ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=46904311314398&correlator=1467532585303410&output=ldjh&impl=fifs&eid=31061814&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=4654%2Cmothership_desktop%2Carticle%2Cna%2Cimu2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F3%2F4&prev_iu_szs=300x600%7C300x250&cust_params=m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26gs_cat%3Dgt_negative%252Cgs_tech%252Cneg_mbv_mcdonalds2%252Cgv_crime%252Cneg_mbv_mcdonalds%252Cgs_tech_computing%252Cgt_negative_dislike%252Cgs_finance%252Cneg_mbv_bmw4%252Cgt_negative_fear%252Cneg_mbv_singtel%252Cgs_finance_banking%252Cgt_negative_sadness%252Cneg_mss_block%252Cneg_mss_block_sustainability%252Cneg_mbv_bmw5%252Cneg_esso_fuelsfp2%252Cgt_negative_anger%252Cmbc_singtel%252Cgs_business%26meid%3De6f16775-e94d-4349-86cc-2f8cf3ae497f%26meid_seg%3D%26UID%3D1cf159006c069907253b0acc8e584d2%26lotameid%3Dall%26c_id%3D710322%26c_title%3DOCBC%2520S%27pore%2520scam%2520victims%252C%2520many%2520who%2520lost%2520life%2520savings%252C%2520slam%2520bank%2520for%2520underwhelming%2520response%2520-%2520Mothership.SG%2520-%2520News%2520from%2520Singapore%252C%2520Asia%2520and%2520around%2520the%2520world&cookie_enabled=1&bc=31&abxe=1&lmt=1642158159&dt=1642166830561&dlt=1642166829045&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=1000&adys=1275&adks=338312507&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=682205852.1642166830&ga_sid=1642166831&ga_hid=945350936&ga_fc=true&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

884eb262aa68818766b7ecb185040939bf4ba45111fa6a3bb627ae7c24fbc6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mothership.sg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E490 6 KB
4 KB 634ms
230ms Document
text/html 2a00:1450:4019:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:27:11 GMT
expires: Sat, 14 Jan 2023 13:27:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 526ms
525ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/mothership_sg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Fri, 14 Jan 2022 14:27:11 GMT

GET
H/1.1 200 recommend Show response
sg.popin.cc/popin_discovery/ 136 KB
32 KB 1483ms
608ms Script
application/javascript 119.63.197.150
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://sg.popin.cc/popin_discovery/recommend?mode=new&rid=302809&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&&device=pc&media=mothership.sg&extra=windows&agency=test-th-agency&topn=50&ad=20&r_category=all&country=sg&redirect=true&uid=597c8d3033fc072f66a1642166831332&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTcuMC40NjkyIiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8yMDIyLzAxL29jYmMtc2NhbS12aWN0aW1zLyIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiJPQ0JDJTIwUydwb3JlJTIwc2NhbSUyMHZpY3RpbXMlMkMlMjBtYW55JTIwd2hvJTIwbG9zdCUyMGxpZmUlMjBzYXZpbmdzJTJDJTIwc2xhbSUyMGJhbmslMjBmb3IlMjB1bmRlcndoZWxtaW5nJTIwcmVzcG9uc2UlMjAtJTIwTW90aGVyc2hpcC5TRyUyMC0lMjBOZXdzJTIwZnJvbSUyMFNpbmdhcG9yZSUyQyUyMEFzaWElMjBhbmQlMjBhcm91bmQlMjB0aGUlMjB3b3JsZCIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9tb3RoZXJzaGlwLnNnLzIwMjIvMDEvb2NiYy1zY2FtLXZpY3RpbXMvIiwidXNlcl90ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInVzZXJfdGRfaG9zdCI6Im1vdGhlcnNoaXAuc2ciLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjQyMTY2ODMxMzMzLCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&callback=_p6_955aad107b02
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/mothership_sg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.197.150 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 1d0f0c908278546c48e1617b1eb784438d9f50b6faab354039d7af3e11b105fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:12 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 153 KB
42 KB 523ms
523ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/mothership_sg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e895e2bc4fa518911fc9dffe1db2847ae1753a0b11f34c7240fb45668ee4995c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jan 2022 09:03:54 GMT
Server: nginx
ETag: W/"c770c744142c6b3cd68e01f6e74a62b8"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: .uHoPXiAg51MhhPk1DJfMMg85iioHFXN
Expires: Fri, 14 Jan 2022 14:27:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111152338000/ Frame 7308 190 KB
55 KB 480ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 55099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55581
x-xss-protection: 0
server: sffe
date: Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8559bae154d80579"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 13 Jan 2023 22:08:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7308 13 KB
5 KB 492ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 55099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 13 Jan 2023 22:08:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7308 89 KB
28 KB 493ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 55099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 13 Jan 2023 22:08:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7308 5 KB
2 KB 498ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 55099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 13 Jan 2023 22:08:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7308 40 KB
13 KB 499ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 55099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Thu, 13 Jan 2022 22:08:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 13 Jan 2023 22:08:52 GMT

GET
DATA 200
OK truncated
/ Frame 7308 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 896a0e1eb1b754d84750ea922d3b3149dbba07769d6239f6e95a2307cdf27a08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11023067519927757607
tpc.googlesyndication.com/simgad/ Frame 7308 82 KB
82 KB 478ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11023067519927757607?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSjVCdOHjgrd7vXiD5UKJWJLev6A

