urlscan.io logo urlscan.io
SecurityTrails logo

www.thevibes.com Open in urlscan Pro
104.21.32.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05...
Effective URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-w...
Submission: On May 26 via api from DE — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 16 countries across 83 domains to perform 378 HTTP transactions. The main IP is 104.21.32.1, located in and belongs to CLOUDFLARENET, US. The main domain is www.thevibes.com.
TLS certificate: Issued by WE1 on May 8th 2025. Valid for: 3 months.
This is the only time www.thevibes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 74.125.23.101 15169 (GOOGLE)
4 142.250.204.10 15169 (GOOGLE)
8 142.250.76.104 15169 (GOOGLE)
13 142.251.221.67 15169 (GOOGLE)
2 64.233.187.94 15169 (GOOGLE)
4 216.239.32.178 15169 (GOOGLE)
6 172.217.14.110 15169 (GOOGLE)
1 142.250.204.1 15169 (GOOGLE)
1 25 104.21.32.1 13335 (CLOUDFLAR...)
12 108.177.125.154 15169 (GOOGLE)
2 108.158.20.53 16509 (AMAZON-02)
35 142.250.189.2 15169 (GOOGLE)
5 23.46.179.171 20940 (AKAMAI-AS...)
4 157.240.8.23 32934 (FACEBOOK)
1 199.232.136.157 54113 (FASTLY)
1 104.21.112.1 13335 (CLOUDFLAR...)
2 184.84.165.90 20940 (AKAMAI-AS...)
1 108.158.32.56 16509 (AMAZON-02)
1 7 52.52.120.166 16509 (AMAZON-02)
7 157.240.8.35 32934 (FACEBOOK)
3 23.46.179.11 20940 (AKAMAI-AS...)
12 142.251.221.65 15169 (GOOGLE)
4 162.159.140.229 13335 (CLOUDFLAR...)
4 172.66.0.227 13335 (CLOUDFLAR...)
2 7 172.217.14.68 15169 (GOOGLE)
6 151.101.193.44 54113 (FASTLY)
3 15.165.124.167 16509 (AMAZON-02)
1 18.67.110.129 16509 (AMAZON-02)
6 18.67.110.109 16509 (AMAZON-02)
2 10 142.250.66.226 15169 (GOOGLE)
10 142.251.221.66 15169 (GOOGLE)
3 216.239.32.181 15169 (GOOGLE)
1 64.233.189.154 15169 (GOOGLE)
9 64.233.187.132 15169 (GOOGLE)
4 35.213.89.133 15169 (GOOGLE)
4 18.67.93.102 16509 (AMAZON-02)
2 34.111.60.239 396982 (GOOGLE-CL...)
1 21 104.17.199.65 13335 (CLOUDFLAR...)
1 52.78.242.194 16509 (AMAZON-02)
2 23.55.6.117 16625 (AKAMAI-AS)
1 1 74.125.23.156 15169 (GOOGLE)
1 184.84.165.123 20940 (AKAMAI-AS...)
1 180.210.70.11 45974 (NHN-AS-KR...)
1 203.137.133.151 4694 (IDCF IDC ...)
1 2 211.183.210.1 152199 (KAKAOCORP...)
1 210.59.219.17 3462 (HINET Dat...)
1 2 103.43.90.54 29990 (ASN-APPNEX)
1 141.226.224.32 200478 (TABOOLA-A...)
2 142.250.76.98 15169 (GOOGLE)
2 4 74.125.203.148 15169 (GOOGLE)
2 4 64.233.187.149 15169 (GOOGLE)
3 23.46.10.234 20940 (AKAMAI-AS...)
2 104.21.57.238 13335 (CLOUDFLAR...)
2 207.65.33.83 62713 (AS-PUBMATIC)
1 52.220.144.146 16509 (AMAZON-02)
1 54.153.25.123 16509 (AMAZON-02)
2 35.208.249.213 15169 (GOOGLE)
2 3 185.84.60.20 198622 (ADFORM Ad...)
1 1 216.200.232.249 30419 (PAEDAE-INC)
1 16 67.199.150.86 62713 (AS-PUBMATIC)
5 5 103.43.91.58 29990 (ASN-APPNEX)
3 3 67.199.150.82 62713 (AS-PUBMATIC)
2 11 51.79.154.9 16276 (OVH OVH SAS)
2 172.235.205.25 63949 (AKAMAI-LI...)
4 6 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
1 34.238.186.67 14618 (AMAZON-AES)
6 11 74.125.23.154 15169 (GOOGLE)
1 34.142.175.23 396982 (GOOGLE-CL...)
1 2 18.138.163.165 16509 (AMAZON-02)
6 6 15.197.193.217 16509 (AMAZON-02)
1 1 54.206.33.115 16509 (AMAZON-02)
3 3 183.177.68.211 10310 (YAHOO-1)
3 67.199.150.85 62713 (AS-PUBMATIC)
2 142.251.8.156 15169 (GOOGLE)
1 104.17.197.65 13335 (CLOUDFLAR...)
1 172.67.38.106 13335 (CLOUDFLAR...)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 1 52.220.85.210 16509 (AMAZON-02)
2 2 54.153.211.209 16509 (AMAZON-02)
1 2 34.117.77.79 396982 (GOOGLE-CL...)
1 1 184.27.43.153 16625 (AKAMAI-AS)
2 184.31.253.153 16625 (AKAMAI-AS)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
4 4 52.221.253.165 16509 (AMAZON-02)
1 1 104.18.164.66 13335 (CLOUDFLAR...)
4 4 35.212.212.222 15169 (GOOGLE)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2 148.251.20.70 24940 (HETZNER-A...)
1 1 104.21.68.74 13335 (CLOUDFLAR...)
1 1 23.106.127.165 59253 (LEASEWEB-...)
2 2 64.74.236.95 22075 (AS-OUTBRAIN)
1 1 50.31.142.95 23352 (SERVERCEN...)
2 2 103.67.201.72 59210 (PHOENIXNA...)
2 141.95.98.64 16276 (OVH OVH SAS)
1 57.129.92.143 16276 (OVH OVH SAS)
1 162.19.138.120 16276 (OVH OVH SAS)
1 35.214.199.88 19527 (GOOGLE-2)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 1 23.40.52.90 20940 (AKAMAI-AS...)
10 16 69.173.158.64 26667 (RUBICONPR...)
4 4 82.145.213.8 39832 (NO-OPERA ...)
2 2 151.101.130.58 54113 (FASTLY)
1 1 23.106.127.38 59253 (LEASEWEB-...)
1 4 98.82.158.241 14618 (AMAZON-AES)
5 5 35.213.7.90 15169 (GOOGLE)
6 51.195.34.222 16276 (OVH OVH SAS)
2 135.125.145.78 16276 (OVH OVH SAS)
3 51.195.115.36 16276 (OVH OVH SAS)
1 51.195.73.113 16276 (OVH OVH SAS)
1 51.195.126.30 16276 (OVH OVH SAS)
1 51.195.73.71 16276 (OVH OVH SAS)
1 51.195.34.220 16276 (OVH OVH SAS)
1 135.125.146.80 16276 (OVH OVH SAS)
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 35.213.45.194 15169 (GOOGLE)
2 2 103.229.10.211 16509 (AMAZON-02)
1 2 151.101.130.49 54113 (FASTLY)
1 1 44.193.46.238 14618 (AMAZON-AES)
1 35.186.193.173 396982 (GOOGLE-CL...)
2 2 108.158.32.47 16509 (AMAZON-02)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 150.171.22.12 8075 (MICROSOFT...)
1 2 67.220.226.232 16509 (AMAZON-02)
2 2 54.199.115.238 16509 (AMAZON-02)
1 54.211.170.34 14618 (AMAZON-AES)
1 131.153.206.102 59210 (PHOENIXNA...)
1 183.177.68.210 10310 (YAHOO-1)
1 141.226.229.48 200478 (TABOOLA-A...)
378 96
4    74.125.23.101 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f101.1e100.net
news.google.com
4    142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
fonts.googleapis.com
8    142.250.76.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f8.1e100.net
www.googletagmanager.com
13    142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
www.gstatic.com
www.google.com.au
2    64.233.187.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f94.1e100.net
fonts.gstatic.com
4    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    172.217.14.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lax31s01-in-f14.1e100.net
play.google.com
1    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
lh3.googleusercontent.com
25    104.21.32.1 (None, )

ASN13335 (CLOUDFLARENET, US)
www.thevibes.com
media.thevibes.com
12    108.177.125.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tp-in-f154.1e100.net
securepubads.g.doubleclick.net
2    108.158.20.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-53.syd62.r.cloudfront.net
platform-api.sharethis.com
35    142.250.189.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lax31s16-in-f2.1e100.net
pagead2.googlesyndication.com
5    23.46.179.171 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-179-171.deploy.static.akamaitechnologies.com
use.typekit.net
4    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    104.21.112.1 (None, )

ASN13335 (CLOUDFLARENET, US)
edgecdn.dev
2    184.84.165.90 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-84-165-90.deploy.static.akamaitechnologies.com
p.typekit.net
1    108.158.32.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-56.syd3.r.cloudfront.net
buttons-config.sharethis.com
7    52.52.120.166 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-120-166.us-west-1.compute.amazonaws.com
l.sharethis.com
sync.sharethis.com
7    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
3    23.46.179.11 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-179-11.deploy.static.akamaitechnologies.com
static.dable.io
12    142.251.221.65 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
ep2.adtrafficquality.google
4    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
4    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.twitter.com
7    172.217.14.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s38-in-f4.1e100.net
www.google.com
6    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
psb.taboola.com
trc.taboola.com
pips.taboola.com
3    15.165.124.167 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-165-124-167.ap-northeast-2.compute.amazonaws.com
api.dable.io
1    18.67.110.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-129.syd62.r.cloudfront.net
count-server.sharethis.com
6    18.67.110.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-109.syd62.r.cloudfront.net
platform-cdn.sharethis.com
10    142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
googleads.g.doubleclick.net
10    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
td.doubleclick.net
ep1.adtrafficquality.google
3    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    64.233.189.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f154.1e100.net
stats.g.doubleclick.net
9    64.233.187.132 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f132.1e100.net
tpc.googlesyndication.com
4    35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com
trace-jp.mediago.io
4    18.67.93.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-102.syd62.r.cloudfront.net
cdn.mediago.io
2    34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.60.111.34.bc.googleusercontent.com
images.mediago.io
21    104.17.199.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cdn.mgid.com
cm.mgid.com
1    52.78.242.194 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-242-194.ap-northeast-2.compute.amazonaws.com
r-log.dable.io
2    23.55.6.117 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-6-117.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    74.125.23.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f156.1e100.net
cm.g.doubleclick.net
1    184.84.165.123 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-84-165-123.deploy.static.akamaitechnologies.com
images.dable.io
1    180.210.70.11 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
cm-exchange.toast.com
1    203.137.133.151 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
cs.gssprt.jp
2    211.183.210.1 (Korea, Republic Of)

ASN152199 (KAKAOCORP-AS-KR Kakao Corp, KR)
analytics.ad.daum.net
act.ds.kakao.com
1    210.59.219.17 (Taichung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-17.hinet-ip.hinet.net
dable-api.scupio.com
2    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
cds.taboola.com
2    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
www.googleadservices.com
4    74.125.203.148 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f148.1e100.net
ad.doubleclick.net
4    64.233.187.149 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f149.1e100.net
10486115.fls.doubleclick.net
3    23.46.10.234 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-10-234.deploy.static.akamaitechnologies.com
t.sharethis.com
2    104.21.57.238 (None, )

ASN13335 (CLOUDFLARENET, US)
edgecdnplus.com
2    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.220.144.146 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-144-146.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    54.153.25.123 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-25-123.us-west-1.compute.amazonaws.com
sync.sharethis.com
2    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
3    185.84.60.20 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
1    216.200.232.249 (Frederick, United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
16    67.199.150.86 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
5    103.43.91.58 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
3    67.199.150.82 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
11    51.79.154.9 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip9.ip-51-79-154.net
onetag-sys.com
2    172.235.205.25 (Osaka, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-235-205-25.ip.linodeusercontent.com
adx.dable.io
6    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.238.186.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-186-67.compute-1.amazonaws.com
sync.crwdcntrl.net
11    74.125.23.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f154.1e100.net
cm.g.doubleclick.net
1    34.142.175.23 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com
um.simpli.fi
2    18.138.163.165 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-163-165.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    54.206.33.115 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-33-115.ap-southeast-2.compute.amazonaws.com
ad.turn.com
3    183.177.68.211 (Hong Kong)

ASN10310 (YAHOO-1, US)
PTR: e2-ha.ycpi.aue.yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
3    67.199.150.85 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    142.251.8.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f156.1e100.net
adservice.google.com
1    104.17.197.65 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
1    52.220.85.210 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-85-210.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    54.153.211.209 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com
ps.eyeota.net
2    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
1    184.27.43.153 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-43-153.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    184.31.253.153 (Seoul, Korea, Republic Of)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-253-153.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    52.221.253.165 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-253-165.ap-southeast-1.compute.amazonaws.com
pubmatic-match.dotomi.com
1    104.18.164.66 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
4    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    148.251.20.70 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.70.20.251.148.clients.your-server.de
sync.richaudience.com
1    104.21.68.74 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.rtbsystem.com
1    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync.smartadserver.com
2    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    50.31.142.95 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.outbrain.com
2    103.67.201.72 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
PTR: 1.cpm.sin1.wowcon.net
sync.adkernel.com
2    141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    57.129.92.143 (France)

ASN16276 (OVH OVH SAS, FR)
lbs.eu-1-id5-sync.com
1    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    35.214.199.88 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 88.199.214.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    23.40.52.90 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-40-52-90.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
16    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    82.145.213.8 (Norway)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    151.101.130.58 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.temu.com
1    23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync-global.smartadserver.com
4    98.82.158.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-158-241.compute-1.amazonaws.com
s.amazon-adsystem.com
5    35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
6    51.195.34.222 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip222.ip-51-195-34.eu
d0.eu-3-id5-sync.com
d3.eu-3-id5-sync.com
d4.eu-3-id5-sync.com
d5.eu-3-id5-sync.com
d7.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
2    135.125.145.78 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip78.ip-135-125-145.eu
d1.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
3    51.195.115.36 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip36.ip-51-195-115.eu
d2.eu-3-id5-sync.com
d6.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
1    51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu
d0.eu-4-id5-sync.com
1    51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu
d3.eu-4-id5-sync.com
1    51.195.73.71 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip71.ip-51-195-73.eu
d5.eu-4-id5-sync.com
1    51.195.34.220 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip220.ip-51-195-34.eu
d6.eu-4-id5-sync.com
1    135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu
d7.eu-4-id5-sync.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    35.213.45.194 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 194.45.213.35.bc.googleusercontent.com
pool.admedo.com
2    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    151.101.130.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    44.193.46.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-46-238.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.193.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    108.158.32.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-47.syd3.r.cloudfront.net
cr-p10.ladsp.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    150.171.22.12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    54.199.115.238 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-115-238.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    54.211.170.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-170-34.compute-1.amazonaws.com
match.sharethrough.com
1    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sync.a-mo.net
1    183.177.68.210 (Hong Kong)

ASN10310 (YAHOO-1, US)
PTR: e1-ha.ycpi.aue.yahoo.com
pbs.yahoo.com
1    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
522 KB
49 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 240
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
td.doubleclick.net — Cisco Umbrella Rank: 310
stats.g.doubleclick.net — Cisco Umbrella Rank: 168
cm.g.doubleclick.net — Cisco Umbrella Rank: 301
ad.doubleclick.net — Cisco Umbrella Rank: 148
10486115.fls.doubleclick.net
308 KB
26 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 598
image6.pubmatic.com — Cisco Umbrella Rank: 809
simage2.pubmatic.com — Cisco Umbrella Rank: 1021
image8.pubmatic.com — Cisco Umbrella Rank: 709
image2.pubmatic.com — Cisco Umbrella Rank: 926
image4.pubmatic.com — Cisco Umbrella Rank: 1282
simage4.pubmatic.com — Cisco Umbrella Rank: 2365
29 KB
25 thevibes.com
www.thevibes.com
media.thevibes.com
2 MB
22 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 9670
c.mgid.com — Cisco Umbrella Rank: 6429
servicer.mgid.com — Cisco Umbrella Rank: 9679
cdn.mgid.com — Cisco Umbrella Rank: 12693
s-img.mgid.com — Cisco Umbrella Rank: 9923
cm.mgid.com — Cisco Umbrella Rank: 2025
159 KB
22 google.com
news.google.com — Cisco Umbrella Rank: 5983
play.google.com — Cisco Umbrella Rank: 28
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 164
adservice.google.com — Cisco Umbrella Rank: 568
126 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1124
eus.rubiconproject.com — Cisco Umbrella Rank: 689
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2003
pixel.rubiconproject.com — Cisco Umbrella Rank: 428
token.rubiconproject.com — Cisco Umbrella Rank: 521
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1498
35 KB
21 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5179
buttons-config.sharethis.com — Cisco Umbrella Rank: 5910
l.sharethis.com — Cisco Umbrella Rank: 5642
count-server.sharethis.com — Cisco Umbrella Rank: 13361
platform-cdn.sharethis.com — Cisco Umbrella Rank: 12253
t.sharethis.com — Cisco Umbrella Rank: 8542
sync.sharethis.com — Cisco Umbrella Rank: 3416
83 KB
12 mediago.io
trace-jp.mediago.io — Cisco Umbrella Rank: 188737
cdn.mediago.io — Cisco Umbrella Rank: 9611
images.mediago.io — Cisco Umbrella Rank: 9087
gtrace.mediago.io — Cisco Umbrella Rank: 3930
23 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 787
5 KB
10 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 398
ep2.adtrafficquality.google — Cisco Umbrella Rank: 412
38 KB
10 dable.io
static.dable.io — Cisco Umbrella Rank: 43064
api.dable.io — Cisco Umbrella Rank: 40755
r-log.dable.io — Cisco Umbrella Rank: 56002
images.dable.io — Cisco Umbrella Rank: 66436
adx.dable.io — Cisco Umbrella Rank: 78201
29 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
243 KB
8 eu-4-id5-sync.com
d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 57023
d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 57180
d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 56955
d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 56533
d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 57224
d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 57003
d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 56996
d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 56956
1 KB
8 eu-3-id5-sync.com
d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 57199
d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 57257
d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 57639
d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 57704
d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 56180
d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 57627
d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 57505
d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 58228
1 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 956
psb.taboola.com — Cisco Umbrella Rank: 6089
trc.taboola.com — Cisco Umbrella Rank: 810
pips.taboola.com — Cisco Umbrella Rank: 4559
cds.taboola.com — Cisco Umbrella Rank: 1723
trc-events.taboola.com — Cisco Umbrella Rank: 3924
36 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
829 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 288
7 KB
7 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
640 B
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 520
p.typekit.net — Cisco Umbrella Rank: 670
84 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 355
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1149
4 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 387
4 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 667
ups.analytics.yahoo.com — Cisco Umbrella Rank: 608
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1854
pbs.yahoo.com — Cisco Umbrella Rank: 1080
3 KB
6 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 507
id.rlcdn.com — Cisco Umbrella Rank: 779
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 403
2 KB
5 mfadsrvr.com
rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 11203
rtb.mfadsrvr.com — Cisco Umbrella Rank: 913
2 KB
5 google.com.au
www.google.com.au — Cisco Umbrella Rank: 27680
319 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 500
1 KB
4 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 950
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4231
1 KB
4 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1099
2 KB
4 t.co
t.co — Cisco Umbrella Rank: 1113
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 219
90 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
22 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
8 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 557
1 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 836
id5-sync.com — Cisco Umbrella Rank: 533
33 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 741
cm.adform.net Failed
2 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1123
sync.crwdcntrl.net — Cisco Umbrella Rank: 936
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 673
1 KB
2 ladsp.com
cr-p10.ladsp.com — Cisco Umbrella Rank: 26252
997 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 846
703 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 908
688 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5183
749 B
2 temu.com
www.temu.com — Cisco Umbrella Rank: 721
764 B
2 eu-1-id5-sync.com
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1232
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1027
626 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1279
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 748
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 750
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1819
653 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1268
645 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 537
659 B
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1556
590 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1076
1 KB
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 2284
2 KB
2 edgecdnplus.com
edgecdnplus.com — Cisco Umbrella Rank: 220907
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 76
5 KB
1 a-mo.net
sync.a-mo.net — Cisco Umbrella Rank: 1711
725 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 650
324 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 344
515 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6661
346 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 668
1 KB
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 25368
651 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 701
593 B
1 outbrain.com
b1sync.outbrain.com — Cisco Umbrella Rank: 830
723 B
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 5363
979 B
1 idealmedia.io
cm.idealmedia.io — Cisco Umbrella Rank: 15813
469 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 839
604 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 858
610 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 915
571 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1130
pixel.mathtag.com Failed
949 B
1 scupio.com
dable-api.scupio.com — Cisco Umbrella Rank: 93595
332 B
1 kakao.com
act.ds.kakao.com — Cisco Umbrella Rank: 69920
202 B
1 daum.net
analytics.ad.daum.net — Cisco Umbrella Rank: 63034
489 B
1 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 15052
439 B
1 toast.com
cm-exchange.toast.com — Cisco Umbrella Rank: 10902
556 B
1 edgecdn.dev
edgecdn.dev — Cisco Umbrella Rank: 690963
11 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1138
16 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
2 KB
0 lijit.com Failed
ce.lijit.com — Cisco Umbrella Rank: 969 Failed
0 presage.io Failed
ms-cookie-sync.presage.io Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 360yield.com Failed
ad.360yield.com Failed
match.360yield.com Failed
0 affcost.com Failed
cost.affcost.com Failed
378 83
Domain Requested by
35 pagead2.googlesyndication.com www.thevibes.com
pagead2.googlesyndication.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
ep2.adtrafficquality.google
14 media.thevibes.com www.thevibes.com
13 cm.mgid.com 1 redirects jsc.mgid.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
onetag-sys.com
12 cm.g.doubleclick.net 7 redirects cdn.mediago.io
onetag-sys.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
12 securepubads.g.doubleclick.net www.thevibes.com
securepubads.g.doubleclick.net
news.google.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
11 onetag-sys.com 2 redirects ads.pubmatic.com
cm.mgid.com
onetag-sys.com
11 simage2.pubmatic.com 1 redirects ads.pubmatic.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
onetag-sys.com
11 www.thevibes.com 1 redirects www.gstatic.com
www.thevibes.com
10 pixel.rubiconproject.com 5 redirects onetag-sys.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
10 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
pagead2.googlesyndication.com
9 tpc.googlesyndication.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
8 www.gstatic.com
8 www.googletagmanager.com news.google.com
www.thevibes.com
www.googletagmanager.com
7 ib.adnxs.com 6 redirects www.thevibes.com
7 www.google.com 2 redirects www.googletagmanager.com
www.thevibes.com
ep2.adtrafficquality.google
7 www.facebook.com connect.facebook.net
www.thevibes.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
www.thevibes.com
6 match.adsrvr.org 6 redirects
6 sync.sharethis.com www.thevibes.com
6 td.doubleclick.net www.googletagmanager.com
6 platform-cdn.sharethis.com www.thevibes.com
6 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 play.google.com www.gstatic.com
5 x.bidswitch.net 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 idsync.rlcdn.com 4 redirects 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
5 www.google.com.au www.thevibes.com
5 use.typekit.net www.thevibes.com
use.typekit.net
4 pixel.tapad.com 2 redirects ads.pubmatic.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
4 s.amazon-adsystem.com 1 redirects onetag-sys.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
4 t.adx.opera.com 4 redirects
4 rtb-usw.mfadsrvr.com 4 redirects
4 pubmatic-match.dotomi.com 4 redirects
4 ep1.adtrafficquality.google pagead2.googlesyndication.com
www.thevibes.com
4 10486115.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 ad.doubleclick.net 2 redirects www.thevibes.com
4 cdn.mediago.io 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
4 trace-jp.mediago.io news.google.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
4 analytics.twitter.com www.thevibes.com
4 t.co www.thevibes.com
4 connect.facebook.net www.thevibes.com
connect.facebook.net
4 www.google-analytics.com www.googletagmanager.com
www.thevibes.com
www.google-analytics.com
4 fonts.googleapis.com news.google.com
www.thevibes.com
4 news.google.com 1 redirects
3 creativecdn.com 3 redirects
3 c.mgid.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
3 image8.pubmatic.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
3 analytics.google.com www.googletagmanager.com
3 api.dable.io static.dable.io
3 cdn.taboola.com news.google.com
cdn.taboola.com
3 static.dable.io www.thevibes.com
static.dable.io
2 match.prod.bidr.io 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
2 cr-p10.ladsp.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 pool.admedo.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 www.temu.com 2 redirects
2 id5-sync.com cdn.id5-sync.com
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
2 sync.adkernel.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.richaudience.com 2 redirects
2 us-u.openx.net 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 ml314.com 1 redirects www.thevibes.com
2 ps.eyeota.net 2 redirects
2 loadus.exelator.com 2 redirects
2 adservice.google.com 10486115.fls.doubleclick.net
2 cdn.mgid.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
2 servicer.mgid.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
jsc.mgid.com
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 adx.dable.io ads.pubmatic.com
2 gtrace.mediago.io cdn.mediago.io
2 bcp.crwdcntrl.net 1 redirects platform-api.sharethis.com
2 image6.pubmatic.com ads.pubmatic.com
2 edgecdnplus.com www.thevibes.com
edgecdn.dev
2 www.googleadservices.com www.googletagmanager.com
2 ads.pubmatic.com static.dable.io
ads.pubmatic.com
2 images.mediago.io 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
2 l.sharethis.com 1 redirects www.thevibes.com
2 p.typekit.net use.typekit.net
2 platform-api.sharethis.com www.thevibes.com
platform-api.sharethis.com
2 fonts.gstatic.com fonts.googleapis.com
1 trc-events.taboola.com cdn.taboola.com
1 pbs.yahoo.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 sync.a-mo.net 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 match.sharethrough.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 px.ads.linkedin.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 d7.eu-4-id5-sync.com cdn.id5-sync.com
1 d6.eu-4-id5-sync.com cdn.id5-sync.com
1 d5.eu-4-id5-sync.com cdn.id5-sync.com
1 d4.eu-4-id5-sync.com cdn.id5-sync.com
1 d3.eu-4-id5-sync.com cdn.id5-sync.com
1 d2.eu-4-id5-sync.com cdn.id5-sync.com
1 d1.eu-4-id5-sync.com cdn.id5-sync.com
1 d0.eu-4-id5-sync.com cdn.id5-sync.com
1 d7.eu-3-id5-sync.com cdn.id5-sync.com
1 d6.eu-3-id5-sync.com cdn.id5-sync.com
1 d5.eu-3-id5-sync.com cdn.id5-sync.com
1 d4.eu-3-id5-sync.com cdn.id5-sync.com
1 d3.eu-3-id5-sync.com cdn.id5-sync.com
1 d2.eu-3-id5-sync.com cdn.id5-sync.com
1 d1.eu-3-id5-sync.com cdn.id5-sync.com
1 d0.eu-3-id5-sync.com cdn.id5-sync.com
1 ssbsync-global.smartadserver.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 rtb.mfadsrvr.com onetag-sys.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 b1sync.outbrain.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 cm.rtbsystem.com 1 redirects
1 cm.idealmedia.io 1 redirects
1 id.rlcdn.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 secure-assets.rubiconproject.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 cdn.id5-sync.com jsc.mgid.com
1 s-img.mgid.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 image4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 pippio.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 dable-api.scupio.com www.thevibes.com
1 act.ds.kakao.com www.thevibes.com
1 analytics.ad.daum.net 1 redirects
1 cs.gssprt.jp www.thevibes.com
1 cm-exchange.toast.com www.thevibes.com
1 images.dable.io www.thevibes.com
1 r-log.dable.io static.dable.io
1 pips.taboola.com cdn.taboola.com
1 jsc.mgid.com 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 count-server.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 edgecdn.dev www.thevibes.com
1 static.ads-twitter.com www.thevibes.com
1 lh3.googleusercontent.com
0 ce.lijit.com Failed 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
0 ms-cookie-sync.presage.io Failed onetag-sys.com
0 sync.targeting.unrulymedia.com Failed onetag-sys.com
0 match.360yield.com Failed 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
0 cm.adform.net Failed 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
0 ad.360yield.com Failed 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
0 pixel.mathtag.com Failed ads.pubmatic.com
0 cost.affcost.com Failed www.thevibes.com
378 160
Subject Issuer Validity Valid
*.news.google.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
upload.video.google.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.google-analytics.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.gstatic.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.google.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
thevibes.com
WE1		 2025-05-08 -
2025-08-06		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2025-03-19 -
2026-04-17		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-10 -
2026-01-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2025-03-04 -
2025-06-02		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
edgecdn.dev
WE1		 2025-04-20 -
2025-07-19		 3 months crt.sh
static.dable.io
R10		 2025-04-10 -
2025-07-09		 3 months crt.sh
t.co
E6		 2025-05-22 -
2025-08-20		 3 months crt.sh
twitter.com
E6		 2025-05-01 -
2025-07-30		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
*.dable.io
Sectigo ECC Domain Validation Secure Server CA		 2024-11-08 -
2025-12-09		 a year crt.sh
*.doubleclick.net
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.google.com.au
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
tpc.googlesyndication.com
WE2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.mediago.io
GeoTrust TLS RSA CA G1		 2024-12-17 -
2025-12-16		 a year crt.sh
mgid.com
WE1		 2025-04-28 -
2025-07-27		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2024-07-01 -
2025-08-01		 a year crt.sh
cs.gssprt.jp
GeoTrust TLS RSA CA G1		 2024-12-30 -
2026-01-30		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2024-09-27 -
2025-10-28		 a year crt.sh
*.googleadservices.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
cert1-prod.aut.a24365.net
R10		 2025-05-14 -
2025-08-12		 3 months crt.sh
edgecdnplus.com
WE1		 2025-05-09 -
2025-08-07		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2025-02-04 -
2025-07-30		 6 months crt.sh
adtrafficquality.google
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
id5-sync.com
WE1		 2025-05-24 -
2025-08-22		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-05		 a year crt.sh
eu-1-id5-sync.com
R11		 2025-05-01 -
2025-07-30		 3 months crt.sh
rtb.mfadsrvr.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-16 -
2025-07-15		 3 months crt.sh
eu-3-id5-sync.com
E6		 2025-05-01 -
2025-07-30		 3 months crt.sh
eu-4-id5-sync.com
E6		 2025-05-01 -
2025-07-30		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-04-16 -
2026-05-18		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-14 -
2025-09-14		 a year crt.sh