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467bffd74b4266a62f8d61f2693a207b01c0c213033d12480ffb24bb2db53ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:05:06 GMT
x-content-type-options: nosniff
age: 260525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83833
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 05:59:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Jan 2023 13:05:06 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7308 2 KB
3 KB 477ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 61915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7308 295 B
757 B 471ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 27817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 15 Jan 2022 05:43:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7308 0
0 481ms
17ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHHgnjlDZP5LaWNe8hFaeY_9QElDNy06jU7lq8TchTre1hDuABEdP0ysbdLJ59BF7ZCxMN
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7308 0
0 53ms
53ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CChrTL3rhYa27B9WngQfQ24PoA62j7pxn09fux44OqJPMtt4JEAEg1e-bHmCVuomCmAegAevE14sDyAECqQL8th6HaGWoPuACAKgDAcgDCKoEmAJP0A_EDHuRfOMDpZXXZUWnZifws6oTan2Ho4pnaT4a_xm84lBCMxccEUwTP2TAKBl1xRONNQAb2vNs3n8vqRaC7UzBzgglSKTDH8LKY5w0VIP7RLSFjjEY74erg4BMGqEGXjFWZIaeVPTdehgNNZ_mBLCsoJwLXthI8A-JfwiSMZcTdeteSqn4Zsxe0dYiC-NUvp3SpSSp3GKWlqZUKoI_Xd0GlccRUm_B3LJDpKLaqEE71iQdkIEDmpnOhwncyof8IdFyo2-zqF_LSRRLzSfwjv8I0LBBAbx5u0jYzpsHPYQp4lOhB1T4UhIRIs1vTpFIDfYQgnsMdqqdRA5DRfipOyqDci66JBANVQm7LiDu6pTltQjGBpziwASN-raizAPgBAGSBQQIBBgBkgUECAUYBKAGAoAH_bqodKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKXBGtIICQiI4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi05Mjg2ODUxMzQ4OTA0NTgzGNz1EQ&sigh=-fvd3Z4TTc8&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
22ms Image
image/gif 104.102.30.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MEDIACORP_HEADER1&hp=1&zMoatAdUnit1=mothership_desktop&zMoatAdUnit2=article&zMoatAdUnit3=na&zMoatAdUnit4=na&wf=1&ra=3&pxm=&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1642166829572&de=871428676483&rx=341312421026&m=0&ar=cc97a930ec1-clean&iw=14bb004&q=2&cb=0&cu=1642166829572&ll=2&lm=0&ln=0&em=0&en=0&d=12538516%3A342201796%3A5317858505%3A138305242864&zMoatAU=-&zMoatPS=-&zGSRC=1&gu=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&id=1&ii=4&bo=mothership_desktop&bd=imu2&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mediacorpheader458604908711&fd=1&ac=1&it=500&pe=1%3A218%3A218%3A0%3A331&fs=195926&na=636312135&cs=0
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-30-13.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 14 Jan 2022 13:27:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
27ms Image
image/gif 104.102.30.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=mothership_desktop&zMoatAdUnit2=article&zMoatAdUnit3=na&zMoatAdUnit4=na&wf=1&ra=3&pxm=&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11023067519927757607%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4qnSjVCdOHjgrd7vXiD5UKJWJLev6A&i=MEDIACORP_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCfHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-RA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&pcode=mediacorpheader458604908711&rx=341312421026&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&id=1&ii=4&pl=0&f=0&j=&t=1642166829572&de=871428676483&cu=1642166829572&m=2384&ar=cc97a930ec1-clean&iw=14bb004&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14902&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A218%3A218%3A0%3A331&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=86&cd=0&ah=86&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=12538516%3A342201796%3A5317858505%3A138305242864&bo=mothership_desktop&bd=imu2&gw=mediacorpheader458604908711&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAU=-&zMoatPS=-&zMoatSlotName=%2F4654%2Fmothership_desktop%2Farticle%2Fna%2Fna%2Fimu2_0&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195926&na=1941477950&cs=0
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-30-13.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 14 Jan 2022 13:27:11 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7308
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

65ms
40ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Fri, 14 Jan 2022 13:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 272ms
272ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Expires: Fri, 14 Jan 2022 14:27:12 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