This page contains 50 frames:

Primary Page: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Frame ID: 00CEDE0F7396035D3E61CA4AF80DDC09
Requests: 148 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 3D0F52DF4DF30234D31E130DA84FAD7A
Requests: 1 HTTP requests in this frame

Frame: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 2F4C902BDC026CE13A09332089F47B2F
Requests: 1 HTTP requests in this frame

Frame: https://www.thevibes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js
Frame ID: 3400758C1783D8F8A49725DF13ED7DEC
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fwww.thevibes.com
Frame ID: 0C7BEBAADE0981A8061B2E0B15C880FB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11011689517?random=1748256630166&cv=11&fst=1748256630166&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2z8895783437za200zb895783437&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102938614~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg
Frame ID: B25D2A79365232FD4723C8802323D8DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Frame ID: 1CD69556B9C80D88FE7F0C82D2E394EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7797085226338034&output=html&adk=1812271804&adf=3025194257&abgtt=11&lmt=1748256630&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.14172876740403959&aiapmi=0.16&aiact=0.5855296252670694&aicct=0.7&ailct=0.7203791955260113&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256629532&bpp=19&bdt=1711&idt=729&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1193668898537&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95353387%2C95360609%2C95360812%2C95361468%2C95361620%2C95360956&oid=2&pvsid=4126522354488385&tmod=518960635&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fnews.google.com%2F&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&fsb=1&dtd=751
Frame ID: DDBA56EB71B421EE53222123C150C7B2
Requests: 1 HTTP requests in this frame

Frame: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 4F9C54C65B82951ABA09FFF6CCC47A2A
Requests: 17 HTTP requests in this frame

Frame: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 7BFEA842CEAE996556150405A60575C1
Requests: 16 HTTP requests in this frame

Frame: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 3856814080B34DE833EEDB14A5160213
Requests: 14 HTTP requests in this frame

Frame: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 83D0DEEADFD8F830CA8AFCEFCC036B8F
Requests: 59 HTTP requests in this frame

Frame: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 446D69CB3997D518FE1AEDA338018B05
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Frame ID: 5DF4D951351D2CA9B9AF57368CEB301C
Requests: 17 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/471685104?random=1748256630997&cv=11&fst=1748256630997&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Kg
Frame ID: 74C2593333D2D658CB21E3E5F7FD5FD3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/471685104?random=1748256631036&cv=11&fst=1748256631036&fmt=3&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&ct_cookie_present=0
Frame ID: 60894956AC72231CE5F8A6DE5B494F5A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/471685104?random=1748256631045&cv=11&fst=1748256631045&fmt=3&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&ct_cookie_present=0
Frame ID: 36C44E9F8EC211B42D642FB7E9EC5389
Requests: 1 HTTP requests in this frame

Frame: https://10486115.fls.doubleclick.net/activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Frame ID: 413EE3E1F10A6A688A3F58E6660931E1
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Frame ID: 29E96176E96D067579694A3764AC1A91
Requests: 1 HTTP requests in this frame

Frame: https://10486115.fls.doubleclick.net/activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Frame ID: E512B8D85F93EFFB601E565A8914A2AA
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Frame ID: C118DBC2A5446EE4E5FC314A5233DE10
Requests: 1 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Frame ID: A1C5179347CE59D0F040F3FDD4335716
Requests: 3 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Frame ID: 1F6B4FF2014C89A0E2FF662FC1C5091F
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
Frame ID: 789B222C199A88D3F467457BF1356876
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2ee96834-4778-4100-9b9a-5e9e29ce9e30&gdpr=0&gdpr_consent=
Frame ID: 644A3AC94CACC08133174B632C6A0E36
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B
Frame ID: D78491CFFDF29784A4847E1FCD346DED
Requests: 1 HTTP requests in this frame

Frame: https://adx.dable.io/pixel?dsp_id=46&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B&dable_uid=93461531.1748256630623
Frame ID: 009DEB0A9B1D5D9F35503DC5916D74FF
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1799.23411&cid=c010&cls=B
Frame ID: 2A00F3DD937E8E3EC416A4796C52CAA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&adk=1812271804&adf=3279755402&abgtt=6&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.thevibes.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.14140320797478487&aiapmi=0.16&aiact=0.5975184061709752&aicct=0.7&ailct=0.7&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631640&bpp=7&bdt=1110&idt=644&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&nras=1&correlator=979212100139&frm=24&ife=3&pv=2&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3032436480&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C95353387%2C95360609%2C31092612%2C95344788%2C95361619%2C95360960%2C95360295&oid=2&pvsid=682242285604700&tmod=490478001&uas=0&nvt=1&fsapi=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.8y7io53mnq0s&fsb=1&dtd=720
Frame ID: 25939334EB705A6A11A909CAA9A33F63
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1799.23411/a/AU/t_.js?cid=c010&cls=B
Frame ID: 32658457F8AAF5C5E8E07EDCC3BFD414
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&adk=1812271804&adf=3279755405&abgtt=6&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.thevibes.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.05000783260562319&aiapmi=0.16&aiact=0.7252822920899102&aicct=0.7&ailct=0.7&aimart=9&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631770&bpp=2&bdt=1235&idt=548&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&nras=1&correlator=7889272411&frm=24&ife=3&pv=2&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1446459086&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C42532524%2C95353386%2C95360609%2C95360812%2C31092612%2C95344789%2C95361624%2C95360960&oid=2&pvsid=7522287750067487&tmod=490478001&uas=0&nvt=1&fsapi=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.rur7g1ci7m1v&fsb=1&dtd=630
Frame ID: 8ED77118E42293AEE073C97EA5DCF5C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&h=90&slotname=4188053257&adk=2522029892&adf=3173046725&pi=t.ma~as.4188053257&w=728&abgtt=6&format=728x90&url=https%3A%2F%2Fwww.thevibes.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631640&bpp=2&bdt=1110&idt=666&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=979212100139&frm=24&ife=3&pv=1&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3032436480&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C95353387%2C95360609%2C31092612%2C95344788%2C95361619%2C95360960%2C95360295&oid=2&pvsid=682242285604700&tmod=490478001&uas=0&nvt=1&xatf=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.8k8bxovl71lw&fsb=1&dtd=793
Frame ID: BA9293155DB749B60EB82621614FB504
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&h=250&slotname=4114819499&adk=2214506811&adf=3173046724&pi=t.ma~as.4114819499&w=300&abgtt=6&format=300x250&url=https%3A%2F%2Fwww.thevibes.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631770&bpp=5&bdt=1235&idt=600&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7889272411&frm=24&ife=3&pv=1&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1446459086&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C42532524%2C95353386%2C95360609%2C95360812%2C31092612%2C95344789%2C95361624%2C95360960&oid=2&pvsid=7522287750067487&tmod=490478001&uas=0&nvt=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.xd37zh7zpjns&fsb=1&dtd=684
Frame ID: 4EE69E001C88F1BB4EC3FBC117F66A44
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: EB394750D03A31C97ABF1FAAD99F891C
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 01FF3B89138EF1BD3FE58427E26F3A0D
Requests: 16 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: EC25488E44CBC3E66B9B9989F19318EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEE7A15703F687BFDCC2FCD8A8983F1A
Requests: 2 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 4E497330C6044B0EC7F84BE1B278CAF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7103D32456508376354D26FA0D594092
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=199crd8bevqx
Frame ID: ADC25CE3B584D3FA1CC305D3969FA5DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 8F468DA8AFE564FB23C8193640F97508
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 29017711B7FB3FABA52BED9CC0AC9A43
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5U82lOdAMsL-RmSZ4UEow7dCM8P-FGGX6hJe5ByK
Frame ID: A4ADB5FBA2D7767776095B47534FEB18
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aDRHegAToLhJCAAL
Frame ID: 26B3D98C90E3B0E0A79286BC807EE3DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2421704724926579137
Frame ID: 718F2FA6089E9E2258818A3D446AB41C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=0&gdpr_consent=
Frame ID: B7300783DCEA1F7EF7355471924C5894
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3091f5b32d7f4349ba2c61837f81594e
Frame ID: C812FA18FB9224FA1E178101D6935E5A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]&gdpr=0&gdpr_consent=
Frame ID: 16F6422B8AF879C697CCA729152B2484
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AcFNEpvVRjxTks8AKGevVaqET88AAAGXDDc44w
Frame ID: 57378B69A409F673FABF9F91B1EB8855
Requests: 1 HTTP requests in this frame

Frame: https://adx.dable.io/pixel?dsp_id=46&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B&dable_uid=93461531.1748256630623
Frame ID: 4184BA40CB03640AE2662442243CE5E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Man claims he sprayed monkey with paint to scare off others, says Selangor Wildlife Dept | Malaysia | The Vibes

Page URL History Show full URLs

  1. https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2h... HTTP 302
    https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2h... Page URL
  2. https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-ot... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

378
Requests

80 %
HTTPS

0 %
IPv6

83
Domains

160
Subdomains

96
IPs

16
Countries

4280 kB
Transfer

12756 kB
Size

190
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5 HTTP 302
    https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en Page URL
  2. https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5 HTTP 302
  • https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Request Chain 63
  • https://l.sharethis.com/pview?event=pview&hostname=www.thevibes.com&location=%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&product=inline-share-buttons&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&refDomain=news.google.com&cms=unknown&publisher=608782f392c03e0018d67020&sop=true&version=st_sop.js&lang=en&description=62-year-old%20Shah%20Alam%20resident%20under%20investigation%20for%20animal%20cruelty%3B%20Perhilitan%20reminds%20public%20not%20to%20take%20wildlife%20matters%20into%20their%20own%20hands&ua=&ua_mobile=false&ua_full_version_list=&uuid=453ecda5-1df4-4d98-9ec9-0f08026bb856 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=www.thevibes.com&location=%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&product=inline-share-buttons&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&refDomain=news.google.com&cms=unknown&publisher=608782f392c03e0018d67020&sop=true&version=st_sop.js&lang=en&description=62-year-old%20Shah%20Alam%20resident%20under%20investigation%20for%20animal%20cruelty%3B%20Perhilitan%20reminds%20public%20not%20to%20take%20wildlife%20matters%20into%20their%20own%20hands&ua=&ua_mobile=false&ua_full_version_list=&uuid=453ecda5-1df4-4d98-9ec9-0f08026bb856&samesite=None
Request Chain 79
  • https://www.thevibes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.thevibes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://images.dable.io/1x1.gif?google_gid=CAESEIM-BHsXoQfoyahnNMlG2hc&google_cver=1
Request Chain 167
  • https://analytics.ad.daum.net/match?d=111&uid=93461531.1748256630623 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220250526%22,%22u%22:%2293461531.1748256630623%22%7D%7D
Request Chain 169
  • https://ib.adnxs.com/setuid?entity=563&code=93461531.1748256630623 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D563%26code%3D93461531.1748256630623
Request Chain 178
  • https://ad.doubleclick.net/activity;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CL-k-Lv7wI0DFSeV6QUdmucMPQ;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Request Chain 179
  • https://10486115.fls.doubleclick.net/activityi;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept HTTP 302
  • https://10486115.fls.doubleclick.net/activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Request Chain 181
  • https://ad.doubleclick.net/activity;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CPuf-Lv7wI0DFYWD6QUdOJUJqQ;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Request Chain 182
  • https://10486115.fls.doubleclick.net/activityi;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept HTTP 302
  • https://10486115.fls.doubleclick.net/activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Request Chain 220
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO_QsQIIl9SxAgiY1LECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GB45uDa3SdogfCHmebXIOfllRlHvLHU4Qg&pscrd=IhMIx7bzu_vAjQMV3qRmAh2IlQFmMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT0FRQnU2OXUyMmswdWRFWkxqWUtDMjA4SlJkQURCbjdXakdMZ0Z6RkhvVmNHM2t1NFlmdzB6DAgJYggIABAAGAAgAA HTTP 302
  • https://www.google.com/pagead/1p-conversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO_QsQIIl9SxAgiY1LECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIx7bzu_vAjQMV3qRmAh2IlQFmMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT0FRQnU2OXUyMmswdWRFWkxqWUtDMjA4SlJkQURCbjdXakdMZ0Z6RkhvVmNHM2t1NFlmdzB6DAgJYggIABAAGAAgAA&is_vtc=1&cid=CAQSKQDZpuyzPyYEBDEsTgkXGL6Up--zpSmBpGSKHzZ1KjU5s0Yej9yGYcwP&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GF6MjAPKhZRZ9NJrV7NwF402hAmovKvr0A&random=1665808685 HTTP 302
  • https://www.google.com.au/pagead/1p-conversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO_QsQIIl9SxAgiY1LECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&is_vtc=1&cid=CAQSKQDZpuyzPyYEBDEsTgkXGL6Up--zpSmBpGSKHzZ1KjU5s0Yej9yGYcwP&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GF6MjAPKhZRZ9NJrV7NwF402hAmovKvr0A&random=1665808685&ipr=y&pscrd=IhMIx7bzu_vAjQMV3qRmAh2IlQFmMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT0FRQnU2OXUyMmswdWRFWkxqWUtDMjA4SlJkQURCbjdXakdMZ0Z6RkhvVmNHM2t1NFlmdzB6DAgJYggIABAAGAAgAIIBBXABiAEB&ezwbk=AZuM4hBKbRJ7m_L_7qOQaKycx8Fcf1yGjqw9AkRbySaowNmbUmpGgw_GIo9iN8vN3oZ9ZxzdPUvXxghdUJnIDELrmd5c
Request Chain 221
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO7QsQIIl9SxAgiY1LECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GB7QNyTh7HcLAtlBIEaMm0AQJDj2vM71wA&pscrd=IhMImrXzu_vAjQMVmaBmAh0xJQ1dMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT1BQRV9zSXRYOU9LMzh2NThkMnRZRjZmU2RfUDJuU3BqdHVXV0ppQTRfYlVNaER3SlZuaUl6DAgJYggIABAAGAAgAA HTTP 302
  • https://www.google.com/pagead/1p-conversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO7QsQIIl9SxAgiY1LECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMImrXzu_vAjQMVmaBmAh0xJQ1dMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT1BQRV9zSXRYOU9LMzh2NThkMnRZRjZmU2RfUDJuU3BqdHVXV0ppQTRfYlVNaER3SlZuaUl6DAgJYggIABAAGAAgAA&is_vtc=1&cid=CAQSKQDZpuyzJnDXheTelMrra0dRcL5Z4sy1T0X4D85GIcB7_irgUtzDw5ZY&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GFG2ju6pI7b6vnL4UeDIu_SIjxprHGYsvQ&random=2068199462 HTTP 302
  • https://www.google.com.au/pagead/1p-conversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO7QsQIIl9SxAgiY1LECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&is_vtc=1&cid=CAQSKQDZpuyzJnDXheTelMrra0dRcL5Z4sy1T0X4D85GIcB7_irgUtzDw5ZY&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GFG2ju6pI7b6vnL4UeDIu_SIjxprHGYsvQ&random=2068199462&ipr=y&pscrd=IhMImrXzu_vAjQMVmaBmAh0xJQ1dMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT1BQRV9zSXRYOU9LMzh2NThkMnRZRjZmU2RfUDJuU3BqdHVXV0ppQTRfYlVNaER3SlZuaUl6DAgJYggIABAAGAAgAIIBBXABiAEB&ezwbk=AZuM4hAFMPfTyRYn7DwipU2VTt-vSCwoyUNzbcVktczX71NdXMbcwQUERLkNxP_Haz4w1srCnZqL3Sl5_IBr2C1w9ssc
Request Chain 227
  • https://c1.adform.net/serving/cookie/match?party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
Request Chain 228
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2ee96834-4778-4100-9b9a-5e9e29ce9e30&gdpr=0&gdpr_consent=
Request Chain 229
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2870886818780727774&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B
Request Chain 231
  • https://idsync.rlcdn.com/420486.gif?partner_uid=87015C4D-B41F-46A6-8685-CBCABC476A0B HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg3MDE1QzRELUI0MUYtNDZBNi04Njg1LUNCQ0FCQzQ3NkEwQhAAGg0I-I7RwQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f55164a5a5cabc90031c9b6425d72a7d6cd929eea6fa09b8ad92ba7a1e0d224c791426b5417dce21&_=2
Request Chain 232
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=87015C4D-B41F-46A6-8685-CBCABC476A0B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=87015C4D-B41F-46A6-8685-CBCABC476A0B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=87015C4D-B41F-46A6-8685-CBCABC476A0B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2 HTTP 302
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=2870886818780727774&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2421704724926579137&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=2421704724926579137&gdpr=0&gdpr_consent=&sInitiator=internal HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=semasio HTTP 302
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&redir=https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODcwMTVDNEQtQjQxRi00NkE2LTg2ODUtQ0JDQUJDNDc2QTBC&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hwFcTbQfRqaGhcvKvEdqCw%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEKCQCLnJX1r9op6xkdGL5O0&google_cver=1
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
Request Chain 239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
Request Chain 240
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2490426699773684346&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 241
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YV5dAStE2uWi51h8WJluZ9nuOMUI6VM-~A&gdpr=0
Request Chain 269
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
  • https://sync.sharethis.com/nlsn?uid=a6093b05e39dd0d9266354a4de5549a8
Request Chain 270
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGTAA2g0R3YAAAAIGJWMAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.sharethis.com/int/lotame?uid=728e53eea06ae5bea52623f7784be219&gdpr=0&gdpr_consent=
Request Chain 271
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
Request Chain 272
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=2zkIydW3W8D5qMjwRqqd6mt7M3HRQujUMcFDzMzqGa1k&gdpr=0&gdpr_consent=
Request Chain 273
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGTAA2g0R3YAAAAIGJWMAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3652893907244023827 HTTP 307
  • https://ml314.com/csync.ashx?fp=215e1a846c0d94f8c86a3341e14bc868ad40487610a77c483e812281755f2df7f4cb09cee1a4f8eb&person_id=3652893907244023827&eid=50082
Request Chain 274
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
  • https://sync.sharethis.com/yahoo?uid=y-9f4ZhSpE2oP87lbcCh6ImCZgFaXG8LE1rso-~A&gdpr=0
Request Chain 275
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 277
  • https://idsync.rlcdn.com/712107.gif?partner_uid=p4qwb-dEWvO3& HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52d14e50-2f81-490c-8039-c2c83be893d7
Request Chain 279
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=fb71001dd30a44&is_secure=true&networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQACxhLXSoepmQJ7ysPBAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 280
  • https://cm.idealmedia.io/i.gif?muidf=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy= HTTP 307
  • https://cm.mgid.com/i.gif?muidf=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy= HTTP 307
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=987cea02-f271-4d55-a66b-9ba61b4083a8
Request Chain 282
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=c8ad77e7-897e-4cdf-aad3-4f8276164d21
Request Chain 283
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 284
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D&rd=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=834139&c=8e9bec00-dee7-44ce-a377-1zz1748256631
Request Chain 285
  • https://cm.rtbsystem.com/mgid?c=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=556372&c=e5c753d6-740f-5d59-a8c6-5d5b6a8c6684
Request Chain 286
  • https://ib.adnxs.com/getuid?https://cm.mgid.com/m?cdsp=834104&c=$UID HTTP 302
  • https://cm.mgid.com/m?cdsp=834104&c=2870886818780727774
Request Chain 287
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48ce-bd77-2de47a0ebfcd%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/1593?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=6124b539-7ea6-48ce-bd77-2de47a0ebfcd&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=2870886818780727774 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48ce-bd77-2de47a0ebfcd%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48ce-bd77-2de47a0ebfcd%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/cchain/1/1593?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=6124b539-7ea6-48ce-bd77-2de47a0ebfcd&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=KuaKALZHZku2WOI6Ta-MiT5x HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48ce-bd77-2de47a0ebfcd%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
Request Chain 289
  • https://ssbsync.smartadserver.com/api/sync?callerId=155&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834126%26c%3D%5Bsas_sync_pid%5D%26nwid%3D4577 HTTP 302
  • https://cm.mgid.com/m?cdsp=834126&c=6456235182702136060&nwid=4577
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=cDRxd2ItZEVXdk8z&muidn=p4qwb-dEWvO3&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.mgid.com/google?muidn=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEBFGdZ27KkBANZEuLBJnCJ8&google_cver=1
Request Chain 291
  • https://b1sync.zemanta.com/usersync/mgid/?puid=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D HTTP 302
  • https://b1sync.outbrain.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&puid=p4qwb-dEWvO3&s=2&us_privacy= HTTP 302
  • https://b1sync.zemanta.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&obuid=2afb3f07-b419-4aa1-865c-b7e4f807fb67&puid=p4qwb-dEWvO3&s=2&us_privacy= HTTP 302
  • https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
Request Chain 292
  • https://sync.adkernel.com/user-sync?zone=219216&t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834154%26c%3D%7BUID%7D HTTP 302
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D219216%26dsp%3D762683%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=219216&dsp=762683&t=image&uid=2870886818780727774 HTTP 302
  • https://cm.mgid.com/m?cdsp=834154&c=A2934339353279445146
Request Chain 302
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=MB4YV0Q2-12-4SVU&gdpr=0
Request Chain 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=98&uid=2870886818780727774&gdpr=0&gdpr_consent=
Request Chain 304
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=75e9eb545393197e2c055df41f5fec0&gdpr_consent=&gdpr=0
Request Chain 306
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=741f24a87a62a66f&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10101531197440 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU3091f5b32d7f4349ba2c61837f81594e
Request Chain 307
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABlww3Mkjt1Wd134JtUeRD1caWHMiHDLPd8A&gdpr=0&gdpr_consent=
Request Chain 308
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6625395957168540198
Request Chain 309
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
Request Chain 310
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=63166ceb9d550a7a&is_secure=true&networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAC34eBiBvR6wJUR9XqAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEG3mVj5JtYmSKrztgG5ddhs&google_cver=1&gdpr=0&gdpr_consent=
Request Chain 312
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&gdpr=0&gdpr_consent=${GDPR_CONSENT}&us_privacy= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&zcc=1&cb=1748256634779 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff-004&rndcb=7019052895 HTTP 302
  • https://sync.1rx.io/usersync/turn/2490426699773684346?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff-004?redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D212%26uid%3DRX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff-004
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&expires=30&ssp=onetag&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 347
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent= HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=199crd8bevqx
Request Chain 348
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2b067109-57f8-4188-a422-f3e61827361e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2b067109-57f8-4188-a422-f3e61827361e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ef647ac6-e798-44e0-81a5-8ad82db8120a&user_group=1&ssp=pubmatic&bsw_param=2b067109-57f8-4188-a422-f3e61827361e HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 349
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Request Chain 350
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&__qcmcs=1 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5U82lOdAMsL-RmSZ4UEow7dCM8P-FGGX6hJe5ByK
Request Chain 351
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aDRHegAToLhJCAAL
Request Chain 352
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2421704724926579137
Request Chain 353
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=0&gdpr_consent=
Request Chain 354
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=eb89fb959c4165fa&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub8730968190912 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3091f5b32d7f4349ba2c61837f81594e
Request Chain 356
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AcFNEpvVRjxTks8AKGevVaqET88AAAGXDDc44w
Request Chain 358
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=87015C4D-B41F-46A6-8685-CBCABC476A0B HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=87015C4D-B41F-46A6-8685-CBCABC476A0B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=309e394d-430b-468e-a5a9-386b5ab9f43d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&ttd_puid=309e394d-430b-468e-a5a9-386b5ab9f43d%2C%2C
Request Chain 361
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=MB4YUZZC-1-1D8M HTTP 302
  • https://cm.mgid.com/m?cdsp=43070&c=MB4YUZZC-1-1D8M&gdpr=0
Request Chain 362
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MB4YUZZC-1-1D8M&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 363
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDEwNzI0NWY4NTIzOTdkM2M0MzdjZjIxNGZmODYzMjVkNzU1ODg2OQ&gdpr=0
Request Chain 364
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Request Chain 365
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MB4YUZZC-1-1D8M&gdpr=0
Request Chain 366
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
Request Chain 367
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUI0WVVaWkMtMS0xRDhN&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESENMtq3b0I6t04cKGvzwPSPw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUI0WVVaWkMtMS0xRDhN&google_push=&gdpr=0
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESELxs9tNcDJru5Qre1Durlos&google_cver=1
Request Chain 369
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MF2-IjNa8Hd_fZVYNaSvyw?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-c_xw.e9E2oL150YIsdJ_ZqdJ1GCJVUBNEmwKjQ--~A
Request Chain 370
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=&expires=30
Request Chain 371
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAQyiU7QaI8AABvLhhGxfg&expires=30&gdpr=0
Request Chain 372
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=MB4YUZZC-1-1D8M&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=MB4YUZZC-1-1D8M&gdpr=0&dnr=1
Request Chain 373
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MB4YV0Q2-12-4SVU&gdpr=0
Request Chain 374
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d4e047ce-857d-4a8b-b0c7-f3bea03db1ab&expires=30&gdpr=0
Request Chain 375
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=MB4YUZZC-1-1D8M&gdpr=0
Request Chain 376
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MB4YUZZC-1-1D8M&gdpr=0
Request Chain 377
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange&gdpr=0 HTTP 302
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MB4YUZZC-1-1D8M&gdpr=0
Request Chain 380
  • https://id5-sync.com/i/231/8.gif?o=api&id5id=ID5*3QfYK05AKemC8Qv85Rm5zbmu41mb5QH6FK2Tx-RRxUcdq4khiCFSnocJEXDFr-P6&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&ttl=%%TTL%%

378 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY...
news.google.com/rss/articles/
Redirect Chain
  • https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtw...
  • https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtw...
587 KB
123 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f101.1e100.net
Software
ESF /
Resource Hash
0c5f2ccdc21fad457b0ee2fd343ff7ea4c037e46e2d1dcd218023fb03e119865
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TTP5UA9t9suEMasUwxHsFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TTP5UA9t9suEMasUwxHsFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
date
Mon, 26 May 2025 10:50:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/DotsSplashUi/web-reports?context=eJzjctHikmLw0JBi-LRjBmvrzXOsU4HYUOESqyMQX06_xFokcYW1CYg_Vd1gFaq-wZrEfpO1CIjDPt9kXbPxFusWIBbi4fjQd_Egm8CLbX3_GJWUk_IL41PyS4qLC3ISizOKU4vKUovijQyMTA1MDS31DA3jCwwAO9Iu3g"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport script-src 'report-sample' 'nonce-eRD4SU02RY2eDQuPrpjUVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-site
date
Mon, 26 May 2025 10:50:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
css
fonts.googleapis.com/ 		60 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
4ea94890f416dfcc8d5eab3b357ec1abdee7d4c6422820a3db9207b7157c4fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:25 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 26 May 2025 09:53:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		322 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c522fe3070395a1c2a139751d29cb4c9d5232f5dd4cdb5dc8147bd9e04c8f204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires
Mon, 26 May 2025 10:50:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1075:0
content-length
115825
x-xss-protection
0
server
Google Tag Manager
m=he6YWd,aLI87
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,... 		385 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
e3ed6cc2a13fd1de0a856298c57440fb4c9965bf97cce5081c491d89503712b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
136796
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Sun, 24 May 2026 20:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 24 May 2025 20:50:29 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
115278
x-xss-protection
0
server
sffe
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v23/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v23/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.187.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f94.1e100.net
Software
sffe /
Resource Hash
c3f8c3da4430d08cda67d76bb22d139eb22bc7f85fb703e2121163dd2ffac787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://news.google.com
Referer
https://fonts.googleapis.com/