31ms
31ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date: Fri, 14 Jan 2022 13:27:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 525ms
122ms Script
application/javascript 54.211.176.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1642166833154&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiMzAyODA5IiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InBjIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjIwLCJyZXNwb25zZV9hZCI6MjAsInNtamFkIjowLCJhcGlfaG9zdCI6InNnLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im1vdGhlcnNoaXAuc2ciLCJ1cmwiOiJodHRwczovL21vdGhlcnNoaXAuc2cvMjAyMi8wMS9vY2JjLXNjYW0tdmljdGltcy8iLCJsb2dpZCI6IjI1YTg1OWRiLTkxOTEtNDZlNS1iNTlhLTY2YjFjMTExMzE2NiIsInVpZCI6IjU5N2M4ZDMwMzNmYzA3MmY2NmExNjQyMTY2ODMxMzMyIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiYTAwZjgzODYtYzRlOS00NzJiLWEwYWYtYzMyNmEwMGNkNzk3IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vbW90aGVyc2hpcC5zZy8yMDIyLzAxL29jYmMtc2NhbS12aWN0aW1zLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJtb3RoZXJzaGlwLnNnIiwidGRfcGF0aCI6Ii8yMDIyLzAxL29jYmMtc2NhbS12aWN0aW1zLyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiYTAwZjgzODYtYzRlOS00NzJiLWEwYWYtYzMyNmEwMGNkNzk3IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.176.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-176-244.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:13 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 1108ms
272ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiMzAyODA5IiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InBjIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjIwLCJyZXNwb25zZV9hZCI6MjAsInNtamFkIjowLCJhcGlfaG9zdCI6InNnLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im1vdGhlcnNoaXAuc2ciLCJ1cmwiOiJodHRwczovL21vdGhlcnNoaXAuc2cvMjAyMi8wMS9vY2JjLXNjYW0tdmljdGltcy8iLCJsb2dpZCI6IjI1YTg1OWRiLTkxOTEtNDZlNS1iNTlhLTY2YjFjMTExMzE2NiIsInVpZCI6IjU5N2M4ZDMwMzNmYzA3MmY2NmExNjQyMTY2ODMxMzMyIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiYTAwZjgzODYtYzRlOS00NzJiLWEwYWYtYzMyNmEwMGNkNzk3IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vbW90aGVyc2hpcC5zZy8yMDIyLzAxL29jYmMtc2NhbS12aWN0aW1zLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJtb3RoZXJzaGlwLnNnIiwidGRfcGF0aCI6Ii8yMDIyLzAxL29jYmMtc2NhbS12aWN0aW1zLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijk3LjAuNDY5MiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJhMDBmODM4Ni1jNGU5LTQ3MmItYTBhZi1jMzI2YTAwY2Q3OTciLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1642166833156
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:14 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 835ms
248ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&uid=597c8d3033fc072f66a1642166831332&type=pc_pv&nid=pc&media=mothership.sg&r5=cc_NONE&t=1642166833156&tz=sg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:13 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1189ms
286ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0Ijoic2cucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibW90aGVyc2hpcC5zZyIsInVybCI6Imh0dHBzOi8vbW90aGVyc2hpcC5zZy8yMDIyLzAxL29jYmMtc2NhbS12aWN0aW1zLyIsImxvZ2lkIjoiMjVhODU5ZGItOTE5MS00NmU1LWI1OWEtNjZiMWMxMTEzMTY2IiwicmlkIjoiMzAyODA5IiwidWlkIjoiNTk3YzhkMzAzM2ZjMDcyZjY2YTE2NDIxNjY4MzEzMzIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJhMDBmODM4Ni1jNGU5LTQ3MmItYTBhZi1jMzI2YTAwY2Q3OTciLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9tb3RoZXJzaGlwLnNnLzIwMjIvMDEvb2NiYy1zY2FtLXZpY3RpbXMvIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im1vdGhlcnNoaXAuc2ciLCJ0ZF9wYXRoIjoiLzIwMjIvMDEvb2NiYy1zY2FtLXZpY3RpbXMvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTcuMC40NjkyIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImEwMGY4Mzg2LWM0ZTktNDcyYi1hMGFmLWMzMjZhMDBjZDc5NyIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1642166833156
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:14 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
145 B 838ms
252ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJhMDBmODM4Ni1jNGU5LTQ3MmItYTBhZi1jMzI2YTAwY2Q3OTciLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9tb3RoZXJzaGlwLnNnLzIwMjIvMDEvb2NiYy1zY2FtLXZpY3RpbXMvIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im1vdGhlcnNoaXAuc2ciLCJ0ZF9wYXRoIjoiLzIwMjIvMDEvb2NiYy1zY2FtLXZpY3RpbXMvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjEzOC4xOTkuMzguMTM0IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijk3LjAuNDY5MiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJrZXkiOiJrZXkxNjQyMTY2ODMxMzMzIiwibm93IjoxNjQyMTY2ODMzMTU2LCJjbGllbnRfaWQiOiJhMDBmODM4Ni1jNGU5LTQ3MmItYTBhZi1jMzI2YTAwY2Q3OTciLCJ1cmwiOiJodHRwczovL21vdGhlcnNoaXAuc2cvMjAyMi8wMS9vY2JjLXNjYW0tdmljdGltcy8iLCJ1aWQiOiI1OTdjOGQzMDMzZmMwNzJmNjZhMTY0MjE2NjgzMTMzMiIsInNtaklkIjoiIiwiZGV2aWNlIjoicGMiLCJkaXNoX21lZGlhIjoibW90aGVyc2hpcC5zZyIsImRpc2hfY2F0ZWdvcnkiOiIiLCJkaXNoX2RvbWFpbiI6Im1vdGhlcnNoaXAuc2ciLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJsb2dpZCI6IjI1YTg1OWRiLTkxOTEtNDZlNS1iNTlhLTY2YjFjMTExMzE2NiIsImFwaV9ob3N0Ijoic2cucG9waW4uY2MiLCJkb21haW4iOiJtb3RoZXJzaGlwLnNnIiwicG9waW5fdmVyc2lvbiI6Nn0=
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:13 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 0
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 834ms
249ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&uid=&type=pc_channel_pv&nid=pc&media=mothership.sg&r5=ch_pc&t=1642166833161&tz=sg
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:13 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1211ms
281ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJwYyIsImV4cGVjdGVkX2FkIjo1LCJyZW5kZXJlZF9hZCI6MywiYXBpX2hvc3QiOiJzZy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJtb3RoZXJzaGlwLnNnIiwidXJsIjoiaHR0cHM6Ly9tb3RoZXJzaGlwLnNnLzIwMjIvMDEvb2NiYy1zY2FtLXZpY3RpbXMvIiwibG9naWQiOiIyNWE4NTlkYi05MTkxLTQ2ZTUtYjU5YS02NmIxYzExMTMxNjYiLCJyaWQiOiIzMDI4MDkiLCJ1aWQiOiI1OTdjOGQzMDMzZmMwNzJmNjZhMTY0MjE2NjgzMTMzMiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImEwMGY4Mzg2LWM0ZTktNDcyYi1hMGFmLWMzMjZhMDBjZDc5NyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL21vdGhlcnNoaXAuc2cvMjAyMi8wMS9vY2JjLXNjYW0tdmljdGltcy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoibW90aGVyc2hpcC5zZyIsInRkX3BhdGgiOiIvMjAyMi8wMS9vY2JjLXNjYW0tdmljdGltcy8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5Ny4wLjQ2OTIiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiYTAwZjgzODYtYzRlOS00NzJiLWEwYWYtYzMyNmEwMGNkNzk3IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1642166833161
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:14 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 834ms
249ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-th&uid=597c8d3033fc072f66a1642166831332&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&t=1642166833161
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:13 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 320ms
319ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:13 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.26
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Fri, 14 Jan 2022 14:27:13 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
24ms Image
image/gif 104.102.30.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=MEDIACORP_HEADER1&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1642166829572&de=932739747893&rx=341312421026&m=0&ar=cc97a930ec1-clean&iw=14bb004&q=3&cb=0&cu=1642166829572&ll=2&lm=0&ln=0&em=0&en=0&d=mothership.sg%3AOCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%3A__page__%3A-&zMoatAU=-&zMoatPS=-&zGSRC=1&gu=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=mediacorpheader458604908711&fd=1&ac=1&it=500&pe=1%3A218%3A218%3A0%3A331&fs=195926&na=726488718&cs=0
Requested by: Host: mothership.sg
URL: https://mothership.sg/2022/01/ocbc-scam-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-30-13.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 14 Jan 2022 13:27:14 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 141ms
140ms Image
image/gif 2a00:1450:4019:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=945350936&t=event&_s=2&dl=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&ul=en-us&de=UTF-8&dt=OCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%20-%20Mothership.SG%20-%20News%20from%20Singapore%2C%20Asia%20and%20around%20the%20world&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=author_pageview&ea=author_pageview_viewed&el=Low%20Jia%20Ying&_u=aGDAgAABAAAAAG~&jid=&gjid=&cid=682205852.1642166830&tid=UA-43110072-1&_gid=479891663.1642166830&z=277360862