Response headers

age
389508
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 21 May 2026 22:38:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 21 May 2025 22:38:37 GMT
last-modified
Tue, 04 Feb 2025 19:57:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22056
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SYGF1G18MM&gtm=45je55l1v9117462484za200&_p=1748256625346&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&cid=101410113.1748256626&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748256625&sct=1&seg=0&dl=https%3A%2F%2Fnews.google.com%2Frss%2Farticles%2FCBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ%3Foc%3D5%26hl%3Den-AU%26gl%3DAU%26ceid%3DAU%3Aen&dt=Google%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2563
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to
{"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://news.google.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:99:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:26 GMT
content-type
text/plain
server
Golfe2
m=LEikZe
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp,aLI87,he6YWd... 		224 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=LEikZe
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
144001
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Sun, 24 May 2026 18:50:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 24 May 2025 18:50:25 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
156
x-xss-protection
0
server
sffe
log
play.google.com/ 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s01-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://news.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Mon, 26 May 2025 10:50:27 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ 		131 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s01-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://news.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Mon, 26 May 2025 10:50:27 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
m=PrPYRd,qTnoBf,pw70Gc,QIhFr,hc6Ubd
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,_b,_tp,aLI87... 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=PrPYRd,qTnoBf,pw70Gc,QIhFr,hc6Ubd
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
ea2eb194f721917932941a998262077a3ede3fc35c39697b552550ddd2a9ed8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
153717
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Sun, 24 May 2026 16:08:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 24 May 2025 16:08:29 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
6451
x-xss-protection
0
server
sffe
m=P6sQOc
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,PrPYRd,QIhFr... 		1 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=P6sQOc
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
ad54c3d6304bb8e9633c9d2790f7588a9144e5950adca78b0cabcda9cda92457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
179857
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Sun, 24 May 2026 08:52:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 24 May 2025 08:52:49 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
718
x-xss-protection
0
server
sffe
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.14.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s01-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 26 May 2025 10:50:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.14.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s01-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 26 May 2025 10:50:26 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=lW1Lhc
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYR... 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=lW1Lhc
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
6ac8891574bd35cb8a15af8e214ec751a1db35c59edbaf8b816d3d4c50a54089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
121028
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Mon, 25 May 2026 01:13:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 25 May 2025 01:13:18 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
5257
x-xss-protection
0
server
sffe
batchexecute
news.google.com/_/DotsSplashUi/data/ 		296 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=Fbv4je&source-path=%2Frss%2Farticles%2FCBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ&f.sid=-139581593398492331&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=67827&rt=c
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.23.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f101.1e100.net
Software
ESF /
Resource Hash
2d52649e9e2d1752484ba2bb49dff19e969f823d92f3c8b0b55d6116bdb70cb4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain
1

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:27 GMT
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
same-site
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYR... 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=LEikZe,P6sQOc,PrPYRd,QIhFr,_b,_tp,aLI87,hc6Ubd,he6YWd,lW1Lhc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
3720dd359056e021bfe3bef07ba58c8e960cbebf30e2b786f46d8f10b52ea8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
28559
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Tue, 26 May 2026 02:54:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 02:54:27 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
1776
x-xss-protection
0
server
sffe
-DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32
lh3.googleusercontent.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lh3.googleusercontent.com/-DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
fife /
Resource Hash
b51cbf12828a7779649af59cd4f16f4ae2c5bd0e5d59f594bb605e08734de04e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
7879
x-content-type-options
nosniff
expires
Tue, 27 May 2025 08:39:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 08:39:08 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1540
x-xss-protection
0
server
fife
m=p3hmRc,LvGhrf,RqjULd
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,P6sQO... 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,P6sQOc,PrPYRd,QIhFr,WhJNk,Wt6vjf,_b,_tp,aLI87,hc6Ubd,he6YWd,hhhU8,lW1Lhc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=p3hmRc,LvGhrf,RqjULd
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
19793fa28dc161337ef315aa45c7321c0a1c231a0c9de23d3bc85e4f5fb224d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
35778
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Tue, 26 May 2026 00:54:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 00:54:08 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
7523
x-xss-protection
0
server
sffe
m=aW3pY,e5qFLc,O1Gjze,KUM7Z,duFQFc,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,LvGhr... 		153 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=FCpbqb,LEikZe,LvGhrf,P6sQOc,PrPYRd,QIhFr,RqjULd,WhJNk,Wt6vjf,_b,_tp,aLI87,hc6Ubd,he6YWd,hhhU8,lW1Lhc,p3hmRc,pw70Gc,qTnoBf/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=aW3pY,e5qFLc,O1Gjze,KUM7Z,duFQFc,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
6e763114762011985518007523e50ad5db3f86101e98cee9fbccabeecd388589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://news.google.com/

Response headers

content-encoding
gzip
age
13536
report-to
{"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Tue, 26 May 2026 07:04:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 07:04:50 GMT
last-modified
Tue, 20 May 2025 04:40:05 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/dots-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
accept-ranges
bytes
content-length
40665
x-xss-protection
0
server
sffe
log
play.google.com/ 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s01-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://news.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Mon, 26 May 2025 10:50:27 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
batchexecute
news.google.com/_/DotsSplashUi/data/ 		153 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=xZTw2c&source-path=%2Frss%2Farticles%2FCBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ&f.sid=-139581593398492331&bl=boq_dotssplashserver_20250519.11_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=167827&rt=c
Requested by
Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/am=GAiEAADAgC0wgAII/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2MzTECVubO8NEK4plupQGR6MFVw_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.23.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f101.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
X-Same-Domain
1

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:27 GMT
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
same-site
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
log
play.google.com/ 		0
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.14.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s01-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 26 May 2025 10:50:27 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
Primary Request man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
www.thevibes.com/articles/news/108682/ 		57 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.cM_ghfn1eFY.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.owthFGhNTDY.L.B1.O/am=GAiEAADAgC0wgAII/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2MeEhuv9yjTBhD3-oP5bGeHU-1XZg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;G3BKud:E8sThf;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:eYnyH;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
696b4d452fe3b0ec262d051425a75ba40037cf96b23e75053d42c4891a6d0820

Request headers

Referer
https://news.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age
1019
alt-svc
h3=":443"; ma=86400
cache-control
public
cf-cache-status
DYNAMIC
cf-ray
945cb6321b893ea8-PER
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 26 May 2025 10:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njcYOGV5Tj5SfaBmZ5T2BsUVgPqCpA4xXytEM1A0mck7UhIhpX%2B3MkQOpCZ9q%2BbpBtaHc0PVVCgoBw8slAg65NDavMLo5ggACXxO0zYXQ6rVZt3E%2B0PmhCQDtDK5TqKhO2Ao"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=47288&min_rtt=46794&rtt_var=6199&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3695&recv_bytes=3416&delivery_rate=704538&cwnd=15474&unsent_bytes=0&cid=e38440ebc24ef827&ts=234&x=92"
vary
accept-encoding
via
1.1 thevibesunified (Varnish/7.6)
x-cache
HIT
x-varnish
41641088 39443500
batchexecute
news.google.com/_/DotsSplashUi/data/ 		0
0
app.css
www.thevibes.com/css/ 		62 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thevibes.com/css/app.css?v=20221005
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c7ff84286be10601f437ed68b82a104d56944b61f7a35524817cb2008c010

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"633d6e2e-f88a"
age
5856
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWJxDyTObj83hAFAue4YfF2CiB7QL3TL5FhFfIob8Nom771Tmah7ybZ%2FdrJchen5Za480FVR9v9t7GHqGYphUKlpLyBk16NJsPAafZEJuqQULFIbJ9fmSGogF2WDtW5WeY%2Bq"}],"group":"cf-nel","max_age":604800}
x-varnish
27770445
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=46518&min_rtt=43402&rtt_var=2535&sent=24&recv=18&lost=0&retrans=0&sent_bytes=15874&recv_bytes=4063&delivery_rate=3863832&cwnd=27630&unsent_bytes=0&cid=e38440ebc24ef827&ts=399&x=92"
date
Mon, 26 May 2025 10:50:27 GMT
content-type
text/css
last-modified
Wed, 05 Oct 2022 11:44:46 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb6342b983ea8-PER
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
403858c05e94183aac5b3c2c9a869ff4c9345d4e0b7b722b3f42d69548b0b729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
etag
479 / 20234 / m202505200101 / config-hash: 1295865988360337441
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33991
x-xss-protection
0
server
cafe
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-53.syd62.r.cloudfront.net
Software
/
Resource Hash
660f778ec90a554a74df4096093575bd2fb646770d457a9ae7f63c4ab1d56e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"337a9-FHbkO2JUY2ewb+wCH4dS0MuS2SM"
age
44
via
1.1 a97b28e298ec5907aa1d86d22bc232a0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Es6NjaRaC1l4magn5IV4iPw-2ChLNUxx3tt15Z9X2wMdO92UllaxMg==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Mon, 26 May 2025 10:49:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9db842a83d7f9b66c36b6e802f04af3e8b4a6dc633f91c2dc3f6ddf197ac5ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
etag
174655012152586558
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53264
x-xss-protection
0
server
cafe
wkw6ibt.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wkw6ibt.css
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.171 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8bab2bba8d2b527cc2bd0d9487106c450f27f6816ab5fcc4f9b87d6942056f44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
824
date
Mon, 26 May 2025 10:50:28 GMT
akamai-grn
0.a7b32e17.1748256628.1c62c825
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
lhd8znm.css
use.typekit.net/ 		3 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/lhd8znm.css
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.171 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
98bf3aa326dc0447a67b18bcc5edddfaab178228c197c33a4333e8965a6ef354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
733
date
Mon, 26 May 2025 10:50:28 GMT
akamai-grn
0.a7b32e17.1748256628.1c62c824
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
appstore.png
www.thevibes.com/images/social-media/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thevibes.com/images/social-media/appstore.png
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c379dd2dab9238c2df18e1d9ecd17ba0ee978de1ce1ff8c40d465e1dd3b5815

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept

Response headers

cf-cache-status
HIT
etag
"633c6936-6354"
age
5856
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zIovXGHxz2gtxzGb%2FbskP0izfCJOSJ7lKjw54KkP7HB2zath2naRB4xAbAJ3WUkOOzdvB1YA2arfToPOP31%2BPAk66HLKCZ57IKfpqFCkHaV19EzvEPQ28dIgMoCZAKNG7KNy"}],"group":"cf-nel","max_age":604800}
x-varnish
27774688
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=46518&min_rtt=43402&rtt_var=2535&sent=40&recv=20&lost=0&retrans=0&sent_bytes=31618&recv_bytes=4936&delivery_rate=3863832&cwnd=27630&unsent_bytes=0&cid=e38440ebc24ef827&ts=416&x=92"
date
Mon, 26 May 2025 10:50:27 GMT
content-type
image/png
last-modified
Tue, 04 Oct 2022 17:11:18 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb6343b9a3ea8-PER
accept-ranges
bytes
content-length
25428
server
cloudflare
playstore.png
www.thevibes.com/images/social-media/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thevibes.com/images/social-media/playstore.png
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bbb140a0b5e76e9bc6f4856c2d9990a2091537e5f697c6bbc7628391eab501

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept

Response headers

cf-cache-status
HIT
etag
"633c6936-52df"
age
5856
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJZNiTqJ9QvCXw1GDxKqZ8aObvPbfZYpbB4Z0%2B9YIDhZwjHH0l%2FfT%2B6ZhTrhbTuDSoNm9ESVvC5O7NFbMyucB2rhWvyDMwDghex%2BV%2BXLpT6A0BDasgBR910ebCklbv5Y4%2FWT"}],"group":"cf-nel","max_age":604800}
x-varnish
26832054
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=46518&min_rtt=43402&rtt_var=2535&sent=50&recv=20&lost=0&retrans=0&sent_bytes=43527&recv_bytes=4936&delivery_rate=3863832&cwnd=27630&unsent_bytes=0&cid=e38440ebc24ef827&ts=416&x=92"
date
Mon, 26 May 2025 10:50:27 GMT
content-type
image/png
last-modified
Tue, 04 Oct 2022 17:11:18 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb6343b9b3ea8-PER
accept-ranges
bytes
content-length
21215
server
cloudflare
appgallery.png
www.thevibes.com/images/social-media/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thevibes.com/images/social-media/appgallery.png
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abab55c1289f350ec2890c7641691e82307c5cd6e5af23fc8f5fd4e045e85cb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept

Response headers

cf-cache-status
HIT
etag
"633c6936-880f"
age
5856
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fT4YCLUKBf23nfVprxX69bhZlMBiqcjKKuDUuNKpDEbqRbmgjF7DPV%2B9Zwr92JYTfxnNa4u6xNfsMyHuYs%2BdxCkz%2FVls2S%2Fj4%2FNuOucNBjxTl%2BCUv4uAcEGuHgKiANfU5rfc"}],"group":"cf-nel","max_age":604800}
x-varnish
27770443 24992850
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=46887&min_rtt=43402&rtt_var=562&sent=86&recv=50&lost=0&retrans=0&sent_bytes=80779&recv_bytes=6686&delivery_rate=10714496&cwnd=86560&unsent_bytes=0&cid=e38440ebc24ef827&ts=506&x=92"
date
Mon, 26 May 2025 10:50:27 GMT
content-type
image/png
last-modified
Tue, 04 Oct 2022 17:11:18 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb634cb9f3ea8-PER
accept-ranges
bytes
content-length
34831
server
cloudflare
Man_spray_paints_monkey_shah_alam_May_26.jpg
media.thevibes.com/images/uploads/covers/_large/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_large/Man_spray_paints_monkey_shah_alam_May_26.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78bf1488652439248fcb257826798d69bf7314fafa55498a224a387042aa4fbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"68343a9f-11872"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GPDDB1Y68wepeSDjU7a5QyxccrLoXJvTF41OjKdXdOt1o8nd8xOLyaL6lZ3bJJHUdwPcMxNpvKVf3YP65aXmw1YWlSBSMVTd0wGtB41cuc7KGdHIeSV3Q8IykTrjuAXZhEQxxCE%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=52047&min_rtt=43402&rtt_var=1338&sent=610&recv=90&lost=0&retrans=0&sent_bytes=697145&recv_bytes=9522&delivery_rate=36628777&cwnd=354380&unsent_bytes=0&cid=e38440ebc24ef827&ts=771&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Mon, 26 May 2025 09:55:43 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6358ba43ea8-PER
accept-ranges
bytes
content-length
71794
server
cloudflare
20210315-Izzah-Rafizi-Facebook.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/20210315-Izzah-Rafizi-Facebook.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39fc8d8792607d73d9d920e99076212964fcafc8e91f36b0ad016fa3a46848f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"604f1d2f-b67c"
age
87025
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9uo0OjJOvRnccSZUbpNDZ1cg0sSXljcch6e1KfRqShyFYO5QdsOFE1nKQKSWQNVcn4XwSafO6zXtXXUvBQBZYDjaaJEydVdntvALlmlDwdCdHsD3tWmJAbpGMsxY5ERAsdv6BY%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46372&min_rtt=43402&rtt_var=377&sent=119&recv=66&lost=0&retrans=0&sent_bytes=117134&recv_bytes=8084&delivery_rate=10714496&cwnd=128773&unsent_bytes=0&cid=e38440ebc24ef827&ts=624&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Mon, 15 Mar 2021 08:39:11 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6358ba33ea8-PER
accept-ranges
bytes
content-length
46716
server
cloudflare
teoh_beng_hock_tmi_03__full.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/teoh_beng_hock_tmi_03__full.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9b052e97075bf5b6f2aff6bcf59a0bbafcde766a5d7ea6d2fbb1171a737a69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"6698965c-120dd"
age
102105
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwGsW7BkpI%2Byg4gCW00isRPlrgezAgnb%2B8RG8qLivFj23TpWI75oNL7e69YrKR7kJRiAPyPisGQhlnCk2qy9hPDcLHq7ib4BUPY7Ty6MsAnwwLurdyELwoBCOVcczjIwadyW9I0%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=839&recv=153&lost=52&retrans=52&sent_bytes=955363&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1082&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Thu, 18 Jul 2024 04:13:16 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386baf3ea8-PER
accept-ranges
bytes
content-length
73949
server
cloudflare
26032022-KUL-Mohd_Rafizi_bin_Ramli-Ayuh_Malaysia-SYEDAIMRAN_-07.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/26032022-KUL-Mohd_Rafizi_bin_Ramli-Ayuh_Malaysia-SYEDAIMRAN_-07.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896d9c375d928cdf8179b8e25473d99f6aa9522a11ed0f09ea2ade4480a08b53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"62400be3-b203"
age
94456
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWq6uDSgbPvLNOnYkp780eXc%2FyN7RcrWaH76gMb%2FTP8Q5rXDRdIliPF5nxJ6h4WB%2BhsKdZz6BSYApp%2B5EWQKm8jEM70bI5ajrwH%2FQ6BjNA%2FSxhCyORjSQgOUGfD815tZQjMVYjU%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1154&recv=153&lost=52&retrans=52&sent_bytes=1325729&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1084&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Sun, 27 Mar 2022 07:01:55 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb13ea8-PER
accept-ranges
bytes
content-length
45571
server
cloudflare
Sabah_conservation_Dr_Nurzhafarina_Othman_1.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/Sabah_conservation_Dr_Nurzhafarina_Othman_1.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d7cffcf5192facd0d88036bdce3849aa8b53d4147c0633b133e9d21b763c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"68329a3c-114d6"
age
108843
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrF%2BPnTL5XIfsF24r6fGFbEYR%2Bqw7qMB2AOJJvK6zem6AlfVnl1JVmeqc0A00kjyDdP%2FXXajJFJ1v2Bymk0SAJIarNTZBG2tCzxblXhAIoTw0v2iZtFP4DERzWKhqWNl%2BKvUQU4%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=839&recv=153&lost=52&retrans=52&sent_bytes=955363&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1081&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Sun, 25 May 2025 04:19:08 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb03ea8-PER
accept-ranges
bytes
content-length
70870
server
cloudflare
20210131-permatang_pauh-nurul_izzah_anwar-bernama.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/20210131-permatang_pauh-nurul_izzah_anwar-bernama.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd6fc8624d340bbf85fbf0142589eb98616ad9be688a9e4c7a66deae21080e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"6016c814-73a6"
age
116834
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RQu923qNu4U9%2BZYXmf291RaTprBToQsKySjCVMVqCQLPqxTYXRjLdZzKtvPrfhxEW9SvCJyNSbqv2cYoRFFqWVk6ttNQIejO2YB5g1558SRwuVamwu%2BJDVK67W4Sgv%2BijC16SE%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=991&recv=153&lost=52&retrans=52&sent_bytes=1133386&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1082&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Sun, 31 Jan 2021 15:09:08 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb23ea8-PER
accept-ranges
bytes
content-length
29606
server
cloudflare
kssara.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/kssara.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830b86c649a3d66e2639577461c38bd7a6c2d175070b629b847ddc7695598423

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"6831c8ef-a75e"
age
112201
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tDtKdEKmX%2Brs9mZ1WSCmQb87%2Bd4IETEBmo%2FDEX6u28CNJlIDU%2BJ%2FPI%2FaMTwExxBTv6INIj8MQapOybt%2FZk1MqBLbs0pJSDwdY%2BvaBhcGdxVJHXYEbHfWyWjFfHWc0o5Aq8DrK4%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1194&recv=153&lost=52&retrans=52&sent_bytes=1373031&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1085&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Sat, 24 May 2025 13:26:07 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb33ea8-PER
accept-ranges
bytes
content-length
42846
server
cloudflare
IMG_6310.jpeg
media.thevibes.com/images/uploads/covers/_medium/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/IMG_6310.jpeg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10cfeaa6f3525225852224dca0e0c85480b83d22cd2de86c56033ce368d723ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"68333a6f-17a9f"
age
39602
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2rC9Gx70qBauP97lc%2B%2BEgWP8r68%2F9%2BQxrmlhqSrvsmwr1cALuVD6uC%2FTCRSspbZvY9a32Q7sjVErBJgOvBheA%2FighyZdh%2BZ85leU4n2EPKz8e%2FtCHfjmrYV%2Feu3%2Bz7vpDDKbH0%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1038&recv=153&lost=52&retrans=52&sent_bytes=1189208&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1083&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Sun, 25 May 2025 15:42:39 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb43ea8-PER
accept-ranges
bytes
content-length
96927
server
cloudflare
17082023_CP_Selangor_Datuk_Hussein_Omar_Khan_pc_-_SALWA_FARHANA_ISMAIL_pix.jpeg
media.thevibes.com/images/uploads/covers/_medium/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/17082023_CP_Selangor_Datuk_Hussein_Omar_Khan_pc_-_SALWA_FARHANA_ISMAIL_pix.jpeg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d7ad4b4dc4c7aa569b46de91110b641b2a5e39b918b498f29eb54473f5345b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"64e1523d-903b"
age
92006
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THwMuNWywLK8eE8nRsgSvMNPbiBUYeZWEijzSrLqBQ8bEY6HUc4n3q3X2necCwjfYEiImOtA7b00dZvWbZ2embvasx7KBNOSQS9fk%2FOW9PcX6gtuocwUmtBV0sh5UdHXIzANZRs%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1017&recv=153&lost=52&retrans=52&sent_bytes=1164310&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1083&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Sat, 19 Aug 2023 23:37:33 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb63ea8-PER
accept-ranges
bytes
content-length
36923
server
cloudflare
Inspector-General_of_Police_Tan_Sri_Razarudin_Husain_.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/Inspector-General_of_Police_Tan_Sri_Razarudin_Husain_.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac73fc5dc795d924ac4ebb9f1753da7f83ceb1007680a40e6e81bea46c79489

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"67c7c5b8-99bd"
age
885386
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQPm779M1nNzLkeWjesPP6P4ni1epCfE5r3iV7WUi675VkSE6GaREbki4AqrZTUwA1g%2BZQTRO0mEOACYHvTNeFGTyjx3yKP0MTm2czuo%2B5zXgz8JZPNZFVoVYD0l8HYD3rSUJWo%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=804&recv=153&lost=52&retrans=52&sent_bytes=914456&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1080&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Wed, 05 Mar 2025 03:32:08 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb53ea8-PER
accept-ranges
bytes
content-length
39357
server
cloudflare
06102020-KUL-court_judge_hammer-pool.jpg
media.thevibes.com/images/uploads/covers/_medium/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/06102020-KUL-court_judge_hammer-pool.jpg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7139b2d0ce22911ea316debf6f1df27e7365bce5fbd41c35182c7d88551ba37a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"5f993b58-6a91"
age
1036780
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITLLxEdU4auOKMODq3rxxqshMchcRubRUZCOCCvD%2FuI4UoGykUunM9lqHkDYnI%2FvhA%2FNvL5hKSgH674615CxY4Lf28ueNKwW5DDwShOtOG7MeRsAK%2BYrOBJz7kk6DSQWbnlg%2FEQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=966&recv=153&lost=52&retrans=52&sent_bytes=1104782&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1082&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Wed, 28 Oct 2020 09:35:20 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb73ea8-PER
accept-ranges
bytes
content-length
27281
server
cloudflare
2022-education_fadhlina_sidek-bernama.JPG
media.thevibes.com/images/uploads/covers/_medium/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/2022-education_fadhlina_sidek-bernama.JPG
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea42dcd60ffe16742fa1c29004f2e1438e7d3f22ffabc3a4fffd9494ad1e771b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
DYNAMIC
etag
"639af614-b81e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJyfSa0SJVpzGWcc%2FhTv4EtZ1URBD369PPe41TFMlqywQgDa9jT8V4PAQtLX9UuXjcOJRJu3JMGf%2FZ12Tm3ZKIpk6kN5baFHLSKPou3ZJoMeojSl1odowjN3i9HI0k4Cu5q7VT8%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=63951&min_rtt=43402&rtt_var=4804&sent=1391&recv=188&lost=52&retrans=53&sent_bytes=1604698&recv_bytes=18581&delivery_rate=35193175&cwnd=1226903&unsent_bytes=0&cid=e38440ebc24ef827&ts=1236&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Thu, 15 Dec 2022 10:25:24 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb83ea8-PER
accept-ranges
bytes
content-length
47134
server
cloudflare
20230119_-_DPMFadillah_Yusof_Media_Panorama_TV_MoU_on_jan_19_-_ABDUL_RAZAK_LATIF_013.JPG
media.thevibes.com/images/uploads/covers/_medium/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/20230119_-_DPMFadillah_Yusof_Media_Panorama_TV_MoU_on_jan_19_-_ABDUL_RAZAK_LATIF_013.JPG
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7339f98a1311b9a32d82be24be50f27681ee7ba7842d4f0870f778a47ff70b72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"63c8d153-8659"
age
16936
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DiGKUSaHR8OAOteCbZTTMOkgGOCJ2FywtjCirHrVt%2FfgTH5zagdOPPhZ48xDCVdpYG7xBnaUSDTRuY7iGKCWEaIiaetM4s9Jzq37vIN1kRUssn3PSZJCBchX8H13UYqV1Ygr6hA%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1239&recv=153&lost=52&retrans=52&sent_bytes=1425728&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1085&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 05:12:51 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bb93ea8-PER
accept-ranges
bytes
content-length
34393
server
cloudflare
pam222a.png
media.thevibes.com/images/uploads/covers/_medium/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.thevibes.com/images/uploads/covers/_medium/pam222a.png
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5c579e1cc612bd05dfd87d08e8fc5816bb8b95efe5e2f4c57d06692628a70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
HIT
etag
"6833ff9d-239a6"
age
13698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSSaqtwVxpGe0ToxpwMUGUYeblcJ7ai5HvCVZmMSEj2cWay5iwzAqJN14zfemeOLe4ykA%2FiNJHbylzno8oNOqDitVEPiFnIdFDCRfh72aegyl%2BOnOl3rXLGdmRo2Jbexs8wN8yQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1194&recv=153&lost=52&retrans=52&sent_bytes=1373031&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1085&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/png
last-modified
Mon, 26 May 2025 05:43:57 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
945cb6386bba3ea8-PER
accept-ranges
bytes
content-length
145830
server
cloudflare
petra.png
www.thevibes.com/images/social-media/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thevibes.com/images/social-media/petra.png
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592d3f297b6e63828c68abe86f648e4415d13d1f5ec2ac4362e8cdc934b08d81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept

Response headers

cf-cache-status
HIT
etag
"633c6936-5596"
age
5857
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwyRL6ryAobMvsVD8%2BmGUr4TA7MJxc2GfgmfyJ1Ej19Scos74mKevQEKtDG%2Bq7B5kwu0lKVF9Sj%2FxW%2BJk0tDtTM8odeIuSEs8n2xCMynp7ETd%2BLadiJJ%2FoP9O7bvLSuvo4fb"}],"group":"cf-nel","max_age":604800}
x-varnish
6857677 6138747
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=54363&min_rtt=43402&rtt_var=1612&sent=1134&recv=153&lost=52&retrans=52&sent_bytes=1302589&recv_bytes=16993&delivery_rate=35193175&cwnd=863383&unsent_bytes=0&cid=e38440ebc24ef827&ts=1084&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
image/png
last-modified
Tue, 04 Oct 2022 17:11:18 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb6386bbb3ea8-PER
accept-ranges
bytes
content-length
21910
server
cloudflare
app.js
www.thevibes.com/js/ 		2 MB
585 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thevibes.com/js/app.js?v=202200804
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b2e73d819ad76bde9f92da38cd704582c4d81e0ccc94ce776452d6b65ff7a9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"633c6936-1a1e54"
age
5856
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s36RJJjk2IJ40dMtegplUmk2orAif1MZhGxSmqo5uWNRD7qLIyrlFUfmpu4K77tSwG%2FWj1rxL5juYM%2FUSrLHLlBgfic0S0H6pWcMNvNeNJyFpCaxv9uYMBHfYopljngzvgva"}],"group":"cf-nel","max_age":604800}
x-varnish
6303545 4973205
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=46539&min_rtt=43402&rtt_var=264&sent=161&recv=71&lost=0&retrans=0&sent_bytes=165575&recv_bytes=8641&delivery_rate=29711803&cwnd=177190&unsent_bytes=0&cid=e38440ebc24ef827&ts=691&x=92"
date
Mon, 26 May 2025 10:50:28 GMT
content-type
application/javascript
last-modified
Tue, 04 Oct 2022 17:11:18 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb635fba63ea8-PER
server
cloudflare
css
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&display=swap
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/css/app.css?v=20221005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
f41df713969f37c69d521da6b2fecb5a39dda4adf6b1fdf52079556e81eef4fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 26 May 2025 10:50:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/css/app.css?v=20221005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
8f3a1b017a88b4a6c53a64f0bbe7275cc1fe43a64f79fd4c483efcd95776d284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 26 May 2025 10:28:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		17 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/css/app.css?v=20221005
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
1412d14bb873809e26195096d515eb10564467d7e0b93696b5fc1315fcb6262d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 26 May 2025 09:26:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		401 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PLPWMFN
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cdb148bd9c3d6d4d777490d18679bbf0612ff692a262141aae4b464ecef66311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires
Mon, 26 May 2025 10:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 26 May 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1317:0
content-length
138453
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
age
1778
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 12:20:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:20:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		275 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
467389e1c54ff093185c031255951ed7d0b319391f0ab2783dcf81f5671b1d94
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-0xIqDh0f' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-0xIqDh0f' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=97, rtx=0, c=23, mss=1232, tbw=4958, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
zCmO/ApfG++QAzh9Ql/7IxGJDxac6draT9Mj5IDmvy880RXxRODP0axdwx2MfHxkMTVePbtwIxtrF8OFd9SoDw==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-0xIqDh0f' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
70852
x-xss-protection
0
origin-agent-cluster
?1
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96e803cc46ba31cef48752356a13dc8a92564f2e6b20adcd4d360410b5fbc579