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80b::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 02:54:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37941
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/14876/ 899 B
1 KB 35ms
7ms XHR
application/json 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/14876/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/14876/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef5b71e0ce15de87fd4c0a33e319fe6d22284f8b40710bf5dfefae436868aa7b

Request headers

Referer: https://mothership.sg/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Jan 2022 12:31:53 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
age: 34732
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 899
last-modified: Tue, 23 Nov 2021 20:08:08 GMT
server: AmazonS3
etag: "abd17d96eedbf15c757a7c4571191859"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: rFdkKpkMPBFaE79cYIMJnHBmI-tH1ysW_slwUFoDc4hzXkC-CWeu3g==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 54ms
20ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010407&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

add4b3a3488e98319b3aebe4bc12cc51bfe42a34a07bea521623523167720f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8624
x-xss-protection: 0

GET
H/1.1 200
OK base_monitor Show response
in.treasuredata.com/js/v3/event/fe_performance/ 89 B
316 B 105ms
95ms Script
application/javascript 54.211.176.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/fe_performance/base_monitor?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1642166834395&data=eyJyY2QiOjE5NjEsInJhZCI6MTc5MSwiaG9zdCI6Im1vdGhlcnNoaXAuc2ciLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwiYnJvd3NlciI6IkNocm9tZSIsImJyb3dzZXJfdmVyc2lvbiI6Ijk3LjAuNDY5MiIsIm9zIjoiV2luZG93cyIsIm9zX3ZlcnNpb24iOiIxMC4wLjAiLCJkZXZpY2UiOiJwYyIsInNjcmVlbiI6IjE2MDB4MTIwMCIsImFwaV9ob3N0Ijoic2cucG9waW4uY2MiLCJtZWRpYSI6Im1vdGhlcnNoaXAuc2ciLCJsaWJMb2FkTW9kZSI6ImlubGluZSIsInJjcyI6MzkzLCJkaV9hd3IiOjUsImF3cl9yYXMiOjAsInJhZV9hZHdkIjo2LCJhZHdkX2JkciI6MjYsInRvdGFsIjozNzk3LCJwb3Bpbl92ZXJzaW9uIjo2LCJwZXJmb3JtYW5jZV9pZCI6MTY0MjE2NjgzMTMzMX0%3D&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.176.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-176-244.compute-1.amazonaws.com

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:27:14 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 23ms
22ms Image
image/gif 104.102.30.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fmothership.sg%2F%2F2022%2F01%2Focbc-scam-victims%2F-&i=MEDIACORP_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCfHOWhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-RA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&pcode=mediacorpheader458604908711&rx=341312421026&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fmothership.sg%2F2022%2F01%2Focbc-scam-victims%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1642166829572&de=932739747893&cu=1642166829572&m=4811&ar=cc97a930ec1-clean&iw=14bb004&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=15731&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A218%3A218%3A0%3A331&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mothership.sg%3AOCBC%20S%27pore%20scam%20victims%2C%20many%20who%20lost%20life%20savings%2C%20slam%20bank%20for%20underwhelming%20response%3A__page__%3A-&bo=undefined&bd=undefined&gw=mediacorpheader458604908711&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAU=-&zMoatPS=-&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=195926&na=319045826&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.30.13 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-30-13.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 14 Jan 2022 13:27:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:27:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB82 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 14 Jan 2022 12:59:21 GMT
expires: Sat, 14 Jan 2023 12:59:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EEB2 783 B
535 B 19ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39467771a84c6532664a80db6cf2ceac507f7c7a24532b5f952326750d49ef92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VH9jA2lcDBaTVUxSCFfcGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 14 Jan 2022 13:27:14 GMT
date: Fri, 14 Jan 2022 13:27:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VH9jA2lcDBaTVUxSCFfcGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s22cBc76vWepYNwqq7rK-TaORqePB7gQ6sezXyyrHgA.js Show response
pagead2.googlesyndication.com/bg/ Frame BB82 35 KB
13 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s22cBc76vWepYNwqq7rK-TaORqePB7gQ6sezXyyrHgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36d9c05cefabd67a960dc2aabbacaf9368e46a78f07b810eac7b35f2cab1e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 08:14:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EEB2 0
0 99ms
91ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010407&jk=46904311314398&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BB82 0
9 B 11ms
11ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mghWsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:27:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010407&jk=46904311314398&bg=!GhmlGV3NAAaocxMpqHM7ACkAdvg8Wo3ceQThmQ9YXeePbpYfOadwsQo2qao5AS_tDp1mIvbgNO6lBwIAAABHUgAAAANoAQcKADjdUCTFq5oIWrm0yq334ILhntixF6ATY6pl86FopCy-aPvWXEFiR6-h2wI2CS4pdMyx4YreBv6Go5kCyoR42FcENMg_rtsmaXKVflbUT-TZ6hXbl3T1Az35uFWysBC2SeNfH7C8KptN2Gtw1QIpjiUIhrwdjn5_wxoPaEiVcvOhtmHLGh1X12_BY_ZFzm8ppsJEq8HB24Nwx750vQ6yAwbvrBRwWHKAIpGjeIfz3RKCuwkkkJkWO5Ypt5Xb0_nFnipeD8qZi6nLiyA1-SFkm2Ux6Tz0S_5Cht1LwdvqBUmfxMO9DLeVc-uF-HKj1A4cDlLbwNlhK4hEh3cp6SWC5iWLplW_V2JnuKHkZtgmSC_5dQvVpZsyrM9tS_j79dGa_9xRaZGbLrZn3Lp4YKb0cdqnG1dd3kFcyktek6r9i11Hwxyv2AXcqp4zruATb2MWBTMXdEK9aIXLJpKatrTZz0foHO0nzW3SZUsN4ZmvTiR4JALV3zUDAiJYxS7Lr0-TZ7yN73FV4vgPcaUB2bg4T6drXNj-j_q6VPBs8fl2gWCevogo_nDACPXYh2Nv56aH2sFonSw9LFAHcNTAmpcytLHMyZdI6R-xivUd2IlLuNEE3apqxaAuHVM5p_j5d4DTP3fryadK_8RODowz7y-7MMpOmdivXY9-eTSq_oyvaKQPFeUBrKPzK4g-s245H5zBLDmVlxnHKer6lZN_z9sUc5WRJJKAfNV0NlYzAGSf6o4xsNTtZMn8CzfOkBWOU3QxlAks7o0HgoDyAJN_Iyru3fXMpnFoBnLKqsupBBktKO0RbUkEmEccC6A-HpSiljf4UlnTKrK14IEY7jIum-RBJZCKQolsakWLCTWUk_np59yLpZI_LCd3v_unZh7XXzlZAjsUt15BQy0UOwkE838visIcabHwncdZRMlTezGD-jbgmDS4E4VcljysifIJhIi0E_E31r0ZzVLIXyY5lk9nftnIzH0yvLUFALX5qBDn_Ig67I8XOVgTWWKNSOFpt9RS3Anu9JXvPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mothership.sg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:27:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 02:19:02	Name: sync Value: CgkIOhDAnpXG5S8=