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"89be6341362180b7e00592aa62f11b75+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15757
date
Mon, 26 May 2025 10:50:29 GMT
x-tw-cdn
FT
last-modified
Mon, 28 Apr 2025 13:13:22 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000133-IAD, cache-wsi-ysbk1060057-WSI
x-amz-server-side-encryption
AES256
code
edgecdn.dev/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edgecdn.dev/code?code=8bc4466bdcc3d354a9774f921679fbdd
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c9477748008ebe3fe744723254022a4550436f94e61ef007c9caf6164d35c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e58Gk5a%2BHDiRfrv2OSgdogwmqzHKlGtvS%2FpmSgA%2FEKrc156NtchtunjcV9753LB7bmWF9kb3agAkvkEGY7gdjDWdFuzpFdTy05LQXYsWO7J31YLp9uS%2BslQF2MrPOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Jul 2001 06:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57846&min_rtt=51166&rtt_var=12120&sent=10&recv=12&lost=0&retrans=0&sent_bytes=3644&recv_bytes=4504&delivery_rate=478253&cwnd=15616&unsent_bytes=0&cid=cb3e69c4744b16ce&ts=1080&x=92"
p3p
CP="CAO PSA OUR"
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Mon, 26 May 2025 10:50:29 GMT
vary
Accept-Encoding,User-Agent
cache-control
max-age=3600, s-max-age=84600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
945cb638f91ec742-PER
access-control-allow-origin
*
content-length
10805
server
cloudflare
gtm.js
www.googletagmanager.com/ 		322 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NK4LNDK
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3ef4cd17c41f681b1c2ab4037578e63baf885879730035194001cf0a3a97f27d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1317:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1317:0"}],}
expires
Mon, 26 May 2025 10:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 26 May 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1317:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1317:0
content-length
117195
x-xss-protection
0
server
Google Tag Manager
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/ 		539 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
638b32a4f2339ff4f58198fe56ffb89091e03c23d76a39821797c01f026e21ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
etag
8367355567805738573
age
9629
x-content-type-options
nosniff
expires
Tue, 26 May 2026 08:09:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 26 May 2025 08:09:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
173743
x-xss-protection
0
server
cafe
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=lhd8znm&ht=tk&f=5503.5504.5505.5506&a=86886341&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lhd8znm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.90 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-84-165-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"673d7da1-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 06:11:45 GMT
server
nginx
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wkw6ibt&ht=tk&f=32226.32227.32230.32231.32236.32238&a=86886341&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wkw6ibt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.165.90 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-84-165-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"673d7da1-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Mon, 26 May 2025 10:50:28 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 06:11:45 GMT
server
nginx
327630405241840
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/327630405241840?v=2.9.203&r=stable&domain=www.thevibes.com&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
23342707a3d3f6b45aef4d4f2d23db313d9ff070157a8548090c6fbb998f8a6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-hKPyyv41' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-hKPyyv41' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=83, mss=1232, tbw=80622, tp=74, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
4z/nvz2o/cSmtoBtpL9XUVEcXg2H+E2QlN4jgG8d7uaZX0t9bdKXQEqjdhP2Q6VairicSqUDMnJgie29PVZCwQ==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-hKPyyv41' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14159
x-xss-protection
0
origin-agent-cluster
?1
608782f392c03e0018d67020.js
buttons-config.sharethis.com/js/ 		582 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/608782f392c03e0018d67020.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-56.syd3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129776b422a3c1fe8700a519076a726f0165cb60ba50d5a384981a2ee6a4ddfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
cache-control
public, max-age=60
etag
"c6d23723913758e1c4abf8df00016a07"
via
1.1 4dc21cb63e62a1d58ba1e9fef2392daa.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
582
x-amz-cf-id
QB7YbJXCmhI7HCb66CSdH4Mzw3GUNNP3SrS6N_G1DOEq3D9sq1zUyw==
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/javascript
last-modified
Mon, 15 Aug 2022 03:03:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=www.thevibes.com&location=%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&pr...
  • https://l.sharethis.com/sc?event=pview&hostname=www.thevibes.com&location=%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&produ...
176 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=www.thevibes.com&location=%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&product=inline-share-buttons&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&refDomain=news.google.com&cms=unknown&publisher=608782f392c03e0018d67020&sop=true&version=st_sop.js&lang=en&description=62-year-old%20Shah%20Alam%20resident%20under%20investigation%20for%20animal%20cruelty%3B%20Perhilitan%20reminds%20public%20not%20to%20take%20wildlife%20matters%20into%20their%20own%20hands&ua=&ua_mobile=false&ua_full_version_list=&uuid=453ecda5-1df4-4d98-9ec9-0f08026bb856&samesite=None
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Server
52.52.120.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-120-166.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
be1ba527364a235f4b4b8614d31b8164c76c4e11969bb32ecc2ec0fc02f4135c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Access-Control-Allow-Origin
https://www.thevibes.com
Content-Length
176
Date
Mon, 26 May 2025 10:50:30 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
*

Redirect headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Location
/sc?event=pview&hostname=www.thevibes.com&location=%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&product=inline-share-buttons&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&refDomain=news.google.com&cms=unknown&publisher=608782f392c03e0018d67020&sop=true&version=st_sop.js&lang=en&description=62-year-old%20Shah%20Alam%20resident%20under%20investigation%20for%20animal%20cruelty%3B%20Perhilitan%20reminds%20public%20not%20to%20take%20wildlife%20matters%20into%20their%20own%20hands&ua=&ua_mobile=false&ua_full_version_list=&uuid=453ecda5-1df4-4d98-9ec9-0f08026bb856&samesite=None
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Access-Control-Allow-Origin
https://www.thevibes.com
Content-Length
1101
Date
Mon, 26 May 2025 10:50:30 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
/
www.facebook.com/privacy_sandbox/topics/registration/ 		67 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/privacy_sandbox/topics/registration/?id=327630405241840
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/327630405241840?v=2.9.203&r=stable&domain=www.thevibes.com&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-qiTWqQHc' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

access-control-expose-headers
X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508705046574682316&cpp=C3&cv=1023186384&st=1748256629537"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
observe-browsing-topics
?1
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods
OPTIONS
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/png
vary
Origin, Accept-Encoding
x-fb-debug
LZNOlEXU9gChlkVcQ7uQNYnj3y+rYSC5ZZ/706Z8TW9WAnFPxjySA/sSkOwYFWc6enJcrIQWsmanND5BjUC7zA==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508705046574682316&cpp=C3&cv=1023186384&st=1748256629537", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-qiTWqQHc' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=4957, tp=9, tpl=0, uplat=406, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=327630405241840&ev=PageView&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1748256629056&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748256629044.748145119604880725&ler=other&cdl=API_unavailable&it=1748256628913&coo=false&rqm=GET
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=23, mss=1232, tbw=5006, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=327630405241840&ev=PageView&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1748256629056&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748256629044.748145119604880725&ler=other&cdl=API_unavailable&it=1748256628913&coo=false&rqm=FGET
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-y1CQV4nu' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508705047450941565&cpp=C3&cv=1023186384&st=1748256629319"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ljWYLvcIg4eBAZ6tIKXtuenXEXDYqsXW8qlFbBtkG3y6z6AuQxi/7uAvE77bRqcZQNT3SUQPJEb/HipyNXutjA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508705047450941565&cpp=C3&cv=1023186384&st=1748256629319", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-y1CQV4nu' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=24, mss=1232, tbw=5374, tp=13, tpl=0, uplat=279, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
logo.svg
www.thevibes.com/images/ 		35 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thevibes.com/images/logo.svg?v=20210409
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/css/app.css?v=20221005
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0fb235dc738222d47d3b3b6a0bc59b55186d9ab24682530018b5470f899ab7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/css/app.css?v=20221005

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"61372a04-8dcf"
age
5857
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KruTPDoSd96NOEBsoCNFFmYg8k9A6NxikbnC2EEoM7unT5dhdPH6x4F31rWdrTz9WUV5uwhwV4tXWw%2BmtpP5LR2wvGkAzx%2FgJMrSpMukX1glL1J39oanDXITEoZdD38T9KjG"}],"group":"cf-nel","max_age":604800}
x-varnish
23224947
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=48282&min_rtt=43402&rtt_var=1579&sent=1775&recv=230&lost=393&retrans=394&sent_bytes=2056811&recv_bytes=20965&delivery_rate=97592903&cwnd=1601056&unsent_bytes=0&cid=e38440ebc24ef827&ts=1634&x=92"
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/svg+xml
last-modified
Tue, 07 Sep 2021 08:59:48 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
via
1.1 thevibesunified (Varnish/7.6)
cf-ray
945cb63bdbe73ea8-PER
server
cloudflare
l
use.typekit.net/af/1fe1ce/00000000000000007735aff6/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1fe1ce/00000000000000007735aff6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wkw6ibt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.171 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cb0ccc37bbf967402e5b03b42ab8d9b541a4178fb01b6c9e9f92023b816e0e43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.thevibes.com
Referer
https://use.typekit.net/wkw6ibt.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"abe1c15fef511705f1d3f32f119e26ee3aa3ea1e"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16516
date
Mon, 26 May 2025 10:50:29 GMT
akamai-grn
0.a7b32e17.1748256629.1c62cb28
content-type
application/font-woff2
server
nginx
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.187.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.thevibes.com
Referer
https://fonts.googleapis.com/

Response headers

age
391868
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 21 May 2026 21:59:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 21 May 2025 21:59:21 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
l
use.typekit.net/af/9447d1/0000000000000000000176f7/27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9447d1/0000000000000000000176f7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/lhd8znm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.171 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
917a4ab5f696ce879c981ed27f4140fce882445da8730f94c42bb63107c696f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.thevibes.com
Referer
https://use.typekit.net/lhd8znm.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"b9c1272c1ec32b26f4d8e5e08c0de36521929428"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
50904
date
Mon, 26 May 2025 10:50:29 GMT
akamai-grn
0.a7b32e17.1748256629.1c62cb2a
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/c2b6e5/00000000000000007735afee/30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c2b6e5/00000000000000007735afee/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wkw6ibt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.171 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-171.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d2b31f1f639e632ca3cc9a504d5e00b9e087f11b92cb145504b6ef3a44c6baef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.thevibes.com
Referer
https://use.typekit.net/wkw6ibt.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"daed50b133b40d34787311b04e81403935df5bae"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
15328
date
Mon, 26 May 2025 10:50:29 GMT
akamai-grn
0.a7b32e17.1748256629.1c62cb29
content-type
application/font-woff2
server
nginx
plugin.min.js
static.dable.io/dist/ 		594 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.11 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4c17080b8d3abc55e0fb705e7def984087698ee73af8d578e34bdd44e4f6633b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

x-amz-id-2
XCn2rcXN0aB17fcmiuu0jFpnMIDxo47DS9R+A4A/2N0Y1CFNXUAOOt4d9Ot3SV3g7V+0+2kl0lI=
cache-control
max-age=7200
content-encoding
br
etag
W/"1834c9aa40a6a8e46a869882207bc2a4"
x-amz-version-id
oaT9t283uAt7bao88S9ujvMfnuJa_xoa
x-amz-request-id
VJRZ1QSYY9F71D4K
content-length
274
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/javascript
last-modified
Mon, 26 May 2025 01:33:49 GMT
server
nginx
x-amz-server-side-encryption
AES256
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.thevibes.com
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 3D0F 		102 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
sffe /
Resource Hash
56b8de493133e66949fb4e7179fc6398806e734bb30cef739674fe9254f4c4b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:10:33 GMT
expires
Mon, 26 May 2025 11:00:33 GMT
last-modified
Mon, 19 May 2025 19:44:47 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		213 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4126522354488385&correlator=3679954555998673&eid=31086814%2C31090591%2C31092253%2C31092626%2C31092678%2C95353384%2C95355263%2C83321072&output=ldjh&gdfp_req=1&vrg=202505200101&ptt=17&impl=fifs&iu_parts=22338873404%2Cvbs-2-article%2Cvbs-2-article-prime-leaderboard%2Cvbs-2-article-in-article-mreg%2Cvbs-2-article-in-article-leaderboard%2Cvbs-2-article-sidebar-mreg%2Cvbs-2-article-half-page&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%2C728x90%2C300x250%2C300x600&ifi=1&dids=vbs-2-article-prime-leaderboar~vbs-2-article-in-article-mreg~vbs-2-article-in-article-leade~vbs-2-article-sidebar-mreg~vbs-2-article-half-page&adfs=3736061197~2541216088~2741310569~1562320671~1176468305&sfv=1-0-45&sc=1&cookie_enabled=1&abxe=1&dt=1748256629400&lmt=1748256629&adxs=436%2C242%2C274%2C1066%2C1066&adys=1034%2C1205%2C2133%2C1276%2C2319&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=1600x3139%7C316x0%7C824x1063%7C324x1075%7C324x921&msz=1600x0%7C300x0%7C792x0%7C292x250%7C292x0&fws=0%2C0%2C0%2C512%2C0&ohw=0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1748256627820&idt=1463&cust_params=categoryId%3D4%26categorySlug%3Dnews%26entryId%3D108682%26entrySlug%3Dman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&adks=3397232470%2C3391339680%2C839368779%2C2493304470%2C1143523745&frm=20&eoidce=1&td=1&egid=33314&tan=d5b77acc-4b72-4f53-bab3-d974c093974c%2Cd5b77acc-4b72-4f53-bab3-d974c093974d%2Cd5b77acc-4b72-4f53-bab3-d974c093974e%2Cd5b77acc-4b72-4f53-bab3-d974c093974f%2Cd5b77acc-4b72-4f53-bab3-d974c0939750&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
7b6510fb8c261f11be6c27a045f6252caa7a02501ae9e1b209ccbb04bbd36125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
google-lineitem-id
6727734870,6727734870,-1,6791578926,-1
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138476408903,138476968003,-1,138491995363,-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.thevibes.com
content-length
37726
x-xss-protection
0
server
cafe
container.html
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 2F4C 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:29 GMT
expires
Mon, 26 May 2025 10:50:29 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsct
t.co/i/ 		43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=cac7669d-7e82-4476-b235-d4b99aba08ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ogo&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
e4850b81ef70175c
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9c13b7ff7925bae071226a5315ff6203f7eff21678b4535e7755bcc49642090d
cf-cache-status
DYNAMIC
cf-ray
945cb63f4a387382-PER
x-response-time
7
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=cac7669d-7e82-4476-b235-d4b99aba08ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ogo&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
d4f2daea1e475c67
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fcb5de57f8fa31e94420f004e71b3318dbc080e9559c89b178f66ca5722dac56
cf-cache-status
DYNAMIC
cf-ray
945cb63f5a298670-PER
x-response-time
12
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
main.js
www.thevibes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/ Frame 3400
Redirect Chain
  • https://www.thevibes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.thevibes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thevibes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bb6356f6004c8b5f901250b75507c0b6b2a05fc35e40e6081bef610932a639
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nd6J9NhXTm5yt6A9Soz26OeUs%2Bil%2B%2FWr%2B7NB1F42fCYRewissph7y%2Fo0TqWZdsk6GN%2BP5wmrOoZpd6wuAjMmxobHxOP73m%2FPr9tWtwrKzJzJoZIPVDqrM0QFuIQIRjzXbuIt"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
945cb63fac1d3ea8-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47720&min_rtt=43402&rtt_var=1144&sent=1802&recv=236&lost=393&retrans=394&sent_bytes=2085271&recv_bytes=21875&delivery_rate=97592903&cwnd=1629468&unsent_bytes=0&cid=e38440ebc24ef827&ts=2243&x=92"
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6fab0cec561d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VAkEfHMzqgwWvTvTjirRnF9clbwKcwTGvEgZCwySphos0Yw4oAk1WwehzxZGIsR7YF1he3pDlak1PtG5gCklwqqHq3nHTBDWcOfczQWRaEp1oIk2vm9cj5LbEx6ndRoyf4A"}],"group":"cf-nel","max_age":604800}
cf-ray
945cb63eabfd3ea8-PER
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=47740&min_rtt=43402&rtt_var=1472&sent=1800&recv=234&lost=393&retrans=394&sent_bytes=2084577&recv_bytes=21402&delivery_rate=97592903&cwnd=1628798&unsent_bytes=0&cid=e38440ebc24ef827&ts=2078&x=92"
date
Mon, 26 May 2025 10:50:29 GMT
vary
Accept-Encoding
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/ 		461 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
c966819fd380cb96e153756e842111b5c481e1792f2151381b70a2dd5275c57f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
etag
17257031994529967950
age
20192
x-content-type-options
nosniff
expires
Mon, 09 Jun 2025 05:13:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 05:13:57 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
158476
x-xss-protection
0
server
cafe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=news.google.com&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&scrsrc=www.googletagmanager.com&frm=0&rnd=284023910.1748256630&dt=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&auid=1268695141.1748256630&navt=n&npa=0&gtm=45He55m0h2v895783437za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&tft=1748256629615&tfd=2210&apve=1&apvf=sb
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK4LNDK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s38-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers
collect
www.google-analytics.com/j/ 		3 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1113391184&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&dr=https%3A%2F%2Fnews.google.com%2F&ul=en-au&de=UTF-8&dt=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABEAAAAC~&jid=789275840&gjid=2079148808&cid=1795611137.1748256630&tid=UA-247034739-1&_gid=17802127.1748256630&_r=1&_slc=1&gtm=45He55m0h2n81NK4LNDKv895783437za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&z=1119871010
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thevibes.com/

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.thevibes.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
3
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		297 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11011689517&cx=c&gtm=45He55m0h2v895783437za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK4LNDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fc77964b6f4458176902747a75ba3d0fb47bbc6357f35fc615ee2d0120366873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 26 May 2025 10:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 26 May 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
108624
x-xss-protection
0
server
Google Tag Manager
1096309217918733
connect.facebook.net/signals/config/ 		28 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1096309217918733?v=2.9.203&r=stable&domain=www.thevibes.com&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119%2C214%2C213%2C215%2C220%2C221%2C222%2C218%2C202%2C141%2C174%2C201%2C203%2C250%2C177%2C129%2C168%2C154%2C138%2C247%2C123%2C145%2C130%2C198%2C120%2C159%2C137%2C192%2C122
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
7030b49b36e91e6fa62ad072a638f1c8ad53a87699d5d5211dbc0e9f7b348515
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-jRS3FHHu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-jRS3FHHu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=94, rtx=0, c=83, mss=1232, tbw=96654, tp=90, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
/EgpYvlq7mKJYnxTRmi1l4PxpLEuG0XF5L5tg2mPlH8oVwV9AQyI7thK2JG/2DbfiHY2aHDqKOJPLc6mbjH9Vg==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-jRS3FHHu' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
3291
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		433 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLPWMFN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0c8936dd74a555b190799dce7c69483c9610a63927235a40c275a8109b1a8222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires
Mon, 26 May 2025 10:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1075:0
content-length
148975
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/j/ 		3 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1113391184&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&dr=https%3A%2F%2Fnews.google.com%2F&ul=en-au&de=UTF-8&dt=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAACAAI~&jid=1899781060&gjid=1969986673&cid=1795611137.1748256630&tid=UA-177406334-1&_gid=17802127.1748256630&_r=1&_slc=1&gtm=45He55l1n81PLPWMFNv832408556za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cd1=entry&cd2=articles&cd3=4&cd4=Malaysia&cd5=news&cd6=108682&cd7=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept&cd8=man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&z=748577456
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thevibes.com/

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.thevibes.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
3
server
Golfe2
tfa.js
cdn.taboola.com/libtrc/unip/1334017/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1334017/tfa.js
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81a8a04c8a9a14c25302ec6c185bd83117c884fbbb3e0655485b842029d1600f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
etag
"b22418f22774369d2a0df317bbea673e"
x-amz-version-id
H_2X6dY8yixml8HYBl.ecS_kRYTYWJnQ
age
0
x-cache
HIT
date
Mon, 26 May 2025 10:50:30 GMT
last-modified
Sun, 25 May 2025 11:03:30 GMT
x-served-by
cache-per12628-PER
x-cache-hits
0
content-type
application/javascript; charset=utf-8
x-amz-id-2
N8/PVSnmpYvmfpzkhkR/KSoXqKwp2JXB+DAnANYUZ4QzbBMfcqGIPCFz6mN0WIDOHAFzPk74mMP0hj3O+RbvQqKyEwKqYlbL
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14401
x-timer
S1748256630.807465,VS0,VE263
via
1.1 varnish
x-amz-request-id
53PCRHZBSNX041QS
accept-ranges
bytes
access-control-allow-origin
*
abp
49
content-length
24196
server
AmazonS3
x-amz-server-side-encryption
AES256
pixel
cost.affcost.com/ 		0
0
adsct
t.co/i/ 		43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=0022a126-49a9-4663-8bc9-09bb7c9e4c26&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4lyw&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
da63fd20dd496511
cache-control
no-cache, no-store, max-age=0
x-connection-hash
dd3d37693191e5c24fde2a93a4d41aeae49947724912f378dae1afcd61b0e51a
cf-cache-status
DYNAMIC
cf-ray
945cb63faa637382-PER
x-response-time
13
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=0022a126-49a9-4663-8bc9-09bb7c9e4c26&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4lyw&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
1e2cc6a963a03b49
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fba9cd5fa3c18bd90d1a353b0c889019812906989da434abdae90eaf040ee364
cf-cache-status
DYNAMIC
cf-ray
945cb63faa668670-PER
x-response-time
9
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
t.co/i/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=0f87751c-1368-4a8d-b779-fe15c005e349&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o51g2&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
342d89801adaf6ce
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9b364ebbf4fac550cbd1b4653f12d1cd68be49c8a4d37d8dc41a1fe05ce21c33
cf-cache-status
DYNAMIC
cf-ray
945cb63faa657382-PER
x-response-time
7
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=0f87751c-1368-4a8d-b779-fe15c005e349&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o51g2&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
b28a718385483e99
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f1b1d7f40614bf016da6d005de0ff896709c4d1bb65247d6143ff67bf2d8d95a
cf-cache-status
DYNAMIC
cf-ray
945cb63faa698670-PER
x-response-time
6
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
t.co/i/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=c982923c-d0f5-44a2-8fb5-99fbf3ea32eb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ogo&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
be8ea5ce1d9bb8d6
cache-control
no-cache, no-store, max-age=0
x-connection-hash
3be1f481829d2b1b51b37bdaa9a5aa3574559725aa3fd94bfd9735ec3c093e4d
cf-cache-status
DYNAMIC
cf-ray
945cb63faa667382-PER
x-response-time
13
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/i/ 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Australia%2FPerth%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=2&event_id=c982923c-d0f5-44a2-8fb5-99fbf3ea32eb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=df5ccf17-5b12-4ba2-a91f-908c4c71b838&tw_document_href=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ogo&type=javascript&version=2.3.33
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
647b9c6e9e8d4981
cache-control
no-cache, no-store, max-age=0
x-connection-hash
675ee20af54c923793db50d5101b6d7cf1877caa5af2eacfdcd530442dd65c19
cf-cache-status
DYNAMIC
cf-ray
945cb63faa6a8670-PER
x-response-time
9
content-length
43
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
plugin-BBCUYWKP.js
static.dable.io/dist/bundles/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.11 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03f766f0818ef780c756ddc855b634e58a62fc9932c41af007b595c1f5b08591

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

x-amz-id-2
iNIS8X6VIqGqnJxl7PhmmGtgv73WBlsja/HsdjL76r+mDlLzvfuZkbQm8oNpL9ihWzUow/MD+no=
cache-control
max-age=30567730
content-encoding
br
etag
W/"2a53077b615a1707abf57022ca35426c"
x-amz-version-id
1YJ7Zqcoj.4TiPqrXEXtDh6vwa3okQYZ
x-amz-request-id
Z8M5HWG7YK98MRFT
content-length
19359
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/javascript
last-modified
Thu, 15 May 2025 05:53:11 GMT
server
nginx
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/55j0/ Frame 0C7B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/55j0/sw_iframe.html?origin=https%3A%2F%2Fwww.thevibes.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK4LNDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
sffe /
Resource Hash
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
123248
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1482
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Sun, 25 May 2025 00:36:22 GMT
expires
Mon, 25 May 2026 00:36:22 GMT
last-modified
Mon, 19 May 2025 09:28:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505220101/gpt
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
8c9c942cbc4b50a998e5204686305e5192f73e9a64425654ef4b8716015b8b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
10260624382802495031
age
71329
x-content-type-options
nosniff
expires
Sun, 01 Jun 2025 15:01:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 25 May 2025 15:01:40 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23619
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202505220101"
672572726785522
connect.facebook.net/signals/config/ 		27 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/672572726785522?v=2.9.203&r=stable&domain=www.thevibes.com&hme=36c7454c4b078660353e5d4c89e3eaca439a56e5c3ceaadddff6c79ae427835a&ex_m=74%2C128%2C113%2C117%2C65%2C6%2C106%2C73%2C19%2C101%2C93%2C55%2C58%2C183%2C204%2C211%2C207%2C208%2C210%2C32%2C107%2C57%2C81%2C209%2C178%2C181%2C205%2C206%2C191%2C140%2C45%2C196%2C193%2C194%2C37%2C152%2C18%2C54%2C200%2C199%2C142%2C21%2C44%2C2%2C47%2C69%2C70%2C71%2C75%2C97%2C20%2C17%2C100%2C96%2C95%2C114%2C56%2C116%2C42%2C115%2C33%2C98%2C43%2C90%2C29%2C179%2C182%2C149%2C14%2C15%2C16%2C8%2C9%2C28%2C25%2C26%2C61%2C66%2C68%2C79%2C105%2C108%2C30%2C80%2C12%2C10%2C84%2C52%2C24%2C110%2C109%2C111%2C102%2C13%2C23%2C4%2C41%2C78%2C22%2C161%2C136%2C77%2C1%2C99%2C60%2C88%2C36%2C31%2C86%2C87%2C92%2C40%2C7%2C94%2C85%2C48%2C35%2C38%2C0%2C72%2C118%2C91%2C5%2C51%2C50%2C89%2C248%2C176%2C126%2C164%2C157%2C3%2C39%2C67%2C46%2C112%2C49%2C83%2C64%2C63%2C34%2C103%2C62%2C59%2C53%2C82%2C76%2C27%2C104%2C11%2C119%2C214%2C213%2C215%2C220%2C221%2C222%2C218%2C202%2C141%2C174%2C201%2C203%2C250%2C177%2C129%2C168%2C154%2C138%2C247%2C123%2C145%2C130%2C198%2C120%2C159%2C137%2C192%2C122
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
775c7d000bd889f87e5337fa4061a39fb592124d2ac3f86256aa01d88c0315f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-Y7jZ9mKz' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-Y7jZ9mKz' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=93, rtx=0, c=83, mss=1232, tbw=101614, tp=96, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
TsSdEFB1YBWH3SA+4fLaoLixRz7bGV/zhFc/Rn0/JNYrTDc5Z83e7BMHkVBPIfGkOfDZmJzJ/l4Sh4qAnkGJNg==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-Y7jZ9mKz' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
content-length
3256
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1096309217918733&ev=PageView&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1748256629741&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748256629044.748145119604880725&ler=other&cdl=API_unavailable&it=1748256628913&coo=false&rqm=GET
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=27, mss=1232, tbw=9038, tp=20, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1096309217918733&ev=PageView&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1748256629741&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748256629044.748145119604880725&ler=other&cdl=API_unavailable&it=1748256628913&coo=false&rqm=FGET
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-G6vXvyYB' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508705047383618681&cpp=C3&cv=1023186384&st=1748256629908"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 26 May 2025 10:50:29 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
tVHFzfbpCZE4yKTVRftenMkmpQYz04KkLobYXDDOL1G1QjVYFqUuZbh1F1joOwJZC6sFtkz4NFK6x+oQDxTcIg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508705047383618681&cpp=C3&cv=1023186384&st=1748256629908", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-G6vXvyYB' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=27, mss=1232, tbw=9502, tp=27, tpl=0, uplat=223, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
945cb6321b893ea8
www.thevibes.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.49531912625918667:1748254471:-AfMy21I24beExGx0n4Zm_Oop-QZuhq5PW6uA5z-XoQ/ Frame 3400 		0
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thevibes.com/cdn-cgi/challenge-platform/h/g/jsd/r/0.49531912625918667:1748254471:-AfMy21I24beExGx0n4Zm_Oop-QZuhq5PW6uA5z-XoQ/945cb6321b893ea8
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPomcwXlCSFhT1AnZjvJCI8fv9jyGJbEy4VyG5qYaPKwU7p5ddvNETSvr7iQdMr7yUqX3FkxfrpnVDg0%2BCsWsxSITiNHX4yYZOZZeJIcI3g6LrzWyapMJZ0hTJkKBPgwMUfz"}],"group":"cf-nel","max_age":604800}
cf-ray
945cb6409c223ea8-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47613&min_rtt=43402&rtt_var=1073&sent=1812&recv=252&lost=393&retrans=394&sent_bytes=2090174&recv_bytes=39656&delivery_rate=97592903&cwnd=1634251&unsent_bytes=0&cid=e38440ebc24ef827&ts=2400&x=92"
content-length
0
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
prefs2
api.dable.io/plugin/services/thevibes.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/thevibes.com/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=_dbljson1&_=1748256629854
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
15.165.124.167 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-124-167.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c439bb09c457d34c64eddb746da7897ae42a9d213b4f5f19a4eb4b14404a1870
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
date
Mon, 26 May 2025 10:50:30 GMT
etag
W/"52a-Hc6+kJR5xaQBkdMCQwEsF25CKPc"
content-type
text/javascript; charset=utf-8
server
nginx
x-content-type-options
nosniff
prefs2
api.dable.io/plugin/services/thevibes.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/thevibes.com/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=_dbljson2&_=1748256629856
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
15.165.124.167 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-124-167.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ecbd5da8eabf8659175aaf9ebd18c3dff1a50a25f40a3d07ceb41dfaca14f741
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
date
Mon, 26 May 2025 10:50:30 GMT
etag
W/"52a-pWjFAEBuOYVjSdVjVc55cvQmJD8"
content-type
text/javascript; charset=utf-8
server
nginx
x-content-type-options
nosniff
prefs2
api.dable.io/plugin/services/thevibes.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/thevibes.com/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=_dbljson3&_=1748256629856
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
15.165.124.167 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-124-167.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b4e8bf858b23d25597c62ef6245f0381e6711299e07b7068226a4d99b00e91f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
date
Mon, 26 May 2025 10:50:30 GMT
etag
W/"52a-0zw7l7Vm5okRA3wZ3VRlRqgFGKM"
content-type
text/javascript; charset=utf-8
server
nginx
x-content-type-options
nosniff
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=672572726785522&ev=PageView&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1748256629868&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748256629044.748145119604880725&ler=other&cdl=API_unavailable&it=1748256628913&coo=false&rqm=GET
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=92, rtx=0, c=27, mss=1232, tbw=9342, tp=25, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 26 May 2025 10:50:29 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=672572726785522&ev=PageView&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&rl=https%3A%2F%2Fnews.google.com%2F&if=false&ts=1748256629868&sw=1600&sh=1200&v=2.9.203&r=stable&ec=0&o=4126&fbp=fb.1.1748256629044.748145119604880725&ler=other&cdl=API_unavailable&it=1748256628913&coo=false&rqm=FGET
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-okM8PFw0' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7508705051322030812&cpp=C3&cv=1023186384&st=1748256630021"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[],"aggregatable_values":{},"aggregatable_source_registration_time":"exclude","filters":{"3":["3757000064416983"]},"debug_reporting":true,"debug_key":"3818037800299719027"}
date
Mon, 26 May 2025 10:50:30 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
0BUAYs1TLSsT/4SFB87GjqHK0am3rjjad5snLGWc+4B70lwZ/QDL+cZ02puYm05HEtcxHWG/IiNfsqknHy6CnQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7508705051322030812&cpp=C3&cv=1023186384&st=1748256630021", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-okM8PFw0' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=95, rtx=0, c=29, mss=1232, tbw=12059, tp=32, tpl=0, uplat=244, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
get_counts
count-server.sharethis.com/v2.0/ 		227 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-129.syd62.r.cloudfront.net
Software
/
Resource Hash
6ba357818a3ec7bce7ce565eafa0c8d04ae003446b1e0906ff5b973e9d30e454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=60
etag
7ae61dab7fd42708967f7340b82a8485
via
1.1 7fe70ef74e6a71dc6fcd4b1b62861ffc.cloudfront.net (CloudFront)
apigw-requestid
LK_EQhatCYcEMoA=
x-cache
RefreshHit from cloudfront
content-length
227
x-amz-cf-id
V2_jfxxXq_datTYTj0acZUabZ_phXmmvVqPql41x2UMwajr591uPdQ==
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P2
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-109.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
etag
"c6e9be45643e197ce1db1d7e24a99adc"
age
2176270
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
301
x-amz-cf-id
jKmV2p965YYWc9TgAEPzvZcJscywRCsDNqVxdD-kwJGcmaWs9AMDqQ==
date
Thu, 01 May 2025 06:19:21 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-109.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
etag
"2deb3d5121d475d195577a70b0a91a0c"
age
187
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
368
x-amz-cf-id
-GJipVYxZsI1jn3MjHvmKNsgPi3heJ20X5oCy3BmwN8rm6LniGqjUA==
date
Mon, 26 May 2025 10:47:24 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
email.svg
platform-cdn.sharethis.com/img/ 		343 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-109.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
etag
"5977437466e857c7ddcadda6f6d88c2a"
age
2412414
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
343
x-amz-cf-id
AurrKwOD3WlUeRhKvB0uJ3ANFT6squYiWq1xQcKHflGiILCanb6AXw==
date
Mon, 28 Apr 2025 12:43:37 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-109.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
etag
"afe7fc60ed757db39a88d2950fce69c9"
age
2412417
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
832
x-amz-cf-id
aSFyx0BVzmmO0tmtatfS4Ewtg90PODMbAlIr-FyOQKqYhaLP_M7ScQ==
date
Mon, 28 Apr 2025 12:43:34 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
wechat.svg
platform-cdn.sharethis.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/wechat.svg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-109.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
cache-control
public, max-age=2592000
content-encoding
gzip
etag
W/"857e7ba5ca888da30b3fdb02c485cc30"
age
1335815
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1hCg8qV7LSFQy2le8dgDc4IMf3d3aUnyeuprIVdu62C18vRGQyecGQ==
date
Sat, 10 May 2025 23:46:56 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
print.svg
platform-cdn.sharethis.com/img/ 		384 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/print.svg
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-109.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30e817756a474c7f893057d069f7ed56e1fd4617d70fcf40ac5d58fae5890ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
etag
"f13e866e7f19263a292ab3997e01fb17"
age
754362
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
384
x-amz-cf-id
iMa8Lac4aXk9jG-py85DeAaxZNE5-Bu-O3rHVsPgF5lQSjz7gdO-nw==
date
Sat, 17 May 2025 17:17:48 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11011689517/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11011689517/?random=1748256630166&cv=11&fst=1748256630166&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2z8895783437za200zb895783437&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102938614~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11011689517&cx=c&gtm=45He55m0h2v895783437za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
f0aa75be8f83298a166cba92ec3ddd30195dac1c1ea06fe6af0cc44ecc6406ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2083
date
Mon, 26 May 2025 10:50:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
11011689517
td.doubleclick.net/td/rul/ Frame B25D 		13 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/11011689517?random=1748256630166&cv=11&fst=1748256630166&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2z8895783437za200zb895783437&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102938614~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11011689517&cx=c&gtm=45He55m0h2v895783437za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/ Frame 1CD6 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20250521/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age
78479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3856
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 25 May 2025 13:02:31 GMT
etag
7658452531946828944
expires
Sun, 08 Jun 2025 13:02:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DDBA 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7797085226338034&output=html&adk=1812271804&adf=3025194257&abgtt=11&lmt=1748256630&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.14172876740403959&aiapmi=0.16&aiact=0.5855296252670694&aicct=0.7&ailct=0.7203791955260113&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256629532&bpp=19&bdt=1711&idt=729&shv=r20250521&mjsv=m202505200101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=1193668898537&frm=20&pv=2&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95353387%2C95360609%2C95360812%2C95361468%2C95361620%2C95360956&oid=2&pvsid=4126522354488385&tmod=518960635&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fnews.google.com%2F&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=6&uci=a!6&fsb=1&dtd=751
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505200101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:30 GMT
expires
Mon, 26 May 2025 10:50:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
topics_api
psb.taboola.com/ 		65 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1334017/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
private, max-age=2592000
retry-after
0
x-timer
S1748256631.594765,VS0,VE0
observe-browsing-topics
?1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
65
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/html; charset=utf-8
x-served-by
cache-per12628-PER
server
Varnish
x-cache-hits
0
json
trc.taboola.com/1334017/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1334017/trc/3/json?tim=1748256630310&data=%7B%22id%22%3A938%2C%22ii%22%3A%22%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1748256630298%2C%22cv%22%3A%2220250525-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept%22%2C%22e%22%3A%22https%3A%2F%2Fnews.google.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dinmobi-thevibes-us-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1748256630309%2C%22ref%22%3A%22https%3A%2F%2Fnews.google.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1334017/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36b66dd8db66161f361529896a4fc7cefea23aa0ba57946d595c42fd6aa07f62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Mon, 26 May 2025 10:50:30 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12628-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
82456
x-timer
S1748256630.343982,VS0,VE106
x-vcl-time-ms
106
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.9115625
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
container.html
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 4F9C 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:29 GMT
expires
Mon, 26 May 2025 10:50:29 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 7BFE 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:29 GMT
expires
Mon, 26 May 2025 10:50:29 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 3856 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:29 GMT
expires
Mon, 26 May 2025 10:50:29 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 83D0 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:29 GMT
expires
Mon, 26 May 2025 10:50:29 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 446D 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505200101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:29 GMT
expires
Mon, 26 May 2025 10:50:29 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/ 		287 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10486115&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
01db9ced6d52c45c5488298b29e47ab54dc2b00090a178b00fbd0ba0e718f329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 26 May 2025 10:50:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 26 May 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
103642
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
583762f56389cd824e83e47b56bfbf67717cc0c4a2a0be4cbe1c1e78c4b01fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 26 May 2025 10:50:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 26 May 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
111757
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8P1ZP8TZGZ&gtm=45je55l1v883684280z8832408556za200zb832408556&_p=1748256628492&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cid=1795611137.1748256630&ecid=1620982341&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1748256630&sct=1&seg=0&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&dr=https%3A%2F%2Fnews.google.com%2F&dt=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&_tu=Cg&en=page_view&_fv=1&_ss=1&tfd=3081
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to
{"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thevibes.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:155:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
558 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8P1ZP8TZGZ&cid=1795611137.1748256630&gtm=45je55l1v883684280z8832408556za200zb832408556&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.189.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tl-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:124:0
report-to
{"group":"ascnsrsggc:124:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:124:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thevibes.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:124:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8P1ZP8TZGZ&gtm=45je55l1v883684280za200zb832408556&_p=1748256628492&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cid=1795611137.1748256630&ecid=1620982341&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEIAAAQ&sid=1748256630&sct=1&seg=0&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&dr=https%3A%2F%2Fnews.google.com%2F&dt=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&_s=2&tfd=3109
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to
{"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thevibes.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:155:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8P1ZP8TZGZ&gtm=45je55l1v883684280z8832408556za200zb832408556&_p=1748256628492&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cid=1795611137.1748256630&ecid=1620982341&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAAAAQ&_s=3&sid=1748256630&sct=1&seg=1&dl=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&dr=https%3A%2F%2Fnews.google.com%2F&dt=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&_tu=Kg&en=page_view&ep.type=entry&ep.channel=articles&epn.category_id=4&ep.category_slug=news&ep.category_title=Malaysia&_et=1&tfd=3110
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8P1ZP8TZGZ&cx=c&gtm=45He55l1v832408556za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:155:0
report-to
{"group":"ascnsrsggc:155:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:155:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thevibes.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:155:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.com.au/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8P1ZP8TZGZ&cid=1795611137.1748256630&gtm=45je55l1v883684280z8832408556za200zb832408556&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&z=1789754838
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 4F9C 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4F9C 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1691175211623869
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9d195d67851b544878aecdd57969dd63fb25b5a83bcebf4d7d0b246835143593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
8154341451412988750
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53289
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4F9C 		221 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
81102085050987160
age
1176
x-content-type-options
nosniff
expires
Mon, 26 May 2025 11:30:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:30:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 7BFE 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7BFE 		156 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1691175211623869
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9d195d67851b544878aecdd57969dd63fb25b5a83bcebf4d7d0b246835143593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
8154341451412988750
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53289
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7BFE 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
81102085050987160
age
1176
x-content-type-options
nosniff
expires
Mon, 26 May 2025 11:30:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:30:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
adview
securepubads.g.doubleclick.net/pagead/ Frame 3856 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmRzOdUc0aJGxItO2vcAPgJjqwASbhIOKcuS-mIi1EcCNtwEQASAAYKWAgICoAYIBF2NhLXB1Yi03Nzk3MDg1MjI2MzM4MDM0yAEJ4AIAqAMByAMCqgSnA0_Qgk0D1uc3uhEhV8iDId_3yfG_ss7pddFt7J29Z1nEPe28f1lynmWjDht6d_D6h9-Ia_Q3rIBTpnCnK14U970eMloUQCQRFjR2OHL6kQatlUhk17X-9TgMunZWCSbLgWnw7AOH0ZtEBtS_WQ1_Vqc_ndYAV5pOB-BgB7A67lOzv0Y9ygptlC6fjaAr5RXQjie3ZWWCe2CoA2ULA2JmY3PrsFwly6rVYdtKiNek79SD3ga1tO00GX-K4ooA3WE9j5CNNpsmUbuHDb0PHpTERwZAkHAl3gxGXik4-804UO3k_iT1eQm_931DG29IFhlUGK7N_Cd0Auk-OHvGKGm5Bz6_W22lXKNAW9JlMIh1_NKhFig0AoTJvOzBanXcyKLKSqmI735jxEfSP5aTQsHUDfrQPwI7NvLQ8KLdCU4jI6We-Aq348QeQccBpb2BG2GjcumPyH5xECuQitCVPa1ZCPPW8d-zIZCgHh-PKXp63ZzedqMbNY-_G5Pm6hm8_wRZ4162tmloGxQz255HPl6KJE43bGh2Uqoj4TQx5K1Kff2y7zBEW_bzgOAEAYAGjZmDkZ6-kdZyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJgiAYRABMgKKAjoNgECAwICAgICogAKgA0i9_cE6WP3yhLv7wI0DgAoB-gsCCAGADAGqDQJBVeINEwjht4W7-8CNAxVTWw8CHQCMGkjqDRMI64GGu_vAjQMVU1sPAh0AjBpI0BUBgBcBshdfChoSFHB1Yi03Nzk3MDg1MjI2MzM4MDM0GLfIehgMKj8vMjIzMzg4NzM0MDQvdmJzLTItYXJ0aWNsZS92YnMtMi1hcnRpY2xlLWluLWFydGljbGUtbGVhZGVyYm9hcmQ&sigh=0NCMl06ZQyM&uach_m=%5BUACH%5D&cid=CAQSTwDZpuyz4tQ9FAwpKWzZdsCwrWPDpeoaKFmgbmsDVsdwsSHYKVYBI4yDWiJxidHKfkmEhxNRHIWAYxbGCQGnS5YCKpljIeWefjj8Nz1f2fsYAQ
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers
win
trace-jp.mediago.io/ju/ Frame 3856 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trace-jp.mediago.io/ju/win?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=65767687857b9f7d67605c8a2d33cd9b&acid=31055&data=MnQk-FzQe16AVH3X72g1M6YgwwUAel2sO-CT1lnRKwcFcgBqGwTc3L6HVsdTEZx9f4Vt7Z2L229_RaRbfZliBiVvML7qcCbVrCrbqeCdDxeDWXqj_mvW1Bd3Jc9zbGcymjZTOnGaHJ1LAYhfR2FiJihi-7XgQOUZFMCDE2eXr8txtoQvDztFJwl1Sb__k5yww3dEiQxd9gqqgFxSArD7VXS8zdwNnjZY6IUKJCZ-LNCb-1eTQDkL4MQ54cGPm_8fm3YpsB8j8xlHdHfFw8jvQUHI1_mRc2XhPRhM8E2IsP1qdegXZUSIR1vqDqUZEAMi-AtwYL6kse4eaHsEeyInnhGdWes7h4rUEkWHTekw70Icnr_js0xXMJwUT7d-jZYnyWFaxWhMR3SvyHRZxAkICWOzfBAoSn4JVdkaALkvKNqqpJ6PRJLdKh-xB_-e_vdcXeS4XkomQh87zQWwW7UvfvoYacJOG1Ws0-_s5OTNE9dO6RZnAEfYfAKUl6NIW1Id2--64vQXR6ZPoy7P9U54bSllyVn6SLtEvki-YCkR7p8LSsIC0sCkFDJwtW3N3ifMKzizWEQktDRb_7f9d2iJEhb2u_IHQdpWxWkUoBmTrLdXOFOT8peSgrEhn3aC9ulLy7nR7LKDz1poW5qOLp9mYhEbcilBbAvw57E7adFznu-9F2ySZKLjxmqmh2SFg2eI2f-e_73ftrJzo1WIbM1He2npiONjh0I5J7w7YRb-_9U3zEmSDx1gCA96KxLKyVYD&uid=mid_80157106b2fe2ba095d91813f26cac9c&mguid=&ap=aDRHdQAImJECD1tTABqMAMsy5XOHjy0IgSOdSQ&tid=106
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/html; charset=utf-8
style_banner_4694d6.css
cdn.mediago.io/js/template/style/ Frame 3856 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_4694d6.css
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff7d551ed54260aba0ed4e3e988a5c8d7d6243035ff94e764104177cb4cb721c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-amz-version-id
NsDClA7K7SVjC7On9.YkOSAhF9qRwM6T
etag
"0ee4686328bda4320a35a1fbee57736d"
age
55763
via
1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
2999
x-amz-cf-id
UU4K0i-1h2xYfek9e5SwVWeFL0ds0nVxwUJ_ZNe5B_6yy-MDdnRHZg==
date
Sun, 25 May 2025 19:21:10 GMT
content-type
text/css
last-modified
Tue, 20 May 2025 07:19:41 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
abe473bec7bd3370f05e08b400eb5346__scv1__622x368.webp
images.mediago.io/ML/ Frame 3856 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.mediago.io/ML/abe473bec7bd3370f05e08b400eb5346__scv1__622x368.webp
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e48dd7f375a69cb91ba589523c0010f0c2771ce40d62aa72a6d8358451b29029

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=IWDnlA==, md5=q6EYj+Qn5nQd4s0rA//68w==
etag
"aba1188fe427e6741de2cd2b03fffaf3"
age
764
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7904
date
Mon, 26 May 2025 10:37:46 GMT
last-modified
Thu, 22 May 2025 09:35:41 GMT
content-type
image/webp
x-guploader-uploadid
AAO2Vwp4H4A67NLSmkFADa0hQQbo192Knc46JWPl1N37owSqUswV-allT5wAb2GFCJnStLdQ_LryeBjKoXInoQ
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1747906541566337
content-length
7904
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 3856 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
6020003950853699975
age
44735
x-content-type-options
nosniff
expires
Sun, 08 Jun 2025 22:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 25 May 2025 22:24:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 3856 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
cafe /
Resource Hash
760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
3000748235154339481
age
44737
x-content-type-options
nosniff
expires
Sun, 08 Jun 2025 22:24:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 25 May 2025 22:24:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8100
x-xss-protection
0
server
cafe
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 3856 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3856 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
81102085050987160
age
1176
x-content-type-options
nosniff
expires
Mon, 26 May 2025 11:30:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:30:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 83D0 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
978650.js
jsc.mgid.com/site/ Frame 83D0 		476 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/site/978650.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f44c9a67eef45405e87aae2fc8f54a4e75254abb0567a899e9ee4316b6c76b0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-robots-tag
noindex
access-control-expose-headers
X-cntry
content-encoding
gzip
cf-cache-status
HIT
etag
"6c90dd2e4a1ba84434f646829ef27383"
x-amz-version-id
WN.schuFFVTh8FsssaWU9HnHau8XE2.y
age
4269
expires
Mon, 26 May 2025 13:50:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 26 May 2025 10:50:30 GMT
content-type
text/javascript
last-modified
Tue, 13 May 2025 08:58:16 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
o9FL5GrnmR0ymZlfiTd7ak+60o91ppIMiZW6fuMGyTn2mY9by8BGvGC5iWEYZVX8rVXXOacSJQm+RlzCRFOzgA==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=10800
x-cntry
AU
x-amz-request-id
9TQCQ7N0V9HFTWTB
cf-ray
945cb6462e4f8655-PER
accept-ranges
bytes
access-control-allow-origin
*
content-length
129286
server
cloudflare
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 83D0 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
81102085050987160
age
1176
x-content-type-options
nosniff
expires
Mon, 26 May 2025 11:30:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:30:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
adview
securepubads.g.doubleclick.net/pagead/ Frame 446D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXvEydUc0aJKxItO2vcAPgJjqwASbhIOKcuS-mIi1EcCNtwEQASAAYKWAgICoAYIBF2NhLXB1Yi03Nzk3MDg1MjI2MzM4MDM0yAEJ4AIAqAMByAMCqgSbA0_Qj6YVSV8Upmz_R4BUQcKEgexTB3MWcShf89KRjeGfrL0fi1msTiWNEipupgfsu9eNij_sHxRUyLkHQK0b93yo2y6sHAM-m72ou9MqfuQssqtj1f_7UybCwfnk4lVdyLJu97mySx2a14ImQXS_zUWXLU2vhSmTSNIz2c6iEgmftu-1tHnK0sSz8Hj0tz5RqEieM6V9PfkMLjEFnpKIAtcCOer6kuBrO7B6SIwas6ix1a_aCGHFTSo45h9bV-Ufp4lN4R6xGRBoG8hSFDgSOxaghKfQ9Izuh-SadL4AHP9AWwntoX93gmXvMoPl-l1x4rRSl_wilDKaNAMD3qd9m9UQUGSjxdw9LxFAqgdEXsuSwJZklL17XFsDTelRqLRzCHtcoeFgECmcnA9tySap5ikTRX4beB8VoqjGRLPOZChBcf39lVY-Xpxfg4bCFGaU_Fg0czS4gpK1k8vJdiOkqdPQmxw0ZgFKx9vAG5xZbhGsX0YJX5RN9nAqsxfrXu_bhoR2sf5GAtftzGQneIXy3Jf_tI50qv6M2iNHmuAEAYAGjZmDkZ6-kdZyoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJgiAYRABMgKKAjoNgECAwICAgICogAKgA0i9_cE6WP3yhLv7wI0DgAoB-gsCCAGADAGqDQJBVeINEwjjt4W7-8CNAxVTWw8CHQCMGkjqDRMI7YGGu_vAjQMVU1sPAh0AjBpI0BUBgBcBshdSChoSFHB1Yi03Nzk3MDg1MjI2MzM4MDM0GLfIehgMKjIvMjIzMzg4NzM0MDQvdmJzLTItYXJ0aWNsZS92YnMtMi1hcnRpY2xlLWhhbGYtcGFnZQ&sigh=cdtPIJ6koFQ&uach_m=%5BUACH%5D&cid=CAQSTwDZpuyz4tQ9FAwpKWzZdsCwrWPDpeoaKFmgbmsDVsdwsSHYKVYBI4yDWiJxidHKfkmEhxNRHIWAYxbGCQGnS5YCKpljIeWefjj8Nz1f2fsYAQ
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers
win
trace-jp.mediago.io/ju/ Frame 446D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trace-jp.mediago.io/ju/win?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=2679f345ddcaa049628f0ec6ce1c0240&acid=31055&data=NRMCQxk0YOLqpnHxZtgxfs15f6TT2vR4i_vT52msBrYdspvTa_8ArO4rqtjpcHRRh3rV_rYNyDZ334qiykI0SVAh4GT3OaZTa3ZKHwp6-LcDkWelF4e9h3WYecsba-n0QfokzVSRztIb5Um72e1l9T2vj1_1EFUBZst8n8stBAmF5l3wlOEVfgSjYD32EK-LI4WzkQqQlwgqcBuA6jvW3qwt6WEtt0iJjW0YoWEj-cltJoOv5C_OWqN9yDLE3NWix5ySZJJA7GC89wB5XI71SgyBMnqtZiYaoGMuR9sYUfhsEQFkZxKMEeeIQMA-TYKcLGvU7O_64gISc6OjR9PAoAsQmg8Xu16693W7zg6epR5o4P3jg1cmO9YqxT_6HFEouePeicDCez-fy7Kl79vzAXEgviCuD1_n-JCAhGMNuiBeY0vustyNYMlsCTdUjv9vdzORsoPCiyMOdnHBCcqS1YPsCGb1_IbitOX8-VGgQy2pejU2vdvpJAs64zfRLevNUGvckrDXT7O_6XDHkp_qxSRURha_lgheTYrXug0HWISFE2l3aRmPmjKmhS-hHZLM-D7OsSpX0SD7XLEice5xaV7iglCC0I8g0YtlFzEqoDkaLf_FKULAYGNEh8zb6ErkihX2_51B_J8wmqP_WktgkouTH12wIejrL2wqDE4s2wHwZvsF6yRDgjWW_1b-quTjuXwRA0HYhXKZovxTEBiFzja4SVAg4x4aEaXRRXPOArd6-mh6OXafmShEMwER3gle&uid=mid_80157106b2fe2ba095d91813f26cac9c&mguid=&ap=aDRHdQAImJICD1tTABqMACFl_LohH9Vt25eHng&tid=107
Requested by
Host: news.google.com
URL: https://news.google.com/rss/articles/CBMizgFBVV95cUxQQmxXcW1oM3JVbmV4R3I1WjVLNGo2M1hkcjM3MFNXeXhzN2hSVDhiZXAtcGZQWGVCb05saFVna0N1Z3VQRWEwSUtIeXNFTlVVY1owQS1pRmpkeGxRZU5GQ2gzQUdJU2tMOWVhOHVnNHlZWWtwZEZXQko4SWVqaGNRTFZ3UExqSVE1Nk9MOHRMY1NCQzRBT1VQQUZRVFYyemNlX1dYUldrQmdMaTJlZ0NqR2JLUUVNUFVFbzR4T3hEejQtaVVPRnU0M2NzZHA0QQ?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/html; charset=utf-8
style_banner_35c9d8.css
cdn.mediago.io/js/template/style/ Frame 446D 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_35c9d8.css
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef40900f32839bca922e105737a318455bf28da787dd68e854a54298485036d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-amz-version-id
r.hdwPf0SG2Og6s5W6sh3lR8AiGmX4nG
etag
"911b0ee72701cbf4edcf8137bc83816a"
age
31144
via
1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
1864
x-amz-cf-id
60C0yZWBYoF6ejFSi09tr8U9ypBJCvutY3escoD6x0GhcKiEqNcDrw==
date
Mon, 26 May 2025 02:11:27 GMT
content-type
text/css
last-modified
Tue, 20 May 2025 07:19:41 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
abe473bec7bd3370f05e08b400eb5346__scv1__622x368.webp
images.mediago.io/ML/ Frame 446D 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.mediago.io/ML/abe473bec7bd3370f05e08b400eb5346__scv1__622x368.webp
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.60.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e48dd7f375a69cb91ba589523c0010f0c2771ce40d62aa72a6d8358451b29029

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
x-goog-hash
crc32c=IWDnlA==, md5=q6EYj+Qn5nQd4s0rA//68w==
etag
"aba1188fe427e6741de2cd2b03fffaf3"
age
764
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7904
date
Mon, 26 May 2025 10:37:46 GMT
last-modified
Thu, 22 May 2025 09:35:41 GMT
content-type
image/webp
x-guploader-uploadid
AAO2Vwp4H4A67NLSmkFADa0hQQbo192Knc46JWPl1N37owSqUswV-allT5wAb2GFCJnStLdQ_LryeBjKoXInoQ
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1747906541566337
content-length
7904
server
UploadServer
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 446D 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
6020003950853699975
age
44735
x-content-type-options
nosniff
expires
Sun, 08 Jun 2025 22:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 25 May 2025 22:24:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/ Frame 446D 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250521/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
cafe /
Resource Hash
760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
3000748235154339481
age
44737
x-content-type-options
nosniff
expires
Sun, 08 Jun 2025 22:24:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 25 May 2025 22:24:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8100
x-xss-protection
0
server
cafe
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 446D 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 446D 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
81102085050987160
age
1176
x-content-type-options
nosniff
expires
Mon, 26 May 2025 11:30:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 10:30:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69707
x-xss-protection
0
server
cafe
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1334017/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
3408
x-cache
HIT
date
Mon, 26 May 2025 10:50:30 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-per12628-PER
x-cache-hits
6701
content-type
application/javascript
x-amz-id-2
cIOLfk4Ypo1NWyOnkEkWijq0l9d+g4W+fTBrW8uNjEBFEYEeHKG8OUQfxXoObNnmMq5ZlqyiY6E=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1748256631.666679,VS0,VE0
via
1.1 varnish
x-amz-request-id
20Y3ADR4BP1Q79SH
accept-ranges
bytes
access-control-allow-origin
*
abp
76
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1334017/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
etag
"2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age
1455
x-cache
HIT
date
Mon, 26 May 2025 10:50:30 GMT
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
x-served-by
cache-per12628-PER
x-cache-hits
3139
content-type
application/javascript
x-amz-id-2
S5CwaronJelQAjEEGZI/aI6QMG4/1DPrZWXC5XIHSgn6MG8msEz8Bf/cjrY1IXWUDofgvUsWQyc=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1748256631.667226,VS0,VE0
via
1.1 varnish
x-amz-request-id
RVQQR97S4P4G4WTA
accept-ranges
bytes
access-control-allow-origin
*
abp
13
content-length
6467
server
AmazonS3
x-amz-server-side-encryption
AES256
/
www.google.com/pagead/1p-user-list/11011689517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11011689517/?random=1748256630166&cv=11&fst=1748253600000&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2z8895783437za200zb895783437&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102938614~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyz8AQDJn7qD99hXfpOkiMtj6n8QaSjHNfzEW13K2ZegE1wwGK5&random=1197104279&rmt_tld=0&ipr=y
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s38-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.au/pagead/1p-user-list/11011689517/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/11011689517/?random=1748256630166&cv=11&fst=1748253600000&bg=ffffff&guid=ON&async=1&gtm=45be55m0h2z8895783437za200zb895783437&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~102938614~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Cg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyz8AQDJn7qD99hXfpOkiMtj6n8QaSjHNfzEW13K2ZegE1wwGK5&random=1197104279&rmt_tld=1&ipr=y
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
pips.taboola.com/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-store
retry-after
0
access-control-allow-methods
GET
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.thevibes.com
x-cache
HIT
content-length
4
date
Mon, 26 May 2025 10:50:30 GMT
x-served-by
cache-per12628-PER
server
Varnish
x-cache-hits
0
view
r-log.dable.io/s/thevibes.com/u/93461531.1748256630623/ 		56 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r-log.dable.io/s/thevibes.com/u/93461531.1748256630623/view?url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&lang=en-US&items%5B0%5D%5Bid%5D=108682&items%5B0%5D%5Bc1%5D=Malaysia&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&cid=93461531.1748256630623&gdpr=0&z=832414&callback=_dbljson4&_=1748256630752
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.78.242.194 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-242-194.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ff5121c6e13f2ddad8969c60aa94635a23efeacf1f0b06dc8a9209cf82e313d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/javascript; charset=utf-8
server
nginx
x-content-type-options
nosniff
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5DF4 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=99470
content-encoding
gzip
content-length
6694
content-type
text/html
date
Mon, 26 May 2025 10:50:31 GMT
expires
Tue, 27 May 2025 14:28:21 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
1x1.gif
images.dable.io/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://images.dable.io/1x1.gif?google_gid=CAESEIM-BHsXoQfoyahnNMlG2hc&google_cver=1
42 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/1x1.gif?google_gid=CAESEIM-BHsXoQfoyahnNMlG2hc&google_cver=1
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Server
184.84.165.123 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-84-165-123.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

access-control-max-age
86400
etag
"d89746888da2d9510b64a9f031eaecd5"
x-amz-version-id
oKJFwmZ_5JYp0vaYHyM0FpQvWVQZV1l2
access-control-allow-methods
GET,POST
date
Mon, 26 May 2025 10:50:31 GMT
content-type
image/gif
last-modified
Wed, 26 Jul 2023 06:47:12 GMT
x-amz-id-2
eg8P28zm1iM3oR2LC2PxH3wy70asuIGbgyxOcPyF3ykk7glIxVcsM8ybgrQk3EfQ4fzGEYEyCnY=
access-control-allow-headers
*
access-control-allow-credentials
false
x-amz-request-id
A4B8Q8BFV4612CWY
accept-ranges
bytes
access-control-allow-origin
*
content-length
42
server
nginx
x-amz-server-side-encryption
AES256