.spotify.com/	1970-01-20 08:55:02	Name: sp_t Value: ac2f8aa51f30278601be96a14bc7c1d3
.spotify.com/	1970-01-20 00:10:53	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F29a9bAzGveHWr5dVhxXy3P%3Futm_source%3Dgenerator
.mothership.sg/	1970-01-20 02:19:02	Name: _fbp Value: fb.1.1642166829744.161498970
.mothership.sg/	1970-01-20 17:40:38	Name: _ga Value: GA1.2.682205852.1642166830
.mothership.sg/	1970-01-20 00:10:53	Name: _gid Value: GA1.2.479891663.1642166830
.mothership.sg/	1970-01-20 00:09:26	Name: _gat Value: 1
.mothership.sg/	1970-01-20 00:09:26	Name: _gat_UA-43110072-1 Value: 1
.scorecardresearch.com/	1970-01-20 17:26:14	Name: UID Value: 1Z3ZHTO0YWZE2KEKAQBWISg1642166830
.crwdcntrl.net/	1970-01-20 06:38:13	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:38:13	Name: _cc_id Value: 1cf159006c069907253b0acc8e584d2
.crwdcntrl.net/	1970-01-20 06:38:14	Name: _cc_cc Value: "ACZ4XmOQN0xOMzS1NDAwSzYws7Q0MDcyNU4ySExOtkg1tTBJMWIAgsSHVXr%2FgYAfxAED3sf9l3QZ55Qw%2FGdkZPg6Z5UGjH180xQWGPvjZ0sYc%2FmfQriKo4eYYexLpx6xwdi7910WgLEPL54DN2X6CXWY8LslCOE1G55yw8RnXLukA2MDAEBcRcE%3D"
.crwdcntrl.net/	1970-01-20 06:38:14	Name: _cc_aud Value: "ABR4XmNgYGBIfFilB6QggImBUXwhiMmlAKIAPuMDcQ%3D%3D"
.adnxs.com/	1970-01-20 02:19:02	Name: icu Value: ChgIv-tvEAoYASABKAEwrvSFjwY4AUABSAEQrvSFjwYYAA..
.adnxs.com/	1970-01-20 02:19:02	Name: uuid2 Value: 4467061633932302475
.mothership.sg/	1970-01-20 06:38:14	Name: _cc_id Value: 1cf159006c069907253b0acc8e584d2
.mothership.sg/	1970-01-20 06:38:14	Name: _cc_cc Value: ACZ4XmOQN0xOMzS1NDAwSzYws7Q0MDcyNU4ySExOtkg1tTBJMWIAgsSHVXr%2FgYAfxAED3sf9l3QZ55Qw%2FGdkZPg6Z5UGjH180xQWGPvjZ0sYc%2FmfQriKo4eYYexLpx6xwdi7910WgLEPL54DN2X6CXWY8LslCOE1G55yw8RnXLukA2MDAEBcRcE%3D
.mothership.sg/	1970-01-20 06:38:14	Name: _cc_aud Value: ABR4XmNgYGBIfFilB6QggImBUXwhiMmlAKIAPuMDcQ%3D%3D
.mothership.sg/	1970-01-20 00:19:31	Name: panoramaId_expiry Value: 1642771629981
.mothership.sg/	1970-01-20 00:19:31	Name: panoramaId Value: ec6bf12a2fc6042249b3226d72494945a702fe082b3b163c66294565d6c35f36
mothership.sg/	1969-12-31 23:59:59	Name: lotameid Value: all
.mothership.sg/	1970-01-20 08:55:02	Name: meid Value: e6f16775-e94d-4349-86cc-2f8cf3ae497f
.mediacorp.sg/	1970-01-20 08:55:02	Name: UID Value: e6f16775-e94d-4349-86cc-2f8cf3ae497f
uid.mediacorp.sg/	1970-01-20 08:55:02	Name: UIDPriorityDomain Value: e6f16775-e94d-4349-86cc-2f8cf3ae497f
.twitter.com/	1970-01-20 17:40:38	Name: personalization_id Value: "v1_TvpX2GniJPvXOjr79DyYXw=="
.mothership.sg/	1970-01-20 08:55:02	Name: meid_seg Value: none
.mothership.sg/	1970-01-20 08:55:02	Name: _ss_pp_id Value: 597c8d3033fc072f66a1642166831332
.mothership.sg/	1970-01-20 09:31:02	Name: __gads Value: ID=794434f4303f96da-2236d30c20cd00ba:T=1642166830:S=ALNI_MYvVxplqFhic4IWrpPwLoZGcSDS4w
.doubleclick.net/	1970-01-20 09:31:02	Name: IDE Value: AHWqTUna82kW595Q2KRv6D2OPN9pinl6VnvteaZZGrhTDO9hilwZtL8t9bptOGzvFjY
.doubleclick.net/	1970-01-20 00:09:30	Name: DSID Value: NO_DATA
.popin.cc/	1970-01-20 08:55:02	Name: uid Value: 597c8d3033fc072f66a1642166831332
.3lift.com/	1970-01-20 02:19:02	Name: tluid Value: 16635067408672102129
.in.treasuredata.com/	1970-01-20 17:40:38	Name: _td_global Value: 9b6557ce-cdcb-4ee6-a4e6-fa77e86848dd
.mothership.sg/	1970-01-20 17:40:38	Name: _td Value: a00f8386-c4e9-472b-a0af-c326a00cd797