Redirect headers

cache-control
no-cache, must-revalidate
location
https://images.dable.io/1x1.gif?google_gid=CAESEIM-BHsXoQfoyahnNMlG2hc&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
285
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm-exchange.toast.com/ 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=93461531.1748256630623&toast_push
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.210.70.11 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
cs
cs.gssprt.jp/yie/ld/ 		43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=dable&uid=93461531.1748256630623
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.151 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 26 May 2025 10:50:31 GMT
content-type
image/gif
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=93461531.1748256630623
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220250526%22,%22u%22:%2293461531.1748256630623%22%7D%7D
0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220250526%22,%22u%22:%2293461531.1748256630623%22%7D%7D
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Server
211.183.210.1 , Korea, Republic Of, ASN152199 (KAKAOCORP-AS-KR Kakao Corp, KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/plain;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220250526%22,%22u%22:%2293461531.1748256630623%22%7D%7D
pragma
no-cache
expires
0
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
/
dable-api.scupio.com/dable/v1/exc/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dable-api.scupio.com/dable/v1/exc/?did=93461531.1748256630623
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.17 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-17.hinet-ip.hinet.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
p3p
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=563&code=93461531.1748256630623
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D563%26code%3D93461531.1748256630623
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D563%26code%3D93461531.1748256630623
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.244; 103.108.231.244; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
36f2d521-eb56-4e85-8c07-c7af598ae1ae
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D563%26code%3D93461531.1748256630623
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
103.108.231.244; 103.108.231.244; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
d6301360-3f00-487a-accf-0a08cb878c0e
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=30b8fc01-1bce-42b1-bd7f-d6816fa60f3c-tuctf2dccf6&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

access-control-allow-origin
*
cache-control
no-store
date
Mon, 26 May 2025 10:50:31 GMT
server
nginx
lazysizes.min.js
static.dable.io/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/lazysizes.min.js
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/bundles/plugin-BBCUYWKP.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.11 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

x-amz-id-2
GTCwd2TMvHK3BfVr7eiFKB+CfENdpqWxnvWU8AlUVWcFwvgy+ndnLYCFGw4Ph0bOzWsoih5WWN0=
content-encoding
br
etag
W/"45bacd312d5098b4b59f563d8756c15d"
x-amz-version-id
oQjE9Cgu.fDP9JoPsarsDPwE_iWbT35Q
x-amz-request-id
CRNGATJTCCZ4S5Z3
content-length
3150
date
Mon, 26 May 2025 10:50:30 GMT
content-type
application/javascript
last-modified
Tue, 11 Oct 2022 08:24:14 GMT
server
nginx
x-amz-server-side-encryption
AES256
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/471685104/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471685104/?random=1748256630997&cv=11&fst=1748256630997&bg=ffffff&guid=ON&async=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Kg&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
3ea1dd735752ee1e45219b2bb506a935ec4d6047d309ac5a85ead9d533ebad7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2087
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
471685104
td.doubleclick.net/td/rul/ Frame 74C2 		13 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/471685104?random=1748256630997&cv=11&fst=1748256630997&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Kg
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/471685104/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/471685104/?random=1748256631036&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
3e73d286548736e21b42b647b9fb69944f17b362777034a3fdb2a3613ecf102b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2541
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
471685104
td.doubleclick.net/td/rul/ Frame 6089 		13 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/471685104?random=1748256631036&cv=11&fst=1748256631036&fmt=3&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/471685104/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/471685104/?random=1748256631045&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
29406eb520d5bda9152d79ccbd9b3e79ea77121068bdf92421b26b3cca6ee2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2549
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
471685104
td.doubleclick.net/td/rul/ Frame 36C4 		13 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/471685104?random=1748256631045&cv=11&fst=1748256631045&fmt=3&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-471685104&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;dc_pre=CL-k-Lv7wI0DFSeV6QUdmucMPQ;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0...
ad.doubleclick.net/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=Kl...
  • https://ad.doubleclick.net/activity;dc_pre=CL-k-Lv7wI0DFSeV6QUdmucMPQ;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
42 B
67 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/activity;dc_pre=CL-k-Lv7wI0DFSeV6QUdmucMPQ;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Server
74.125.203.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Mon, 26 May 2025 10:50:31 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"13891109442317001005"}],"aggregatable_trigger_data":[{"filters":[{"14":["10544191"]}],"key_piece":"0x8132ad69c74af0fc","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x3b58407346234ca0","not_filters":{"14":["10544191"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"7799107485197480209","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13891109442317001005","filters":[{"14":["10544191"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13891109442317001005","filters":[{"14":["10544191"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13891109442317001005","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13891109442317001005","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10486115"]}}
content-type
image/png
x-xss-protection
0
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/activity;dc_pre=CL-k-Lv7wI0DFSeV6QUdmucMPQ;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
10486115.fls.doubleclick.net/ Frame 413E
Redirect Chain
  • https://10486115.fls.doubleclick.net/activityi;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
  • https://10486115.fls.doubleclick.net/activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;u...
929 B
699 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10486115.fls.doubleclick.net/activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10486115&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f149.1e100.net
Software
cafe /
Resource Hash
a27214aa8b0e52d8d7c8551660b19f474a479a721582d40d7813d0ebb15a38a7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
496
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Mon, 26 May 2025 10:50:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10486115.fls.doubleclick.net/activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v91...
td.doubleclick.net/td/fls/rul/ Frame 29E9 		13 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10486115&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;dc_pre=CPuf-Lv7wI0DFYWD6QUdOJUJqQ;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm...
ad.doubleclick.net/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=...
  • https://ad.doubleclick.net/activity;dc_pre=CPuf-Lv7wI0DFYWD6QUdOJUJqQ;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
42 B
67 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/activity;dc_pre=CPuf-Lv7wI0DFYWD6QUdOJUJqQ;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Server
74.125.203.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Mon, 26 May 2025 10:50:31 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"11667104858210852210"}],"aggregatable_trigger_data":[{"filters":[{"14":["10670536"]}],"key_piece":"0x4a756c2e5dced9ef","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xf5196619944309ef","not_filters":{"14":["10670536"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"7799107485197480209","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11667104858210852210","filters":[{"14":["10670536"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11667104858210852210","filters":[{"14":["10670536"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11667104858210852210","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11667104858210852210","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10486115"]}}
content-type
image/png
x-xss-protection
0
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/activity;dc_pre=CPuf-Lv7wI0DFYWD6QUdOJUJqQ;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;fr...
10486115.fls.doubleclick.net/ Frame E512
Redirect Chain
  • https://10486115.fls.doubleclick.net/activityi;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
  • https://10486115.fls.doubleclick.net/activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0...
931 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10486115.fls.doubleclick.net/activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10486115&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f149.1e100.net
Software
cafe /
Resource Hash
2fa4e6164cd1f78a4458f166f0b9fbbaae00e28992120e913c3b914cb07a6f7c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
497
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Mon, 26 May 2025 10:50:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10486115.fls.doubleclick.net/activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v...
td.doubleclick.net/td/fls/rul/ Frame C118 		13 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10486115&cx=c&gtm=45je55l1v883684280za200zb832408556&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~103289853~104481633~104481635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
t.dhj
t.sharethis.com/1/k/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=www.thevibes.com&rnd=1748256631126
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.10.234 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-10-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
349db170aeaeb22e88087882b1892db3fc3d8afd1fbeb9358432f8ddef4819a5
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Mon, 26 May 2025 11:50:31 GMT
Content-Length
1059
Date
Mon, 26 May 2025 10:50:31 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
panorama.js
platform-api.sharethis.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-53.syd62.r.cloudfront.net
Software
/
Resource Hash
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"9a71-196932b9488"
age
2658
via
1.1 a97b28e298ec5907aa1d86d22bc232a0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
lkRHI6MoTGQxDu9bS2_8rPuzguv98fBWCudULMU_Wbt1PB9YQ4XKug==
date
Mon, 26 May 2025 10:06:13 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 02 May 2025 22:43:49 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
gtr
edgecdnplus.com/ 		53 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edgecdnplus.com/gtr?sid=125949&ui=03nuvhbxzcm3&aid=102154&u=https%3A//www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&et=1&ti=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&touchpoints=0&sh=1200&sw=1600&sc=24&wsh=1200&wsw=1600&p=&l=en-AU&c=Linux%20x86_64&w3=0&ethe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=480&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=https%3A//news.google.com/&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=2114&dm=www.thevibes.com&v=0.6234573002274605
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.57.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e8c351dc46613346183c7cde5b7a1dbc14b305a24e62d019970dd1702189db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIqbxRGtyWDQczVWxEvWgk7jYR73MGEAIEuR%2Bw1uq3dnccCb%2FvLMY%2BKv6OeDN%2BcNfoyViibG75IPiasUBouVlyMdAXxFMgo36N14On4IwJTrMiBV8nzI3mygE6xfv2BW%2BH0%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Jul 2001 06:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48693&min_rtt=47160&rtt_var=4984&sent=10&recv=12&lost=0&retrans=0&sent_bytes=3656&recv_bytes=5130&delivery_rate=593744&cwnd=15628&unsent_bytes=0&cid=ada077456f24304c&ts=1318&x=92"
p3p
CP="CAO PSA OUR"
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
last-modified
Mon, 26 May 2025 10:50:32 GMT
vary
User-Agent
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
cf-ray
945cb64b3c953ea8-PER
access-control-allow-origin
*
server
cloudflare
cookieSync.html
cdn.mediago.io/js/ Frame A1C5 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3af917191d70ad8ec8a93ce68e0c4ab83822f1ba3b74a01195c13635117f2bb

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
48144
content-length
8025
content-type
text/html
date
Sun, 25 May 2025 21:28:07 GMT
etag
"9e10fed51e796b72858e72d646c62718"
last-modified
Mon, 15 Jul 2024 09:28:44 GMT
server
AmazonS3
vary
Origin
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
x-amz-cf-id
fPXUV2X8T5bOvDyR-58Bp2VVl-R_rb2pmMmXnBpbVhAGZs6uNBqcVg==
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
3B0TCl6IhHvjuEABMoYyoCo6nP.VC5cL
x-cache
Hit from cloudfront
ic
trace-jp.mediago.io/ju/ Frame 3856 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-jp.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=65767687857b9f7d67605c8a2d33cd9b&acid=31055&data=i3B2d1L-SOrn3B48WV9El4xAQHgCj1eG8jyuCQh9-hxVpV5TwuVkkaB0AzklimWHoWFysX3sa-lUvwV-xBQ9OsKYQwHxYC09JIC1gOVdJQJjPWhuuZA3Ktfl1XiXm1xNCfli7eh0jHIdx6JoNjFY2SrhBfSB-ProMpNW7FV2ZZ0BGL_0TbWGh3ICNSPZ5Vew-RM4R2ZSgh8JFB7viYvM0jMeiSyapcaGwMjsfPqiQHaA94qTHYQdKPGgI05fZdHKHPwclhS8Uo_X7FOWVVo5Pv9TEzHvLA0UrteCRoXPIzd-hTJxemOIMJNQsLoA3bDBP_cLkj-04Er2afQSn5y-uOVmxLmGSizabFIzIistpx8X8i33hQTUa605p0N6u77hVlGvH9HS2YDePmJKZuZi8YXAKCsXW4kh_KLm3KrexBzKN9uSMsSc2Zp1D94azouuxfbm-Jvr9lexgDRhm-LJg8-esprR4Ee9Zkxi7DIdX5JU-7ibwNwc7idYDDk2v4Zo5rtA1rDlGDZihEe4WnOPdCAVWxM66FqZsp1IMdbVogtkzPKz9WWROcSZJRfDGrebQrYe6GwkDMkcP5PWWeJzQHLsoGj_iIlmTMB77dx2_9y6A5fJtD8nBhKYQoQPZANUuBHDb02mxYuYeHig0ZvVFfiXwpr11vxNsbqm7W4_1f0sJ6k1Xlv6PilQQZttC0tvXp6sXWcW3_unbuvV6SAWFLx6PjqH9lNk6a8Q0oU8MPHyTZNrfJOGeIddpHtnkfB0g2-wjm7NDbfkHkYMh5Dwg8y2L6tPZKy7Nn4OsoUBqRYDrB3LobtkUhs0dDke1qJMRgspQVJTFPQP0opBVT2UGNkpKBErNK3w-MY5Dw7pp3KE5AT9Q-LumTx1GZ5MzpcDvxIto3GK9JWn4KAO54oLyTykZeVcmsKd31zJr4PqXTzG0g9cAbx6A-os7K3IRT14Vc9y_OfNYCpdo5V1oV7m6Uetjvq8C4bR95p5eENdTwo3Y0IqXt24UShnSq9Dbvb4iqxztmepJhpl1jnrkgoY7j40RdYFTrg5QGdvTWvgYL2YAt2YkbciUm30_HAoL06kGfkMzUVmwiQ-hO0QrIwFSslbOU8eBqJph3ARkVnRcojE0OY4d3-IkXxXf7llV2QTUAkAYDIO2QA0izN6_5eiQfoyL3DF0YNsF878XVf6GoguAS1P4kAzizcbRAgasCVBNY5vPow-ZYRiXRJ1p5oZDgotSU3b-y6M8CGDXTjqtImc4WUjFFpjmFNNzu3hbQpaO5--xMivYherGhFWmphg9PLmG3GJ28A62L7z1wjuQXmdQjJuor9GyYTjbMGZPaiN5-BGoHr9KLjPncdLF5U0xMZuZQXC-A_x4-iw1MhR_-c&uid=mid_80157106b2fe2ba095d91813f26cac9c&mguid=&ap={AUCTION_PRICE}&tid=106&c_sync=1
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/html; charset=utf-8
cookieSync.html
cdn.mediago.io/js/ Frame 1F6B 		8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-102.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3af917191d70ad8ec8a93ce68e0c4ab83822f1ba3b74a01195c13635117f2bb

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
48144
content-length
8025
content-type
text/html
date
Sun, 25 May 2025 21:28:07 GMT
etag
"9e10fed51e796b72858e72d646c62718"
last-modified
Mon, 15 Jul 2024 09:28:44 GMT
server
AmazonS3
vary
Origin
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
x-amz-cf-id
fPXUV2X8T5bOvDyR-58Bp2VVl-R_rb2pmMmXnBpbVhAGZs6uNBqcVg==
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
3B0TCl6IhHvjuEABMoYyoCo6nP.VC5cL
x-cache
Hit from cloudfront
ic
trace-jp.mediago.io/ju/ Frame 446D 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-jp.mediago.io/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=2679f345ddcaa049628f0ec6ce1c0240&acid=31055&data=QzAiPj4kQpYcaMrc37QWGsE2mw8iGTr3gXXMmmHo7eaboYocfHqMNxAzGoKxCtljGPcfG_iBJR7EjItk_-yO0imwPOqlY3aNxinoyeZtMH_Cx6yPMIfFWqJIX2ar6xahtONFFEG24grIljfbudgaER1buZAiPqWdXok9TOMAGGcNqw6-A5fdTx0SOUpWkjctbmZ2yYpkTJHHd8D5mzM3dN2ih5Cl5ABg2QWTBSu81pjlZmDp2RgA4xEEAU7dOXlxG-dR-fLKu2gTLHEl4FomvqMSwa6xMdQo-uGD5G7Uc3phLXkvuWkfw6efaZs5vaZPhtb8LD58I_tkTGcE6dhhuyF8dRamOyT_GAJwbijvPWTAXmeIn-ZmP8cyrSri3iVafLNd3wDyByuFXbPdRrEXZ3Bg3o_IRENR_DUkg-odAU2pdRca-MrMb9SWaD_Jy31IxGjvsWGNhOMsqdu8reR2_mk0mJIdfQkSbXYPjBMHf-uuBtJkpIAR3xWWOcVyz2IkExkS0ynw61Hz1c8yrpt7FMSdf6xBSKrdvjJTYe0XHoczBPzLAZixEJDLQdlndTt4-f73WiipFoAorx3wFZ2YdPJybN1dGc-jDHIcgMtWKfXJdQXJbYz8vzF7x7kPxzNAT5ImG904emdvmaSjKeBDoH1HxEZK4uuRkbtAx-a02QkzpWhTm85xb5ZxCZzXeDKiTG3DG58EZpl_in6JUAr_8zfYXmyS7m4fUVxosO-OxX1ZcEqaTCe_yxaekydIgtzkCziHP5nj8FuEbYnPwaYAwM3iqGjgZUjwp5aHWk8MSrNWkDPE4qhFehM_R9p7YSwPcWhG0_Ku0KJf7xYyRnNPH88dyae8h6FuK9gfOu35ywJvlkT7Xunrbm_1XG8Tc8_72rCQORGACfDfRgcURJSp0tFXLfH6asQ4bYwoR0alLopThPsNDduuAdMDYeXbwkB3S5kMjGgcqJtuNk1bY9BqObDGSYw_mRd1m1q1UGrW1qHSa4kdQTujVuGMUW6x3Y0RJWs5vsYd9nVY8RMWdpF6U2lLkhrq3IZA1seYK3-BZb0715Iqmf6VnGZXMdRpHAvIr2TgIjzVqwfNmXq8tngqrYcnmX7-XOpUp0I_z9gHGTe3_XoKyv8R9a_oFcKJRlKFknv4iMmCN5sL66-sMctloLPVga-1z5Hzh0wEL4FRaG3mfVdBb6fL5bpb0MiBqJ408vBozVROwRw9sUBD1sSUf7BykpCAuZt58ZrE6RS5-QvgrAl7ZA4eG2p59XyxMaOzcX1H0tMjzsl7GWHzh-26XTw8Eyj2n_f_k8e0xs_8qME68qg65AVqaAFQ8ljb_r44f56kRrTHse6oFRCYyTXM8DeBrYXossFEL44obk8Lkmc&uid=mid_80157106b2fe2ba095d91813f26cac9c&mguid=&ap={AUCTION_PRICE}&tid=107&c_sync=1
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/html; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 5DF4 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81863345&p=164250&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
61ab21db484b5644a8a68bf8e059ade7c2ac205e82147193ca90fae87c09a88a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 26 May 2025 10:50:31 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
map
bcp.crwdcntrl.net/6/ 		235 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.144.146 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-144-146.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a03b9e32540f4259fed2d7419409b1135c2baf2f577ddb27ce30871447a365cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thevibes.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.thevibes.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Mon, 26 May 2025 10:50:31 GMT
content-type
application/json;charset=utf-8
/
www.google.com/pagead/1p-user-list/471685104/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/471685104/?random=1748256630997&cv=11&fst=1748253600000&bg=ffffff&guid=ON&async=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Kg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzzq_JqiqpWVq8_hezAt6V6-5dH1lixZ1OoMbD9jPPlPH6rqXG&random=3668382403&rmt_tld=0&ipr=y
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s38-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.au/pagead/1p-user-list/471685104/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/471685104/?random=1748256630997&cv=11&fst=1748253600000&bg=ffffff&guid=ON&async=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&_tu=Kg&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzzq_JqiqpWVq8_hezAt6V6-5dH1lixZ1OoMbD9jPPlPH6rqXG&random=3668382403&rmt_tld=1&ipr=y
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCg0-DWnvYAxKtYoza6wmslPpR_yaJndWgYi8gSAvp7dFnq42Hjn3KQdbWnA7l-HfxWZCw1yVap-IY--vgVYS9eq7yNFevLCfQ6ITAt4u9qtvrBTlfXGrwaH8-nBMjnVBXFOH4twjh2fCisuGz08ZDdOCO1eFa4I1fbowYvJYjIvRIJPflAgxwVUSwq9KrvOZUJv4oeGU45p1hGRqYtZgqSP_XYuLlhqMlJGK2tTesPxJqH7DFXXKmzIWL6qv76M2MCZkC_GMOzUt9-qn7Qt6zTocJbf_6z8u8E20boHqktJWKxGlSw7fjBc2KwieEd-nxPy4k_RQJNEgr2ImKuxEnoJookWjch3_n4Z0xlgV2t4bjT9ElcOO6tR4CSOo5wWCbKyZk5UDWhXcb-4vIVPeXQGIUkXkFU6DearyTFNdB5adL5prq28A&sai=AMfl-YRAeuDNLKVFf9l0RnN4qm7C1KWMI5ROVDQ644y7JQWxhr1YY-1ODNs4rUTAh2NIdCoQwdm13-gOTDwkwxXTOWu96YX6kE5hsKHf0Z247susMI11xTCN8uzP4PxnYWhTmbiB24wr2e7i9FbhHvh94g&sig=Cg0ArKJSzERcHTDbnLa9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3856 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3856 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 3856 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae80d32eefc89fed51da8dd04a4cad53ed9b4b31b70db111c75624bf33b996bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 446D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 446D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 446D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a34ed56606880c6c8657839aa94c8d0c19bed8ad42910c952f378b37d8727e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 83D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzr8BnoyPkixGrSzuSjVXskMhFk2SrgrsykIJioz8Xq9IzPowOqaeEnzPHx0R_GCVHO5hk2IJ_sPMJoclB3VMrishgCyLAQbp1HId4Vxb8-a7zoylMTbiRCx_7cAA14a9FyiC38Dp2WQ0t47SW7R_tPIPFdfaUesgRtAoeXYRDIc-_FY7sLwHw40hceX8nMXqQdoJtOUeRTLl797O03P8CURgc_xF5Puhjbr4aDTv_f06TVfqmJAi_Lt1vCfRcNVNr0CMPDSVCUKdeewCE0jQHlUP9xV5aWHAk2eI97tBYUmTygZDcwl2jFby8EXmJxqAJXol6ui_v0iF8IOBUyOBs-r20F1qXurg-RddOXa1EKXGyK-kECcCD4f6mABKfsaPWaWmXhLX_-LW4gBI5ArnNWOSurRO0ou3SKOLZuY1YuXUvKDA&sai=AMfl-YSFKi5VLXa5KXjiBWlhlsQYu6X3MhMN3GZ9P4fHBuV8lDGsbH-i6SfrkqJqJ859vLGvcEoXU-Ahertk5DcBaMExKa5Unf2Lvnjs7iqGMRjoMeTOi0NGohkhyHiQqBFknvqqfIZsDTamr_Oh-SuROw&sig=Cg0ArKJSzBo1jIUBJYgAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaKSjWbc4fnJF6bklENmwdU1rzU69d-G76lnzM96Xx0pUoteHy4_V1xAFJrwKNup0t-LPK2mnOGm37fqXNJwap-eDumFtT8UQDYx_HxsMkAa2dYa3nziA4otuqVAPTNa90sylGobsrJpTK8eQAlCicu2rlD0xUQKFcLi3oCDjd72M_48qT8xaNmlslvxLIU5liONwv8NVikob1x2qjzbQyWzoMHmel9Uekev1OwQ0YHzFwYy0R1lwERo7C94t9ZQiWIwgkJ3Swg5uoloqdCuTexNJM81d5Py32kz0AKlWCRwDcwX7UAc1Ih0V1xAvKVN5YdHxvqx2KQrTDpizbkzBdptEz1-tK-KXnZmiZ1q_LcmkFkw2tljdUftCb1WijVY_hsQ_RwnqrLdZrUoccQDonylXvSqafIl9pAJRyeETxPGHzu-PskumFZw&sai=AMfl-YRcibJ3Bu9FDOc2gJafIUWfL9tTkQQPOMGiM4lK89x6CGjk9bHxFAZExfxgYZX8OJF-7eXTW8nuzTFwhoNXOWTj7SmO3g5b5-_vBiXAECUp4C8Yan1CjTAi1zuDP-_Gtky5RvoQhh2vsBizTTOupQ&sig=Cg0ArKJSzF-t4L99a7R4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/ Frame 4F9C 		461 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1691175211623869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
b1667ed05ff4f890b008a81ba0cafcbb404fe7b229e3785b316babae0b789ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
442049718677895922
age
49147
x-content-type-options
nosniff
expires
Sun, 08 Jun 2025 21:11:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 25 May 2025 21:11:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
158483
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3856 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 446D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad9bc82c-efc4-42f5-b9d6-4a271a3837da
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/ Frame 83D0 		0
0
49fdccc5-6e16-4b69-8e02-eb9884fea24a
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/ Frame 83D0 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/ Frame 7BFE 		461 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1691175211623869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
b1667ed05ff4f890b008a81ba0cafcbb404fe7b229e3785b316babae0b789ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
442049718677895922
age
49147
x-content-type-options
nosniff
expires
Sun, 08 Jun 2025 21:11:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 25 May 2025 21:11:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
158483
x-xss-protection
0
server
cafe
truncated
/ Frame 4F9C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15b7d23da3ea1a530a2e7ebc1dcbb54b97f2954d575f9e0c34cae4f6cb8fa1da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.au/pagead/1p-conversion/471685104/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832...
  • https://www.google.com/pagead/1p-conversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1...
  • https://www.google.com.au/pagead/1p-conversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-conversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO_QsQIIl9SxAgiY1LECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&is_vtc=1&cid=CAQSKQDZpuyzPyYEBDEsTgkXGL6Up--zpSmBpGSKHzZ1KjU5s0Yej9yGYcwP&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GF6MjAPKhZRZ9NJrV7NwF402hAmovKvr0A&random=1665808685&ipr=y&pscrd=IhMIx7bzu_vAjQMV3qRmAh2IlQFmMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT0FRQnU2OXUyMmswdWRFWkxqWUtDMjA4SlJkQURCbjdXakdMZ0Z6RkhvVmNHM2t1NFlmdzB6DAgJYggIABAAGAAgAIIBBXABiAEB&ezwbk=AZuM4hBKbRJ7m_L_7qOQaKycx8Fcf1yGjqw9AkRbySaowNmbUmpGgw_GIo9iN8vN3oZ9ZxzdPUvXxghdUJnIDELrmd5c
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.com.au/pagead/1p-conversion/471685104/?random=173202936&cv=11&fst=1748256631045&bg=ffffff&guid=ON&async=1&gcl_ctr=2&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=o1sMCM3Vy-8BEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO_QsQIIl9SxAgiY1LECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&is_vtc=1&cid=CAQSKQDZpuyzPyYEBDEsTgkXGL6Up--zpSmBpGSKHzZ1KjU5s0Yej9yGYcwP&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GF6MjAPKhZRZ9NJrV7NwF402hAmovKvr0A&random=1665808685&ipr=y&pscrd=IhMIx7bzu_vAjQMV3qRmAh2IlQFmMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT0FRQnU2OXUyMmswdWRFWkxqWUtDMjA4SlJkQURCbjdXakdMZ0Z6RkhvVmNHM2t1NFlmdzB6DAgJYggIABAAGAAgAIIBBXABiAEB&ezwbk=AZuM4hBKbRJ7m_L_7qOQaKycx8Fcf1yGjqw9AkRbySaowNmbUmpGgw_GIo9iN8vN3oZ9ZxzdPUvXxghdUJnIDELrmd5c
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.au/pagead/1p-conversion/471685104/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb83...
  • https://www.google.com/pagead/1p-conversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l...
  • https://www.google.com.au/pagead/1p-conversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-conversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO7QsQIIl9SxAgiY1LECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&is_vtc=1&cid=CAQSKQDZpuyzJnDXheTelMrra0dRcL5Z4sy1T0X4D85GIcB7_irgUtzDw5ZY&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GFG2ju6pI7b6vnL4UeDIu_SIjxprHGYsvQ&random=2068199462&ipr=y&pscrd=IhMImrXzu_vAjQMVmaBmAh0xJQ1dMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT1BQRV9zSXRYOU9LMzh2NThkMnRZRjZmU2RfUDJuU3BqdHVXV0ppQTRfYlVNaER3SlZuaUl6DAgJYggIABAAGAAgAIIBBXABiAEB&ezwbk=AZuM4hAFMPfTyRYn7DwipU2VTt-vSCwoyUNzbcVktczX71NdXMbcwQUERLkNxP_Haz4w1srCnZqL3Sl5_IBr2C1w9ssc
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.com.au/pagead/1p-conversion/471685104/?random=1570426185&cv=11&fst=1748256631036&bg=ffffff&guid=ON&async=1&gcl_ctr=1&gtm=45be55l1v9181766633z8832408556za200zb832408556&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept&ref=https%3A%2F%2Fnews.google.com%2F&label=uvndCOChkOsBEPCv9eAB&hn=www.googleadservices.com&frm=0&tiba=Man%20claims%20he%20sprayed%20monkey%20with%20paint%20to%20scare%20off%20others%2C%20says%20Selangor%20Wildlife%20Dept%20%7C%20Malaysia%20%7C%20The%20Vibes&value=0&npa=0&pscdl=noapi&auid=1268695141.1748256630&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&_tu=Kg&fmt=3&ct_cookie_present=false&crd=CPLOsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgiQybECCMLPsQII08WxAgjrzLECCM_OsQII_s6xAgjVz7ECCO7QsQIIl9SxAgiY1LECSid0cmlnZ2VyO25hdmlnYXRpb24tc291cmNlLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&is_vtc=1&cid=CAQSKQDZpuyzJnDXheTelMrra0dRcL5Z4sy1T0X4D85GIcB7_irgUtzDw5ZY&eitems=ChAI8KLQwQYQ_qa9wr6Iqag-Eh0AOJh_GFG2ju6pI7b6vnL4UeDIu_SIjxprHGYsvQ&random=2068199462&ipr=y&pscrd=IhMImrXzu_vAjQMVmaBmAh0xJQ1dMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhlodHRwczovL3d3dy50aGV2aWJlcy5jb20vQldDaEVJOEtMUXdRWVE4TzZsOTY2SnQ1bmZBUklzQUJJQXpkT1BQRV9zSXRYOU9LMzh2NThkMnRZRjZmU2RfUDJuU3BqdHVXV0ppQTRfYlVNaER3SlZuaUl6DAgJYggIABAAGAAgAIIBBXABiAEB&ezwbk=AZuM4hAFMPfTyRYn7DwipU2VTt-vSCwoyUNzbcVktczX71NdXMbcwQUERLkNxP_Haz4w1srCnZqL3Sl5_IBr2C1w9ssc
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
panorama
sync.sharethis.com/ 		42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/panorama?uid=157cdbc83977f922eac2f5b1d748185ca02cbedc12c3d1090134511c0f07ee73&stid=ZGTAA2g0R3YAAAAIGJWMAw%3D%3D
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.153.25.123 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-153-25-123.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 26 May 2025 10:50:33 GMT
Content-Type
image/gif
Connection
keep-alive
truncated
/ Frame 83D0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94e8bc1a39a56aaa3517ffa21e855c76e84e1b3ea71681408b3b689b8d51bfee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
eplist
gtrace.mediago.io/ju/cs/ Frame A1C5 		153 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtrace.mediago.io/ju/cs/eplist?tn=41b6e88a2b85b0e731ef8e73e5558712&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fcdn.mediago.io&mcb=mmgg_1748256631809_487
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
fdfc078c344959e4180f7af0781e8f2cbc270c5ee6cfa55809801581db97bea3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.mediago.io/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fcdn.mediago.io
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
date
Mon, 26 May 2025 10:50:32 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
eplist
gtrace.mediago.io/ju/cs/ Frame 1F6B 		153 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gtrace.mediago.io/ju/cs/eplist?tn=41b6e88a2b85b0e731ef8e73e5558712&gdpr_consent=&gdpr=0&dm=https%253A%252F%252Fcdn.mediago.io&mcb=mmgg_1748256631818_116
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.208.249.213 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.249.208.35.bc.googleusercontent.com
Software
/
Resource Hash
1212ebaf5c4ac23cd8e725a47f35d9b67ee503ec1a1bb53a3fcec1c658213cc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.mediago.io/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
access-control-allow-origin
https%3A%2F%2Fcdn.mediago.io
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
date
Mon, 26 May 2025 10:50:32 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
Content-Type
truncated
/ Frame 7BFE 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f22ced1f7654d6e125e66acebc15245d5a49f40c324ad361a6826a76a31c7f69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
match
c1.adform.net/serving/cookie/ Frame 789B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 26 May 2025 10:50:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 644A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2ee96834-4778-4100-9b9a-5e9e29ce9e30&gdpr=0&gdpr_consent=
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2ee96834-4778-4100-9b9a-5e9e29ce9e30&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 26 May 2025 10:50:32 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Referrer-Policy
strict-origin
Server
MT3 1944 03cbabd master ord ord-pixel-x29 config_version:"2249"
Strict-Transport-Security
31536000
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
all
X-XSS-Protection
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2ee96834-4778-4100-9b9a-5e9e29ce9e30&gdpr=0&gdpr_consent=
/
onetag-sys.com/match/ Frame D784
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2870886818780727774&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
137
content-type
text/html; charset=utf-8
date
Mon, 26 May 2025 10:50:33 GMT
location
https://onetag-sys.com/match/?gdpr=0&gdpr_consent=&int_id=114&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
adx.dable.io/ Frame 009D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.dable.io/pixel?dsp_id=46&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B&dable_uid=93461531.1748256630623
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.235.205.25 Osaka, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-235-205-25.ip.linodeusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

date
Mon, 26 May 2025 10:50:32 GMT
server
nginx
sync
pippio.com/api/ Frame 5DF4
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=87015C4D-B41F-46A6-8685-CBCABC476A0B
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg3MDE1QzRELUI0MUYtNDZBNi04Njg1LUNCQ0FCQzQ3NkEwQhAAGg0I-I7RwQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f55164a5a5cabc90031c9b6425d72a7d6cd929eea6fa09b8ad92ba7a1e0d224c791426b5417dce21&_=2
42 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=f55164a5a5cabc90031c9b6425d72a7d6cd929eea6fa09b8ad92ba7a1e0d224c791426b5417dce21&_=2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=f55164a5a5cabc90031c9b6425d72a7d6cd929eea6fa09b8ad92ba7a1e0d224c791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
img
pixel.mathtag.com/sync/ Frame 5DF4
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=87015C4D-B41F-46A6-8685-CBCABC476A0B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=87015C4D-B41F-46A6-8685-CBCABC476A0B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=87015C4D-B41F-46A6-8685-CBCABC476A0B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=2870886818780727774&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2421704724926579137&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=2421704724926579137&gdpr=0&gdpr_consent=&sInitiator=internal
  • https://sync.srv.stackadapt.com/sync?nid=semasio
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=&gdpr_consent=
  • https://pixel.mathtag.com/sync/img?mt_exid=10041&redir=https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F14876172%3FsExtCookieId%3D%5BMM_UUID%5D%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
0
0
qmap
sync.crwdcntrl.net/ Frame 5DF4 		49 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.186.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-186-67.compute-1.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 5DF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODcwMTVDNEQtQjQxRi00NkE2LTg2ODUtQ0JDQUJDNDc2QTBC&gdpr=0&gdpr_consent=&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5DF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hwFcTbQfRqaGhcvKvEdqCw%3D%3D&gdpr=0&gdpr_consent=&google_cm
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEKCQCLnJX1r9op6xkdGL5O0&google_cver=1
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEKCQCLnJX1r9op6xkdGL5O0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
23.55.6.117 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-6-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
max-age=99469
content-encoding
gzip
expires
Tue, 27 May 2025 14:28:21 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
6694
date
Mon, 26 May 2025 10:50:32 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
content-type
text/html
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEKCQCLnJX1r9op6xkdGL5O0&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
362
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
Pug
image2.pubmatic.com/AdServer/ Frame 5DF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
42 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV3dOWM-LfjkrJWpe0QZpg&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
379
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pubmatic
um.simpli.fi/ Frame 5DF4 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 25 May 2025 10:50:32 GMT
access-control-allow-origin
*
content-length
43
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
87015C4D-B41F-46A6-8685-CBCABC476A0B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5DF4 		43 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/87015C4D-B41F-46A6-8685-CBCABC476A0B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.163.165 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-163-165.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
server
ATS
x-frame-options
DENY
Pug
simage2.pubmatic.com/AdServer/ Frame 5DF4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
42 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
content-length
355
date
Mon, 26 May 2025 10:50:32 GMT
server
Kestrel
Pug
image2.pubmatic.com/AdServer/ Frame 5DF4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2490426699773684346&gdpr=0&gdpr_consent=&us_privacy=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2490426699773684346&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:32 GMT
content-type
text/html; charset=utf-8
server
nginx

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2490426699773684346&gdpr=0&gdpr_consent=&us_privacy=
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
0
Date
Mon, 26 May 2025 10:50:32 GMT
Pragma
no-cache
Connection
keep-alive
SPug
image4.pubmatic.com/AdServer/ Frame 5DF4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YV5dAStE2uWi51h8WJluZ9nuOMUI6VM-~A&gdpr=0
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YV5dAStE2uWi51h8WJluZ9nuOMUI6VM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Server
67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:33 GMT
server
nginx

Redirect headers

strict-transport-security
max-age=31536000
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YV5dAStE2uWi51h8WJluZ9nuOMUI6VM-~A&gdpr=0
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 26 May 2025 10:50:32 GMT
content-type
text/html
server
ATS
56a4c90e-e43d-432a-9b78-0264906b4e4a
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/ Frame 83D0 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/56a4c90e-e43d-432a-9b78-0264906b4e4a
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
t_.htm
t.sharethis.com/a/ Frame 2A00 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1799.23411&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=www.thevibes.com&rnd=1748256631126
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.10.234 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-10-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
133387c425386fb7f3ffc26e6e4bd6ad5d9c0c46315f4d27735e1cf21f5d9f52
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://www.thevibes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1153
Content-Type
text/html
Date
Mon, 26 May 2025 10:50:32 GMT
Expires
Mon, 02 Jun 2025 10:50:32 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
/
c.mgid.com/pv/ Frame 83D0 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?pv_types=pv&pr=www.thevibes.com&cbuster=1748256631849230534911&pvid=3033320a-2a8a-4fad-976f-f0abec17011f&implVersion=17&lct=1747126695&site=978650&cid=1666419&i=1&nullid=0&scum=%3F0&scuw=%3F0&cxurl=https%3A%2F%2Fwww.thevibes.com%2F&lu=https%3A%2F%2F66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
945cb64d4c1c8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
wl
servicer.mgid.com/ Frame 83D0 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servicer.mgid.com/wl?cid=1666419&nocmp=1&container=gam_safe_frame&sessionId=68344778-06a5c&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=533.33&pr=www.thevibes.com&cbuster=1748256632019233509123&pvid=3033320a-2a8a-4fad-976f-f0abec17011f&implVersion=17&lct=1747126680&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=f4859aa6-63eb-4930-801c-3bb4efae4db1&uniqId=01e31&niet=4g&nisd=false&jsp=body&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=11a9b3fc&iframe=2&tfre=1620&cxurl=https%3A%2F%2Fwww.thevibes.com%2F&ref=https%3A%2F%2Fwww.thevibes.com%2F&lu=https%3A%2F%2F66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
945cb64e5d058655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 83D0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"617c205137825561208ef7c1a2d8f319"
age
2864
expires
Tue, 27 May 2025 10:50:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
tGHU9gIRn7P0++mE8vkrClh3lia3o0DDgsjvnbkjXFKoO1HrjwnysGJ3PxzG+WS0ecr/IzpvNjs=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-request-id
7HR83VRF7JRX61KJ
cf-ray
945cb64e5d0e8655-PER
access-control-allow-origin
*
server
cloudflare
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 83D0 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-robots-tag
noindex
content-encoding
br
cf-cache-status
HIT
x-amz-version-id
null
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
age
1513
expires
Tue, 27 May 2025 10:50:32 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/svg+xml
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
kAb3eALyqDltoygEPb4OybyJGVR32altOZByw6tNdtN6p4JbztNmX2RfnI7DltUASwG53ARekYPo4kIZ/C2feQziT5XronP+
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-request-id
6S2VH0VPB1BV5KF3
cf-ray
945cb64e5d0c8655-PER
access-control-allow-origin
*
server
cloudflare
dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058...
adservice.google.com/ddm/fls/z/ Frame 413E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Requested by
Host: 10486115.fls.doubleclick.net
URL: https://10486115.fls.doubleclick.net/activityi;dc_pre=CPDfibz7wI0DFTPtFgUdL289Jw;src=10486115;type=invmedia;cat=thevi0;ord=5892117360821;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631071;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.8.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://10486115.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v91900...
adservice.google.com/ddm/fls/z/ Frame E512 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Requested by
Host: 10486115.fls.doubleclick.net
URL: https://10486115.fls.doubleclick.net/activityi;dc_pre=CKD4ibz7wI0DFW_kFgUdea4S9A;src=10486115;type=invmedia;cat=thevi002;ord=9349004988539;npa=0;auiddc=1268695141.1748256630;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe55l1v9190058351z8832408556za200zb832408556;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635;ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635;epver=2;dc_random=1748256631113;_dc_test=1;~oref=https%3A%2F%2Fwww.thevibes.com%2Farticles%2Fnews%2F108682%2Fman-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.8.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://10486115.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
1
servicer.mgid.com/1666419/ Frame 83D0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1666419/1?nocmp=1&container=gam_safe_frame&sessionId=68344778-06a5c&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=533.33&pr=www.thevibes.com&cbuster=174825663218490612342&pvid=3033320a-2a8a-4fad-976f-f0abec17011f&implVersion=17&lct=1747126680&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=f4859aa6-63eb-4930-801c-3bb4efae4db1&uniqId=01e31&niet=4g&nisd=false&jsp=body&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=11a9b3fc&iframe=2&tfre=1785&w=4000&h=250&sz=300x254&szp=1&szl=1&gptbid=1701188&cxurl=https%3A%2F%2Fwww.thevibes.com%2F&ref=https%3A%2F%2Fwww.thevibes.com%2F&lu=https%3A%2F%2F66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/978650.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39dd83bd44bd3ecd57770110f0d42a7f65702ff490084c00a04d4ea3b792ff07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
945cb64f4dbf8655-PER
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 26 May 2025 10:50:32 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
view
securepubads.g.doubleclick.net/pcs/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvprEdUSn0k_WSBNwLCExi2ZHutXX5TZfIzhELWnUGSRCY_Mhde6oXIt5k_mO8pcsLwA-jC_JTceQz7Z_FsRdVHanFfKXuhkKfgopjp7SC0mNmUSfQ5S0jV6RHMSXMh7ZkrcEmU90gZukOzmVRUZQ_gGVDDH3Hl3KmIjCypc6ihzCbnQzQR3-CmW06qHLKzFCHCSrfi8PGOJuQpupFSpxasaDxZl_v-ToqUgfuGAOqUEWTfgfPiIbugB1mbJzDZQxE6dNOHhxczyUhWgdEvM0K0i9xctUP4LfhRxMfktsX-EEmtuRA-PyUNZSq2rgs2_cdRATVRSUJfqdxY3cHjhL5F3_xrukl7E5gBzNIE1eRlPsqjbOYRAOxL2pa2YE3dlIAg4APytKXxJ12NGYHuM6ktxScnohZKV_k31ySPzB86PervVvHv5i4o8Q&sai=AMfl-YTD04EeucFex5vxmD-P2URNwBjJcJWhs9ENAEaJkWB0k8JsDnDwz65DTEYZ25WOs0dmKToWj-V4QifSvOPjUqiDcvE7j9oRQIWkmf_xR9bRxhL2j49raG9yQvXAftSnK8s3dr80lQ5UAIOmuQmpkw&sig=Cg0ArKJSzAwhaf-8E16wEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 2593 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&adk=1812271804&adf=3279755402&abgtt=6&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.thevibes.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.14140320797478487&aiapmi=0.16&aiact=0.5975184061709752&aicct=0.7&ailct=0.7&aimart=6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631640&bpp=7&bdt=1110&idt=644&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&nras=1&correlator=979212100139&frm=24&ife=3&pv=2&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3032436480&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C95353387%2C95360609%2C31092612%2C95344788%2C95361619%2C95360960%2C95360295&oid=2&pvsid=682242285604700&tmod=490478001&uas=0&nvt=1&fsapi=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.8y7io53mnq0s&fsb=1&dtd=720
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 4F9C 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250521&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
cf1e09e95b46457c288bb88b80eb2d8f87ba5db8acc3251faa3608584139e17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13179
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupF4V08uF4dMstxQbKMHmxFv-MaX66gkZqoph9SbbwD8SVknSPcyrF-kRIymEdlwDy9DwIu2oxxvp03mmfxMdvJQxAdVLBvXCj3RLDu06nwoIiJl9WB9GcqFk96qKKzAJ7hyKMCCI0gIqM7UeJHae6q0pKooH8hUQWEEsiDFBzx4pbvf8ousLAPQ_YTxk3VuEs5qrwBYO0yh5waJ_CRzb1RQ67s5fJwTeu08box7vG8XF65RaxrFBVXxzsyaKnoa6Nu7EOOYIiN41-BzR-plJ7b3NewnMYRPJyUKSQCqPmQBuxN1k9hfr3wA32cp2kzsPl65jSQPWMb-6b1Ux1O7lTcfqRpNjFCK7uEuDkSca6yb2vQ8QY87vJNl85K3J49EvDGW1DuXWf1yRmjiiKtQRUiesciMTGo7WtLafBsWoCQsa9805xs5paya9z&sai=AMfl-YRd7Icf4BGeCCSduBF2gmpwmFS9rsqdHAjO8qZTEtS-uga80jo-lx5NZFIPDDfu-TVpYYGVj8-tNm7Zy2s0qp9Bt2J4oTKkZ70VUiVi9PWDhPKShWEm7L80rIAXKjIx8zujSakLeJhDtW5jzNr2pA&sig=Cg0ArKJSzN1Y8-GOotC9EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
t_.js
t.sharethis.com/1.1799.23411/a/AU/ Frame 3265 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1799.23411/a/AU/t_.js?cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1799.23411&cid=c010&cls=B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.10.234 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-10-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
552a2472fcafe9035e7537159e198c075c896db3c516fbdd5a1caf7e86de9b75
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1799.23411&cid=c010&cls=B

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
max-age=604800
Content-Encoding
gzip
Connection
keep-alive
Expires
Mon, 02 Jun 2025 10:50:32 GMT
Content-Length
10739
Date
Mon, 26 May 2025 10:50:32 GMT
Content-Type
text/javascript
ads
googleads.g.doubleclick.net/pagead/ Frame 8ED7 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&adk=1812271804&adf=3279755405&abgtt=6&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.thevibes.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.05000783260562319&aiapmi=0.16&aiact=0.7252822920899102&aicct=0.7&ailct=0.7&aimart=9&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631770&bpp=2&bdt=1235&idt=548&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&nras=1&correlator=7889272411&frm=24&ife=3&pv=2&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1446459086&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C42532524%2C95353386%2C95360609%2C95360812%2C31092612%2C95344789%2C95361624%2C95360960&oid=2&pvsid=7522287750067487&tmod=490478001&uas=0&nvt=1&fsapi=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.rur7g1ci7m1v&fsb=1&dtd=630
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 7BFE 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250521&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
18208db91eda3f881c7246562119b63660460602b9b56c25a95df81806927771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13290
date
Mon, 26 May 2025 10:50:32 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
c.mgid.com/pv/ Frame 83D0 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?pv_types=ppv&pr=www.thevibes.com&cbuster=1748256632424661740962&pvid=3033320a-2a8a-4fad-976f-f0abec17011f&implVersion=17&lct=1747126695&site=978650&cid=1666419&i=1&nullid=0&scum=%3F0&scuw=%3F0&cxurl=https%3A%2F%2Fwww.thevibes.com%2F&lu=https%3A%2F%2F66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
945cb650dec68655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
ping
pagead2.googlesyndication.com/pagead/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers
ping
pagead2.googlesyndication.com/pagead/ Frame 4F9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame BA92 		849 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&h=90&slotname=4188053257&adk=2522029892&adf=3173046725&pi=t.ma~as.4188053257&w=728&abgtt=6&format=728x90&url=https%3A%2F%2Fwww.thevibes.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631640&bpp=2&bdt=1110&idt=666&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=979212100139&frm=24&ife=3&pv=1&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3032436480&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C95353387%2C95360609%2C31092612%2C95344788%2C95361619%2C95360960%2C95360295&oid=2&pvsid=682242285604700&tmod=490478001&uas=0&nvt=1&xatf=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.8k8bxovl71lw&fsb=1&dtd=793
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
2d708a05777dde86dd5c11cec93c249f4bec774564d890f304d12f10729ed17a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers
ping
pagead2.googlesyndication.com/pagead/ Frame 7BFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame 4EE6 		849 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1691175211623869&output=html&h=250&slotname=4114819499&adk=2214506811&adf=3173046724&pi=t.ma~as.4114819499&w=300&abgtt=6&format=300x250&url=https%3A%2F%2Fwww.thevibes.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748256631770&bpp=5&bdt=1235&idt=600&shv=r20250521&mjsv=m202505210101&ptt=9&saldr=aa&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7889272411&frm=24&ife=3&pv=1&nhd=1&u_tz=480&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1446459086&scr_x=-12245933&scr_y=-12245933&eid=31092113%2C42532524%2C95353386%2C95360609%2C95360812%2C31092612%2C95344789%2C95361624%2C95360960&oid=2&pvsid=7522287750067487&tmod=490478001&uas=0&nvt=1&etu=AA-V4qPB5dTMxjd5antGslbp-_WFtoNi_nip4wtCVVgSexoup-LqynOpOZFOWKD3JM-x9KmL3l36oM4ECmsTUrXTAhDjEVYC1bBO8xTImAF5qE_zHHK8dNYSa5yAq2Kf83150XgYzRcy_T0r_4nbO3lh9sby5cdlZaXdJGGDUwv5QAr9PVNRwKT2QkIDzdnGmrxYM6sQiPTiVmM1qf63Dg-0YrRk-qP2LD0&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.xd37zh7zpjns&fsb=1&dtd=684
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
a65f56246a616760d1baadfd9aec9ea596011d8eaba868af99103f2fad617946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzEwMTkyNC8wODA5Z...
s-img.mgid.com/g/15112079/492x328/-/ Frame 83D0 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15112079/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzEwMTkyNC8wODA5ZmFkYTk3ZjM1OTcyODQ1N2JjMDljZTdiNWZhMy5qcGVn.webp?v=1748256632-LkBkXwIXmBvzEN_hq91C7UiRNsv2bLFRkQKNYox8bWI
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.197.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996e6b4a2229f30a9c52a9092a7af209faef36f9f65c535ae971761d42d600ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-robots-tag
noindex
cf-cache-status
HIT
age
2831832
x-mg-request-uuid
cb6b7aed-42b0-4b5d-9fb7-dc958ace38d3
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/webp
last-modified
Thu, 12 Jan 2023 10:01:20 GMT
vary
Accept-Encoding
priority
u=3,i
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
immutable, max-age=31536000
cf-ray
945cb6517c443ea8-PER
accept-ranges
bytes
access-control-allow-origin
*
content-length
19892
server
cloudflare
wr
c.mgid.com/ Frame 83D0 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/wr?cid=1666419&nocmp=1&container=gam_safe_frame&sessionId=68344778-06a5c&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&scale_metric_1=64.00&scale_metric_2=320.00&scale_metric_3=533.33&pr=www.thevibes.com&cbuster=1748256632470707463628&pvid=3033320a-2a8a-4fad-976f-f0abec17011f&implVersion=17&lct=1747126680&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&wlid=f4859aa6-63eb-4930-801c-3bb4efae4db1&uniqId=01e31&niet=4g&nisd=false&jsp=body&evt=%5B%7B%22event%22%3A1%2C%22methods%22%3A%5B1%2C2%5D%7D%2C%7B%22event%22%3A2%2C%22methods%22%3A%5B1%2C2%5D%7D%5D&pv=5&jsv=es6&dpr=1&hashCommit=11a9b3fc&iframe=2&tfre=2071&w=4000&h=250&sz=300x254&szp=1&szl=1&gptbid=1701188&cxurl=https%3A%2F%2Fwww.thevibes.com%2F&ref=https%3A%2F%2Fwww.thevibes.com%2F&lu=https%3A%2F%2F66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
945cb6511ef88655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
i.js
cm.mgid.com/ Frame 83D0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?muid=p4qwb-dEWvO3&cbuster=1748256632476586663549
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/978650.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af147ce2e5c61e8083c477172606acdefd2ac139347a98f7dbe830c160eeed1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb6512efe8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 26 May 2025 10:50:32 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 83D0 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/site/978650.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
860539ec4f3ee0e11aa746e6d001bfce5654a5b6101563e17cfa4716cfdc4335
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

x-amz-id-2
ki/m3Le3r9nAnTxS3J6E2fDaQx2dr/+MN6oICk6GFPzlwEvFjoGLLZJ/Wx0gAE23oj86+bq9xJBSERakVhCH+Q==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"dcb8906065544836970a0fd171e6738e"
age
3089
x-amz-request-id
B229WSRG49TSPBE1
cf-ray
945cb6521b20d132-PER
date
Mon, 26 May 2025 10:50:32 GMT
content-type
text/javascript;charset=utf-8
last-modified
Fri, 02 May 2025 06:44:22 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
nlsn
sync.sharethis.com/ Frame 3265
Redirect Chain
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
  • https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
  • https://sync.sharethis.com/nlsn?uid=a6093b05e39dd0d9266354a4de5549a8
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/nlsn?uid=a6093b05e39dd0d9266354a4de5549a8
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Server
52.52.120.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-120-166.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/

Response headers

Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 26 May 2025 10:50:34 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
no-cache
location
https://sync.sharethis.com/nlsn?uid=a6093b05e39dd0d9266354a4de5549a8
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Mon, 26 May 2025 10:50:34 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
lotame
sync.sharethis.com/int/ Frame 3265
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGTAA2g0R3YAAAAIGJWMAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_conse...
  • https://sync.sharethis.com/int/lotame?uid=728e53eea06ae5bea52623f7784be219&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/int/lotame?uid=728e53eea06ae5bea52623f7784be219&gdpr=0&gdpr_consent=
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Server
52.52.120.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-120-166.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/

Response headers

Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 26 May 2025 10:50:34 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

expires
0
cache-control
no-cache
location
https://sync.sharethis.com/int/lotame?uid=728e53eea06ae5bea52623f7784be219&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Mon, 26 May 2025 10:50:32 GMT
pragma
no-cache
ttd
sync.sharethis.com/ Frame 3265
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Server
52.52.120.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-120-166.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/

Response headers

Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 26 May 2025 10:50:33 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

location
https://sync.sharethis.com/ttd?uid=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&gdpr=0&gdpr_consent=
content-length
215
date
Mon, 26 May 2025 10:50:32 GMT
server
Kestrel
eyeota
sync.sharethis.com/ Frame 3265
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=2zkIydW3W8D5qMjwRqqd6mt7M3HRQujUMcFDzMzqGa1k&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=2zkIydW3W8D5qMjwRqqd6mt7M3HRQujUMcFDzMzqGa1k&gdpr=0&gdpr_consent=
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Server
52.52.120.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-120-166.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/

Response headers

Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 26 May 2025 10:50:34 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=2zkIydW3W8D5qMjwRqqd6mt7M3HRQujUMcFDzMzqGa1k&gdpr=0&gdpr_consent=
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Mon, 26 May 2025 10:50:33 GMT
csync.ashx
ml314.com/ Frame 3265
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGTAA2g0R3YAAAAIGJWMAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3652893907244023827
  • https://ml314.com/csync.ashx?fp=215e1a846c0d94f8c86a3341e14bc868ad40487610a77c483e812281755f2df7f4cb09cee1a4f8eb&person_id=3652893907244023827&eid=50082
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=215e1a846c0d94f8c86a3341e14bc868ad40487610a77c483e812281755f2df7f4cb09cee1a4f8eb&person_id=3652893907244023827&eid=50082
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H2
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/

Response headers

via
1.1 google
expires
Tue, 27 May 2025 10:50:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
server
Google Frontend

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://ml314.com/csync.ashx?fp=215e1a846c0d94f8c86a3341e14bc868ad40487610a77c483e812281755f2df7f4cb09cee1a4f8eb&person_id=3652893907244023827&eid=50082
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 26 May 2025 10:50:33 GMT
yahoo
sync.sharethis.com/ Frame 3265
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent=
  • https://sync.sharethis.com/yahoo?uid=y-9f4ZhSpE2oP87lbcCh6ImCZgFaXG8LE1rso-~A&gdpr=0
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/yahoo?uid=y-9f4ZhSpE2oP87lbcCh6ImCZgFaXG8LE1rso-~A&gdpr=0
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
HTTP/1.1
Server
52.52.120.166 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-120-166.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://t.sharethis.com/