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://mothership.sg/2022/01/ocbc-scam-victims/(Line 634) Message: Allow attribute will take precedence over 'allowfullscreen'.
javascript	warning	URL: https://open.scdn.co/cdn/build/embed-podcast/embed-podcast.abebc1ef.js Message: It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.
other	warning	URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://open.spotify.com/embed-podcast/episode/29a9bAzGveHWr5dVhxXy3P?utm_source=generator Message: The resource https://open.scdn.co/cdn/fonts/spoticon_regular_2.d319d911.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38a1531904d099bcef1cba76a275ec18.safeframe.googlesyndication.com
a.teads.tv
adservice.google.com
adservice.google.de
analytics.twitter.com
api.popin.cc
api.vidy.com
apresolve.spotify.com
assets.adobedtm.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.brandmetrics.com
collector.brandmetrics.com
connect.facebook.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
gew1-spclient.spotify.com
googleads.g.doubleclick.net
i.scdn.co
ib.adnxs.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
match.adsrvr.org
mb.moatads.com
mediacorp.gscontxt.net
ml314.com
mothership.sg
o22381.ingest.sentry.io
open.scdn.co
open.spotify.com
pagead2.googlesyndication.com
px.moatads.com
r.popin.cc
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg.popin.cc
static.mothership.sg
static.vidy.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.sharethis.com
tags.bluekai.com
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
uid.mediacorp.sg
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
z.moatads.com
104.102.30.13
104.111.215.191
104.244.42.195
119.63.193.220
119.63.197.150
119.63.198.143
119.63.198.172
119.63.198.188
13.32.99.90
132.145.232.67
142.250.186.162
15.197.193.217
18.168.182.140
18.66.97.88
2.18.232.7
20.50.2.28
2600:1901:0:524d::
2600:1901:1:5ca::
2600:1901:1:c36::
2606:4700:10::6816:227b
2606:4700:10::ac43:2516
2606:4700:20::681a:69b
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c06::9d
2a00:1450:4019:805::2001
2a00:1450:4019:80b::200e
2a02:26f0:6c00:28a::1e80
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:54::760
3.127.253.208
34.120.195.249
34.247.104.176
37.252.172.36
37.252.173.27
45.60.34.167
52.17.84.146
52.48.241.99
52.59.85.35
54.211.176.244
76.223.111.18
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b5c860680a251df7ca5792bcae4d24f24636293def0b6c9138f46fa6ecd8b67
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e825397d595b2a9d4568bb2005f9c235231c97f78670e76c70eaebe1f9a6ce5
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
10255440caeddf522a022a21978298f01fbfb1a5517116e02a0dc416a342c9bd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121cfa4f0e30c7442decddd155313a22156983a74917d3f2dc4db3989affd92d
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
162cb84f65eb28597d2040c25f34947543ceb42825959ca44598d74b9b68c79e
182f87d868c1b00718d602b14224500b4e12dd5d339816371a3f5a546a7526a6
19b1a24897be99c28c88c62e3b8f6162f84fe94d6333d740b5ec811df6f0ede8
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4
1c8edf1a4cdd964344cc09b1900cd75c417ef3061824b99bf207b08c9f3fca21
1d0f0c908278546c48e1617b1eb784438d9f50b6faab354039d7af3e11b105fa
1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
270722e31c5706e03fd2c88e98342de0ec3b66c0df27e72fade9dcb348a745b7
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
2b3fcaafa893b3294c93ae0b9e6415232218ad7a66135b94954e1a6d2de8dbc7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35436da0050b980fc6cb97d8f844a1914730d9d894066cd566bfb1968f58ecd9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39467771a84c6532664a80db6cf2ceac507f7c7a24532b5f952326750d49ef92
39ef7e7ab7ca51e873806ca864cb1afe12028c39920c65844abb87c0387aa5be
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
458970ef33e2255fcdda0ee02b351dfaaa34ff59533675b3cd817d1528d05499
45d2406d482b6c598f52171113ad618df9dc29d80e7570460917277f58bd2798
467bffd74b4266a62f8d61f2693a207b01c0c213033d12480ffb24bb2db53ae7
46b3aa37d9aa0ddf4dc2e04a7662825694153d86b62687ee4781ac51b1ce9812
473eb83e47d5c97563498dfb4e6f51f3fb39cb5309f0f890b8a0387100b4a730
4786b07740c16fb85d652560760bbda58f393ae008120b0ea1bc9b3aeda64222
47fc63fc8e9fd2e4b33c0d13e3339020b8759171727f3c2375727ea86fb851be
4d4c7d10a95d4363e4449aa20329a4631da99765280be202bfb1703276156415
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59245319e38294aa2feca919e6eef4b161614f3f636f4adb5500f592e535d4df
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5e4e1b22fd62cd393a6580759320787df48bcda73d7d7f3a53ccff067ffd6f37
5fe4c07499e8bc5bac3e9545dcaf59da106673c26c26cdbc0d267045ef52f9c9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6576c9c9dc3dade94d0b10e71df05a4b28220b94722d2825fc17fde08882d83c
661d91e5fdd4a8de24a4424e73063ae137d2946cfbbae50195cb0857356fffba
671be9acebc685fd620cca845b6e81d474f49ad5b812ee3108a9ab4f819866f0