Response headers

Stid
ZGTAA2g0R3YAAAAIGJWMAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 26 May 2025 10:50:34 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=31536000
location
https://sync.sharethis.com/yahoo?uid=y-9f4ZhSpE2oP87lbcCh6ImCZgFaXG8LE1rso-~A&gdpr=0
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 26 May 2025 10:50:33 GMT
content-type
text/html
server
ATS
usync.html
eus.rubiconproject.com/ Frame EB39
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=p4qwb-dEWvO3&cbuster=1748256632476586663549
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Mon, 26 May 2025 10:50:33 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 26 May 2025 10:50:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 01FF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=p4qwb-dEWvO3&cbuster=1748256632476586663549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
f412b46759e42e064ef13cb78413413d13de95ebaa146a88938a889e58412edc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1593
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
396846.gif
idsync.rlcdn.com/ Frame 83D0
Redirect Chain
  • https://idsync.rlcdn.com/712107.gif?partner_uid=p4qwb-dEWvO3&
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52d14e50-2f81-490c-8039-c2c83be893d7
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52d14e50-2f81-490c-8039-c2c83be893d7
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=52d14e50-2f81-490c-8039-c2c83be893d7
pragma
no-cache
x-forwarded-for
103.108.231.244
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
712056.gif
id.rlcdn.com/ Frame 83D0 		42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712056.gif?
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 26 May 2025 10:50:32 GMT
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 83D0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=fb71001dd30a44&is_secure=true&networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQACxhLXSoepmQJ7ysPBAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46...
42 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQACxhLXSoepmQJ7ysPBAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:34 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQACxhLXSoepmQJ7ysPBAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&is_secure=true&gdpr_consent=&gdpr=0
content-length
0
date
Mon, 26 May 2025 10:50:33 GMT
pragma
no-cache
server
nginx
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://cm.idealmedia.io/i.gif?muidf=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
  • https://cm.mgid.com/i.gif?muidf=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=987cea02-f271-4d55-a66b-9ba61b4083a8
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=987cea02-f271-4d55-a66b-9ba61b4083a8
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb65e281f8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:34 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cm.mgid.com/m?cdsp=287839&c=987cea02-f271-4d55-a66b-9ba61b4083a8
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:34 GMT
server_match
ad.360yield.com/ Frame 83D0 		0
0
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=c8ad77e7-897e-4cdf-aad3-4f8276164d21
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=c8ad77e7-897e-4cdf-aad3-4f8276164d21
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb65bbe6c8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:34 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cm.mgid.com/m?cdsp=287839&c=c8ad77e7-897e-4cdf-aad3-4f8276164d21
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:34 GMT
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb662db868655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:35 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://cm.mgid.com/m?cdsp=501037&c=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length
0
date
Mon, 26 May 2025 10:50:35 GMT, Mon, 26 May 2025 10:50:35 GMT
pragma
no-cache
vary
Accept-Encoding
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=1jfI3wDKNj&consentString=[consentString]&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834139%26c%3D%5BPDID%5D&rd=1
  • https://cm.mgid.com/m?cdsp=834139&c=8e9bec00-dee7-44ce-a377-1zz1748256631
43 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834139&c=8e9bec00-dee7-44ce-a377-1zz1748256631
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb65cff548655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:34 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

location
https://cm.mgid.com/m?cdsp=834139&c=8e9bec00-dee7-44ce-a377-1zz1748256631
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 26 May 2025 10:50:32 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.1.30
server
nginx/1.14.1
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://cm.rtbsystem.com/mgid?c=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
  • https://cm.mgid.com/m?cdsp=556372&c=e5c753d6-740f-5d59-a8c6-5d5b6a8c6684
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=556372&c=e5c753d6-740f-5d59-a8c6-5d5b6a8c6684
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb6574b3d8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://cm.mgid.com/m?cdsp=556372&c=e5c753d6-740f-5d59-a8c6-5d5b6a8c6684
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlmQ%2Bg7ynQf9%2BIKKBJ7tteJCCKMwchzgrvssnyPBfC5KDqRxnrTs9cPD2akiXT5unfIxeuxdc9RarmAhyRNqfjnQGRHgOznqWWfoUbJC3lDAM%2B8zKAiUiMkvs6s%2F2jBExzPg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
945cb6555ec28641-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47285&min_rtt=47020&rtt_var=5961&sent=11&recv=12&lost=0&retrans=0&sent_bytes=3701&recv_bytes=3469&delivery_rate=1093105&cwnd=15473&unsent_bytes=0&cid=30491d8c219d4602&ts=626&x=92"
content-length
43
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
server
cloudflare
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.mgid.com/m?cdsp=834104&c=$UID
  • https://cm.mgid.com/m?cdsp=834104&c=2870886818780727774
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834104&c=2870886818780727774
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb654e98e8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

cache-control
no-store, no-cache, private
location
https://cm.mgid.com/m?cdsp=834104&c=2870886818780727774
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.244; 103.108.231.244; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
5177dae4-9d65-412a-a126-fe4b65de72f6
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
cookie
cm.adform.net/ Frame 83D0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48ce-bd77-2de47a0ebfcd%26bidder%...
  • https://prebid.a-mo.net/cchain/0/1593?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=6124b539-7ea6-48ce-bd77-2de47a0ebfcd&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=...
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48c...
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539-7ea6-48c...
  • https://prebid.a-mo.net/cchain/1/1593?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=6124b539-7ea6-48ce-bd77-2de47a0ebfcd&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Kua...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F1593%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D6124b539...
0
0
match
match.360yield.com/ Frame 83D0 		0
0
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=155&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834126%26c%3D%5Bsas_sync_pid%5D%26nwid%3D4577
  • https://cm.mgid.com/m?cdsp=834126&c=6456235182702136060&nwid=4577
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834126&c=6456235182702136060&nwid=4577
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb657fbcd8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

cache-control
no-cache,no-store
location
https://cm.mgid.com/m?cdsp=834126&c=6456235182702136060&nwid=4577
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 26 May 2025 10:50:32 GMT
pragma
no-cache
google
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=cDRxd2ItZEVXdk8z&muidn=p4qwb-dEWvO3&gdpr=0&gdpr_consent=
  • https://cm.mgid.com/google?muidn=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&google_ula={guid},5&google_gid=CAESEBFGdZ27KkBANZEuLBJnCJ8&google_cver=1
0
0
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/mgid/?puid=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D
  • https://b1sync.outbrain.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&puid=p4qwb-dEWvO3&s=2&us_privacy=
  • https://b1sync.zemanta.com/usersync/mgid/?cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834142%26c%3D%7Buser_id%7D&gdpr=0&gdpr_consent=&obuid=2afb3f07-b419-4aa1-865c-b7e4f807fb67&puid=p4qwb-dEWvO3&s=2&...
  • https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb66969448655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:36 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://cm.mgid.com/m?cdsp=834142&c={user_id}&gdpr=0
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="We do not support P3P header."
content-length
83
date
Mon, 26 May 2025 10:50:36 GMT
content-type
text/html; charset=utf-8
m
cm.mgid.com/ Frame 83D0
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=219216&t=image&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D834154%26c%3D%7BUID%7D
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D219216%26dsp%3D762683%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=219216&dsp=762683&t=image&uid=2870886818780727774
  • https://cm.mgid.com/m?cdsp=834154&c=A2934339353279445146
43 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834154&c=A2934339353279445146
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb66009ae8655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:35 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

Cache-Control
no-store
Location
https://cm.mgid.com/m?cdsp=834154&c=A2934339353279445146
Content-Length
0
Date
Mon, 26 May 2025 10:50:34 GMT
Server
nginx
Connection
close
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 4F9C 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
png
edgecdnplus.com/ 		358 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://edgecdnplus.com/png?idle=0&aid=102154&sid=125949&temp_uid=03nuvhbxzcm3&lang=auto&bat=100//Adapter//00%3A00//---&aplg=not%20found
Requested by
Host: edgecdn.dev
URL: https://edgecdn.dev/code?code=8bc4466bdcc3d354a9774f921679fbdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.57.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.thevibes.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NOMZggZy372FLhuAvR0e%2FCbtOCDCFyiH45jXdvSd6NUoJt%2BtvhI9nuFOB%2BSm9hTACR8yopnSvp2pgYXegq3J%2BvHN3qR0qjsmbU6HGxUfGjRgkjJKeag3ul%2BRtv8aO5AqLY%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Jul 2001 06:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48628&min_rtt=47160&rtt_var=3868&sent=12&recv=14&lost=0&retrans=0&sent_bytes=4546&recv_bytes=5566&delivery_rate=593744&cwnd=16495&unsent_bytes=0&cid=ada077456f24304c&ts=1929&x=92"
p3p
CP="CAO PSA OUR"
date
Mon, 26 May 2025 10:50:33 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Mon, 26 May 2025 10:50:33 GMT
vary
Accept-Encoding,User-Agent
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
945cb6545cc33ea8-PER
access-control-allow-origin
*
content-length
134
server
cloudflare
pixel
cm.g.doubleclick.net/ Frame 1F6B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=06b4a7e60580670a2t2lqr00mb4yuy7f
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.23.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.mediago.io/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/ Frame A1C5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_hm=06b4a7e60580670a2t2lqr00mb4yuy7f
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/cookieSync.html?tn=41b6e88a2b85b0e731ef8e73e5558712
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.23.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.mediago.io/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 7BFE 		20 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505210101/show_ads_impl_fy2021.js?bust=31092612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 26 May 2025 10:50:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
bounce
id5-sync.com/ Frame 83D0 		29 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
p3p
CP="CAO PSA OUR"
date
Mon, 26 May 2025 10:50:34 GMT
content-type
text/plain;charset=utf-8
vary
Origin
v1
lbs.eu-1-id5-sync.com/lbs/ Frame 83D0 		54 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.92.143 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
1c4f615c8262f5f9e570914d22cb8f2a444fe81833c9957dfd959c55590ed595

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
content-length
54
date
Mon, 26 May 2025 10:50:34 GMT
content-type
application/json
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ Frame 83D0 		56 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
558a714b68cdf46233ca4aeacade2a35d28293f09e7c750f38ffd09a93ba28e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
date
Mon, 26 May 2025 10:50:33 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sync
rtb.mfadsrvr.com/ Frame 01FF 		0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.mfadsrvr.com/sync?ssp=onetag&ssp_user_id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.199.88 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
88.199.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:34 GMT
content-type
text/html; charset=UTF-8
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=MB4YV0Q2-12-4SVU&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=MB4YV0Q2-12-4SVU&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://onetag-sys.com/match/?int_id=2&uid=MB4YV0Q2-12-4SVU&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
content-length
0
Content-Type
text/html
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26uid%3D$UID&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=98&uid=2870886818780727774&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&uid=2870886818780727774&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-store, no-cache, private
location
https://onetag-sys.com/match/?int_id=98&uid=2870886818780727774&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.244; 103.108.231.244; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
5d26f791-b205-4032-8aab-7bd364acdfe2
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=75e9eb545393197e2c055df41f5fec0&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=75e9eb545393197e2c055df41f5fec0&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://onetag-sys.com/match/?int_id=3&uid=75e9eb545393197e2c055df41f5fec0&gdpr_consent=&gdpr=0
x-sticky-vk
1748256633822070-56
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Mon, 26 May 2025 10:50:33 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 26 May 2025 10:50:33 GMT
Server
nginx
tap.php
pixel.rubiconproject.com/ Frame 01FF 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Pragma
no-cache
content-length
42
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440&gdpr=0&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=741f24a87a62a66f&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10101531197440
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10101531197440
  • https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU3091f5b32d7f4349ba2c61837f81594e
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU3091f5b32d7f4349ba2c61837f81594e
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://onetag-sys.com/match/?int_id=168&gdpr=&gdpr_consent=${GDPR_STRING}&uid=OPU3091f5b32d7f4349ba2c61837f81594e
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
content-length
149
date
Mon, 26 May 2025 10:50:35 GMT
content-type
text/html; charset=utf-8
server
Tengine
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
pixel
cm.g.doubleclick.net/ Frame 01FF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABlww3Mkjt1Wd134JtUeRD1caWHMiHDLPd8A&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABlww3Mkjt1Wd134JtUeRD1caWHMiHDLPd8A&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
74.125.23.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABlww3Mkjt1Wd134JtUeRD1caWHMiHDLPd8A&gdpr=0&gdpr_consent=
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6625395957168540198
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6625395957168540198
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-cache,no-store
location
https://onetag-sys.com/match/?int_id=107&uid=6625395957168540198
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 26 May 2025 10:50:32 GMT
pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
52YBMTFE2C2Z7D46FMRB
Content-Length
43
Date
Mon, 26 May 2025 10:50:34 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
Pug
simage2.pubmatic.com/AdServer/ Frame 01FF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%23PMUID
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=63166ceb9d550a7a&is_secure=true&networkId=17100&version=1&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAC34eBiBvR6wJUR9XqAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46...
42 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAC34eBiBvR6wJUR9XqAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:34 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQAC34eBiBvR6wJUR9XqAQEBAQEBAQCWDTY1JAEBAQEBAQEB&expiration=1748343033&nuid=87015C4D-B41F-46A6-8685-CBCABC476A0B&is_secure=true&gdpr_consent=&gdpr=0
content-length
0
date
Mon, 26 May 2025 10:50:33 GMT
pragma
no-cache
server
nginx
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&gdpr=0&gdpr_consent=&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEG3mVj5JtYmSKrztgG5ddhs&google_cver=1&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEG3mVj5JtYmSKrztgG5ddhs&google_cver=1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

cache-control
no-cache, must-revalidate
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEG3mVj5JtYmSKrztgG5ddhs&google_cver=1&gdpr=0&gdpr_consent=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
327
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
RX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff-004
sync.targeting.unrulymedia.com/csync/ Frame 01FF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&gdpr=0&gdpr_consent=${GDPR_CONSENT}&us_privacy=
  • https://sync.1rx.io/usersync2/rmpssp?sub=onetaglimited&zcc=1&cb=1748256634779
  • https://ad.turn.com/r/cs?pid=45&id=RX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff-004&rndcb=7019052895
  • https://sync.1rx.io/usersync/turn/2490426699773684346?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff-004?redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D212%26uid%3DRX-0d94c13d-38b6-46c3-bdea-3e86f94bd4ff...
0
0
user-sync.html
ms-cookie-sync.presage.io/ Frame 01FF 		0
0
/
onetag-sys.com/match/ Frame 01FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=&user_id=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&expires=30&ssp=onetag&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://onetag-sys.com/match/?int_id=30&uid=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//onetag-sys.com/match/?int_id=30&uid=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 26 May 2025 10:50:34 GMT
m
cm.mgid.com/ Frame 01FF 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=834098&c=IQ8ZXTE_Qe37qcjF9j93DeomqNFiazR8srvgNDyqq08&gdpr=0&consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=p4qwb-dEWvO3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://onetag-sys.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb6569ab08655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:33 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F9C 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu32Eivu_SlZPMtJuvvcICgEmKK6GJL0N5XQSn4vnNkZ_CShZ5y7lYSkA9o3jY1-ru36gSMWwyBj6kcs1AqoTTusPw3hix0GNK8ljR2lJLiMp2S_wRIyxroeoXh-U2flriQr3LQDJPuIBT7aYNpV8IEI75kcuhOjZEv8PQb7yIUDQuWX-U&sig=Cg0ArKJSzDB4N-zsFbWGEAE&id=lidar2&mcvt=1003&p=1077,436,1167,1164&tm=1888.6999998092651&tu=885.6999998092651&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20250521&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3397232470&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4418943100&rst=1748256630360&rpt=1948&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 26 May 2025 10:50:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame EC25 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:31:04 GMT
expires
Mon, 26 May 2025 11:21:04 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CEE7 		829 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s38-in-f4.1e100.net
Software
ESF /
Resource Hash
c85e6f4b8deaa90008263ede2d8ee75750d6ed02f81e1c430171f3f35b4d62b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GbkD12N5eNspu0gt5n4_kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GbkD12N5eNspu0gt5n4_kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:33 GMT
expires
Mon, 26 May 2025 10:50:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 4E49 		13 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:31:04 GMT
expires
Mon, 26 May 2025 11:21:04 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7103 		829 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.14.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s38-in-f4.1e100.net
Software
ESF /
Resource Hash
c85e6f4b8deaa90008263ede2d8ee75750d6ed02f81e1c430171f3f35b4d62b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GbkD12N5eNspu0gt5n4_kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GbkD12N5eNspu0gt5n4_kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 26 May 2025 10:50:33 GMT
expires
Mon, 26 May 2025 10:50:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ey-QR3J2UncfBqAOEewEsMcayF4fMLjNO63hNasZd9I.js
pagead2.googlesyndication.com/bg/ Frame EC25 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ey-QR3J2UncfBqAOEewEsMcayF4fMLjNO63hNasZd9I.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
sffe /
Resource Hash
7b2f9047727652771f06a00e11ec04b0c71ac85e1f30b8cd3bade135ab1977d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
44300
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Mon, 25 May 2026 22:32:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 25 May 2025 22:32:13 GMT
last-modified
Mon, 19 May 2025 09:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21149
x-xss-protection
0
server
sffe
ey-QR3J2UncfBqAOEewEsMcayF4fMLjNO63hNasZd9I.js
pagead2.googlesyndication.com/bg/ Frame 4E49 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ey-QR3J2UncfBqAOEewEsMcayF4fMLjNO63hNasZd9I.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
sffe /
Resource Hash
7b2f9047727652771f06a00e11ec04b0c71ac85e1f30b8cd3bade135ab1977d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
44300
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Mon, 25 May 2026 22:32:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 25 May 2025 22:32:13 GMT
last-modified
Mon, 19 May 2025 09:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21149
x-xss-protection
0
server
sffe
usync.js
eus.rubiconproject.com/ Frame EB39 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
647fec40b2b47c47ffebead7199b0a55cb6aa983fec48739317233f6ccf6c302

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east&gdpr=0&gdpr_consent=&us_privacy=

Response headers

cache-control
max-age=65307
content-encoding
gzip
expires
Tue, 27 May 2025 04:59:00 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11387
date
Mon, 26 May 2025 10:50:33 GMT
last-modified
Mon, 26 May 2025 04:59:00 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 5DF4 		0
49 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=164250&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:33 GMT
server
nginx
khaos.json
token.rubiconproject.com/ Frame EB39 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
content-length
7
content-type
application/json; charset=UTF-8
generate_204
ep2.adtrafficquality.google/ Frame 4E49 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?ze24Aw
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
cross-origin-resource-policy
cross-origin
sodar
pagead2.googlesyndication.com/pagead/ Frame CEE7 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20250521&jk=7522287750067487&rc=
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
x-xss-protection
0
content-type
image/
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame 7103 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gda_r20250521&jk=682242285604700&rc=
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.189.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax31s16-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
x-xss-protection
0
content-type
image/
server
cafe
generate_204
ep2.adtrafficquality.google/ Frame EC25 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?PQlsTw
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
cross-origin-resource-policy
cross-origin
PugMaster
image6.pubmatic.com/AdServer/ Frame 5DF4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98833464&p=164250&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ac2b1764d925f11cc55c7518fc7078ab192b8d3444ca482186993a61901ab033

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
1746
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 26 May 2025 10:50:34 GMT
content-type
text/html; charset=UTF-8
/
d0.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-3-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d0.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip113.ip-51-195-73.eu
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d1.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip36.ip-51-195-115.eu
Software
/
Resource Hash
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d2.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.145.78 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip78.ip-135-125-145.eu
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d3.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip30.ip-51-195-126.eu
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d4.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip222.ip-51-195-34.eu
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d5.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.73.71 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip71.ip-51-195-73.eu
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d6.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.195.34.220 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip220.ip-51-195-34.eu
Software
/
Resource Hash
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
/
d7.eu-4-id5-sync.com/ Frame 83D0 		1 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip80.ip-135-125-146.eu
Software
/
Resource Hash
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

access-control-allow-headers
*
access-control-max-age
3600
access-control-allow-origin
*
content-length
1
content-type
text/plain
access-control-allow-methods
GET, OPTIONS
Pug
simage2.pubmatic.com/AdServer/ Frame ADC2
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=199crd8bevqx
1 B
170 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=199crd8bevqx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 26 May 2025 10:50:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=199crd8bevqx
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8F46
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2b067109-57f8-4188-a422-f3e61827361e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=2b067109-57f8-4188-a422-f3e61827361e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ef647ac6-e798-44e0-81a5-8ad82db8120a&user_group=1&ssp=pubmatic&bsw_param=2b067109-57f8-4188-a422-f3e61827361e
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 26 May 2025 10:50:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 26 May 2025 10:50:36 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2b067109-57f8-4188-a422-f3e61827361e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 2901
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&g...
42 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 26 May 2025 10:50:35 GMT Mon, 26 May 2025 10:50:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=xNsI07-x2B1eGDfogBdHm5c7zq-TLWgq1A-21q8J7FM&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
pragma
no-cache
vary
Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame A4AD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&__qcmcs=1
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5U82lOdAMsL-RmSZ4UEow7dCM8P-FGGX6hJe5ByK
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5U82lOdAMsL-RmSZ4UEow7dCM8P-FGGX6hJe5ByK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-store, proxy-revalidate
content-length
0
date
Mon, 26 May 2025 10:50:35 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5U82lOdAMsL-RmSZ4UEow7dCM8P-FGGX6hJe5ByK
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 26B3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_...
85 B
171 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aDRHegAToLhJCAAL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2816
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 26 May 2025 10:50:34 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
6715
x-robots-tag
noindex
x-served-by
cache-per12622-PER
x-timer
S1748256635.901687,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aDRHegAToLhJCAAL
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-robots-tag
noindex
x-served-by
cache-per12622-PER
x-timer
S1748256635.608985,VS0,VE244
Pug
simage2.pubmatic.com/AdServer/ Frame 718F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2421704724926579137
42 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2421704724926579137
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2421704724926579137
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B730
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 26 May 2025 10:50:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-j6mXs5zUkph93MDxyvV6mds5_Q&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame C812
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912&gdpr=0&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=eb89fb959c4165fa&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub8730968190912
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3091f5b32d7f4349ba2c61837f81594e
42 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3091f5b32d7f4349ba2c61837f81594e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 26 May 2025 10:50:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3091f5b32d7f4349ba2c61837f81594e
pragma
no-cache
server
Tengine
cm
ipac.ctnsnet.com/int/ Frame 16F6 		43 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 26 May 2025 10:50:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 5737
Redirect Chain
  • https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AcFNEpvVRjxTks8AKGevVaqET88AAAGXDDc44w
42 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AcFNEpvVRjxTks8AKGevVaqET88AAAGXDDc44w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 26 May 2025 10:50:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
strict-transport-security
max-age=16070400; includeSubDomains

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 26 May 2025 10:50:35 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AcFNEpvVRjxTks8AKGevVaqET88AAAGXDDc44w
pragma
no-cache
via
1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
x-amz-cf-id
2o_wDFu-Lssh7Q2GtQ80BwawD6K6I9ugboyw8FSKbY4gck3L0H-Rsw==
x-amz-cf-pop
SYD3-P2
x-cache
Miss from cloudfront
pixel
adx.dable.io/ Frame 4184 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.dable.io/pixel?dsp_id=46&uid=87015C4D-B41F-46A6-8685-CBCABC476A0B&dable_uid=93461531.1748256630623
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.235.205.25 Osaka, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-235-205-25.ip.linodeusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

date
Mon, 26 May 2025 10:50:34 GMT
server
nginx
receive
pixel.tapad.com/idsync/ex/ Frame 5DF4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=87015C4D-B41F-46A6-8685-CBCABC476A0B
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=87015C4D-B41F-46A6-8685-CBCABC476A0B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=309e394d-430b-468e-a5a9-386b5ab9f43d%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&ttd_puid=309e394d-430b-468e-a5a9-386b5ab9f43d%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&ttd_puid=309e394d-430b-468e-a5a9-386b5ab9f43d%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=164250&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fadx.dable.io%2Fpixel%3Fdsp_id%3D46%26uid%3D(PM_UID)%26dable_uid%3D93461531.1748256630623
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.25) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Mon, 26 May 2025 10:50:35 GMT
content-type
image/png
server
Jetty(11.0.25)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6c31cc5a-c4d8-4027-bca7-6b7704c8c0d2&ttd_puid=309e394d-430b-468e-a5a9-386b5ab9f43d%2C%2C
content-length
359
date
Mon, 26 May 2025 10:50:35 GMT
server
Kestrel
sodar
ep1.adtrafficquality.google/pagead/ Frame 7BFE 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20250521&jk=7522287750067487&bg=!6uml6abNAAYA59AtIOc7ADQBe5WfOI4t_TZckjGhAUejl_4p6Sd3AVuvEvryntUv9MOQGqgqp8ULYl-TMIdZJvTog4UOAgAAAKVSAAAACGgBB34ANvt8JOY3CLEfIKaTjN0dWm4CQvlGdhp3HQFM99iGUTZSX8MDj1cLgCIlDpfQA75Or61bPyhdTZkCrsea7PqPr8f_ld48krgsjWze8AOpUgmuGwMeFZMNTNyaXhj7aE30nwpqgBWehzlUecf9svzPAJLojLYqZ2szm8iLly1ufe2JjDRvq8T-YwW9olcxENPYQOAF9W_neGnZvqiU-xZaJMGdtmvgaAVE-qEunz-bkQWLPEAEzGNn0VyC53OHallGIgx9AJGhbQRRHZxFnxzPUINvOZuKFnaMh7PqK48M4TF7FfQwgRA6WEKDZRJCSbeLpRzphywP6Am-o6Oi5OmTFmjrbRXIixkBT1trpr1chgUw_TeWNFjuDWdCsrGA00XFtzvQhJZPGb2FheGWnD0rj5PwBPkpiSDKb-JZjA6bBwlS_YcEOB7Q81Cn-dDb1losinrAjBGBr0bA1qGKy3qAYxiOg6ImiULyLbGpX6xprobwpdz074tIOGrkVF5aVHHxHydIfW4EqQjMuQtxGlCQm11Xn2E2Hq2wYLGVx0yFC-u1hJUMBvVDO8YJxfjvr5s4JFpcFFtuAqvswQ5n7HHL3YrOBM3ldyvU8r0ZnHRGbOIu3iEj3SY0w4KahjH_e-tZ3kl25PKSOGzBOrsgsNX5QznJ_45Jz9PyAGq6YYhcHYrA5PxW61koha21IbjEM1XTMhCRkAbKeevSR2GDRzoR3pXreUMm7N7ful4bolpz15NIe_Y4PGsCrp7AibIvJFZQdHZid6byDlJU_MQi525KfonXw5AoWpPMaGY3O-TZLSrh4fI9kbsYsKqVO-Ux0xLb3y93WUzPA01vDNNoLPP_qLT5a8-w8aPwRnM9DS1qwPenErQ9fMdAS_XgB9HmphArtaS8OwF_93m9PinsqJeEs5EEES9B14Wwpd0f_AWGs216Ux8fD39XkFNj3gUhPPEIu0fGqpvfw3pJrwH3v-TLEFHmhXB0xjDR
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
x-xss-protection
0
content-type
image/
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ Frame 4F9C 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gda_r20250521&jk=682242285604700&bg=!z8ylzIPNAAYA59AtIOc7ADQBe5WfOORY6D-Mof37x74Twt7ZU5UQ7e010H2ldBKYb9omiluDka2NQaj82ddJNC5Zq6EAAgAAAKNSAAAABmgBB34ANsCUHXRBsUgfZn1FuSLqewHdEabq4Q2jYgcITrFZXdkJi9e1vyBuKjx-IP1j7h9YeH3QEUNLmAoAAYCZAqQmEpa0S9ciGza4MXZDCDdT_DRVC7iGcxfnJUWxt26uVIGMtD2Fe-L1m1S5g0wPZqbtBtbrNdQVGG6h9Ooc3O2Ux6ewVe6S9dn0Vgsaq9jlPyJccNtPe2ONgHSU2l_Wq60JaroCH0nnm6s8ti6MbLMdGN3I3LGRuQzG675KWRHBvIQnmryzkAweYjbA3kgGAInZTQBH-iPcbrQX9PMiXH-KJhAZ8hHI1d-wkrOuQE7qIH98e0IfAwiqvJWe6_6Pc3DQVn1md5o4Wksug3az-49Czzz4t-tGZJvzAxN54Ar2uxp6QiBLEzKfP7VpvLNHUd_kUZpgSIqvp8Igic6eXmwDr9WeF38oQhdcgJufE0EnimnkX9wVUVj9J-A2t6qJh2wITJvawkHpxwChHP2ndPOiWPWJf99t6DQOsW28b6BrguGjY0A8IJutvOJeMYTfcgJsZVU_5GJ9HyRII_ftgaoo67T3xzc0RSIZDpzOzMWKhGj2y-Zt87QOST5PKEGu-mv6ocO8JZWPhrjzQ7kVAxDuQl2OSYCBAy1EFSeAUALU-ZO5gtpbvgDNaFMiACID-Zq-5K-R8NE5YMhHFi8odXnFw3SKtQHaO06sqSfC9C8igSjv-RlgiiS44jEhWmkK76Mz6vNF4hJGu3x34B5blLnLdHm2u13eZnIPEyV89beg5i2059UnUKE_zuN8hOKAVKFL_TWMc4UeZDIseJnynEymHAGhKdIell9AIDPn9m8S13bL-7gfs-BJvbxWqmcdZvdRBFT_uNu2xzVm5O76GkaxJqS6mVvkSFjLJTQI_Kz9UbQOKOR7yz7NCuPkAPmcpvzw3WCJdj2VF5--mMxnUO66yieTPF2LCMS8-sNsg5Cr5oScjBFD0_knKq3r5IwNF4mgQtEN
Requested by
Host: www.thevibes.com
URL: https://www.thevibes.com/articles/news/108682/man-claims-he-sprayed-monkey-with-paint-to-scare-off-others-says-selangor-wildlife-dept
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 26 May 2025 10:50:34 GMT
x-xss-protection
0
content-type
image/
server
cafe
m
cm.mgid.com/ Frame EB39
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=MB4YUZZC-1-1D8M
  • https://cm.mgid.com/m?cdsp=43070&c=MB4YUZZC-1-1D8M&gdpr=0
43 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=43070&c=MB4YUZZC-1-1D8M&gdpr=0
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
104.17.199.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
pragma
no-cache
x-content-type-options
nosniff
cf-ray
945cb6671fa68655-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
43
date
Mon, 26 May 2025 10:50:36 GMT
content-type
image/gif
server
cloudflare
priority
u=3,i

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.mgid.com/m?cdsp=43070&c=MB4YUZZC-1-1D8M&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
content-length
0
Content-Type
text/html
ecm3
s.amazon-adsystem.com/ Frame EB39
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=MB4YUZZC-1-1D8M&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MB4YUZZC-1-1D8M&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
DHTRXBBDDJQ26061HGFV
Content-Length
43
Date
Mon, 26 May 2025 10:50:35 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MB4YUZZC-1-1D8M&ex=d-rubiconproject.com&status=ok&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c80248407eff6cf595ce43a76c04e23f
content-length
0
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame EB39
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDEwNzI0NWY4NTIzOTdkM2M0MzdjZjIxNGZmODYzMjVkNzU1ODg2OQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDEwNzI0NWY4NTIzOTdkM2M0MzdjZjIxNGZmODYzMjVkNzU1ODg2OQ&gdpr=0
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
74.125.23.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Mon, 26 May 2025 10:50:34 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDEwNzI0NWY4NTIzOTdkM2M0MzdjZjIxNGZmODYzMjVkNzU1ODg2OQ&gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Pragma
no-cache
content-length
0
dcm
s.amazon-adsystem.com/ Frame EB39
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Requested by
Host: 66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com
URL: https://66c590697580e35fd88ce7e6a08e384d.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
YQ4EJD6S5JF8KS4NQ2CB
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Mon, 26 May 2025 10:50:35 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
TPXX4ZRX5CWYM64SGC5F
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Dat