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6903ce7fb79571c3c3c4173da244ead866b0975a74df97fe32277f0366e9f3b4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e2a08268923ca4068957cf5579968dd41f183ae21ebafc93b3b160a2bd8c584
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80b0cf14353742976174367945abcfe323a05d9c3746b18be104e41935bd6d5e
80cea66525af03430f52ef9e86a9f0194edc39e4a9b078ea8d28b2d7282ec7bc
8113e8fdcaee4f6dc7689a678b6bbeac27755d9ca1432ad9183985bd324ef951
82758cd4aa0b9fc7c0c258c532978f94234ad37b66712ae66868c42bb2ce48eb
82cde5dd2d961e9f154314e8c2b0b4ae0618b0de9cb0fd3192169f376df55b7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993
876111e43bc1872a38177788e7a9dfe704045b3ea042b8f9d49d2e8ae684218a
884eb262aa68818766b7ecb185040939bf4ba45111fa6a3bb627ae7c24fbc6c9
893c8288e0c808f5ee65a15f20a3d02672fc2cf630a4eb3c453da01c077fec5c
896a0e1eb1b754d84750ea922d3b3149dbba07769d6239f6e95a2307cdf27a08
897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda
8ab901cedf3a1cfb5b31ddd7033eaab205068c1a800eed7e5fb04063ffe7b5de
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfc41774767ecf99edb1a5c08b838abe4e64c1a0f7328e3c58e0d8f68e54502
8f2f2a419db196519c0a8928d309d98c8408f5dc13ca314b1be6eca17be256e7
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
96791f722a5d1c3c2694bbcedafadf586f91556c31f1e99fd8d0833fda1e5613
9768dd0b6bf35053e6699648f67d414986b804262f7b349124c50757f497545b
9c028c6838a7b886899809715eb0bd6a1d645f0dff2c93381d3d1399758d63de
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1bfa93165e5e460e37883ea167cdf8b99b7c618f45019b43b00fa102474ab74
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84b41e68c31d56afcfacf8787e03347384db1ba7349a9d0df000490c3506baa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd00d24d0e20a356a0c4e1663dd370aedf26093a413c7a4080284396e9ea300
add4b3a3488e98319b3aebe4bc12cc51bfe42a34a07bea521623523167720f25
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b346f636e2c30bada02356586ecd98fb9bab00005aad2af343e6771c4b889f30
b36d9c05cefabd67a960dc2aabbacaf9368e46a78f07b810eac7b35f2cab1e00
b734a9f46c1436954f35b9bb200f41d0a27f5c0f20bde5e5d20b32aa026cc3b3
bb6674d9220e78dea9fb7fcc96207fe52a249f0d09212b5555b486c50c136ee7
c238b42f0ce1161dc46091650fce0f16b87ddadf19e615bbad1dd8b47ef8c42e
c32574c48f75bc03a04b170cb445f8f538aafb3de0a50c3b9c1a73d98dbb2ae9
c4a4999dc560a76ca454dca198d1627dea899539da85f958dbfa21c9741fdf03
c613db07ade8edb27b44a7ad6dfe3f64f16cefd6e6498a031f39611d16c58d2f
c6a55ac6fd4b4a84edb42080dbdd8c4113dc1430f76905ed6d5648c5b351d4fe
c75be222ae4f60c9747cac277a113283a566581a68890a29adfee03eeb67507b
ceedda6e95f40f4853692b7a532c3d79aba9e2e10ba5ac6fe69026773565414c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5dcd0b7590c55b825746246972cf528fdb5ae029f861e3efd1357feddd9cbf
d4be0593eeae286bdfc879e853e32c2a707867f90bc52477bbdd7a887c97b2be
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1
d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f
dc657335972f2e38c33a4b71d0cb15c2c16b0f2b61e772fdb0203372accb15bb
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
ddf42245fe4d2966e95db9c2d44a908a37bbe952453aa148c6261444b5ca8ab3
debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8
df90e395facda9b171e2669652b307fd3fa5200309236f0a77c41a0f556f2ae6
e206b5d2281adbfc85ded5e77956214f42bb6a4da3eb1b9d9b7def91b5ddf76a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ba2c6453256d9bb70ffc006a44ba75eaa4de2e026eb7f4c932d837f3232601
e895e2bc4fa518911fc9dffe1db2847ae1753a0b11f34c7240fb45668ee4995c
e8ef35e34b7546f486bceb6132b1e508da72207d6f2e1ed62f323656fe7522ab
e9cdad08c9e7f3a473b3753e3c787360cd3e23209b291e45b13847ed2377007a
ecdadd5b09af320c848daec70013e1b0a29b74a8f19cdb2cec262306c85a3f9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5b71e0ce15de87fd4c0a33e319fe6d22284f8b40710bf5dfefae436868aa7b
f0f90af8b6fdbc33779edac30424a46393c539562d7f8133683e5b083a4694e6
f1e5342ab3028d2fc44b5d337bd1a7a7388254fe8751da0a327f3c91dd5da02f
f268e612c8b65f1f92e087a71d858c5af21b26f91633c59b2e9a6ce79a8a9fb3
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f6b43988dae810ce0b53031d8298bf6b9fc942f6553066c9faaa05ff83b5425e
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f923d08eb1c4d655836c69a4c8e82c4195a980ecf65f06ce9ff9fec801b0366e
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

mothership.sg Open in urlscan Pro 2606:4700:10::6816:227b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

173 Requests

98 %HTTPS

44 %IPv6

33 Domains

55 Subdomains

47 IPs

8 Countries

7314 kBTransfer

11923 kBSize

34 Cookies

20 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

mothership.sg Open in urlscan Pro
2606:4700:10::6816:227b Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

98 %
HTTPS

44 %
IPv6

33
Domains

55
Subdomains

47
IPs

8
Countries

7314 kB
Transfer

11923 kB
Size

34
Cookies

173 HTTP transactions
3 data transactions